One notable quote was from Howard Schmidt who said, .There is no cyberwar,. but I don.t think he ever defined what a cyberwar would look like - so I don.t know how we.ve decided we aren.t in the midst of one. Maybe he.s absolutely right and we aren.t in the middle of anything like a war (just the low rumble of espionage), but I.d like to hear his definition one way or another so that I can know when I should start being outraged.
But I wanted to do a quick writeup on the RSA Conference registration computers themselves, while I was thinking about it. For some reason, my entire life, I have just assumed programmers think the same way I do. Then I am always annoyed to find out they don.t. Physical security is tough, don.t get me wrong, but kiosks are one of those things you really need to be careful to protect from physical tampering and logical attacks. Anyway, I was sitting there waiting for one of the pages to load, and it was taking forever. Because there was no onscreen indicator that it was waiting, I started wondering if the form was even working at all, or if there was some dumb JS error or something else that would cause the page to never load. So I clicked on one of the links at the top in the navigation and it gave me a .Diagnose Connection Problems. error and worse yet, it popped out of the Kiosk mode. Never a good sign. It looks like they.re protecting the application from most classes of attacks simply by disallowing outbound network access. Let.s assume there were no way around that for a second (and I.m not convinced of that, incidentally).