Wednesday, February 16, 2011

Cyber privateer code: 100-to-1 restitution

Saturday, I posted a tongue-in-cheek note on the cyber security gang that couldn't shoot straight. The New York Times story was picked up and continued in today's Computerworld, HBGary Federal quits RSA over Anonymous WikiLaks eamail. In today's story, Computerworld shares reader comments on the HBGary Federal fiasco, and I can't help but be entertained. Gosh it must be embarrassing for a security company to be so badly spanked in public, and I should be ashamed of myself for jumping on the dogpile. Except I'm not. Because if the exposed emails are authentic, then "the gang that couldn't shoot straight" actually proposed illegal actions. So their "not shooting straight" is a double entendre. All along, I have made it clear that cyber privateers should be legally bonded, and must follow the cyber privateer code of honor.

That said, the acts of the Anonymous group who unveiled the HBGary Federal emails are also illegal and cannot be justified. Ditto for WikiLeaks. But I confess a certain amount of schizophrenic interest in the fruits of this thievery. Amusement at the stupidity of the approach recommended by HBGary Federal, and embarrassment at the culpability of US diplomats in hiding the truth about some of the world's bad guys. From whom are we trying to keep secrets? Certainly not the bad guys, who know that we know. No, as a matter of policy we're trying to spare the bad guys from public scrutiny. We're keeping secrets from the public, because public opinion might force a more coherent policy making process.

My own attitude is that we ought to shine the light on the world's cockroaches. Nevertheless, that end does not justify the means used by Anonymous or purveyors of WikiLeaks. Which is again why I call on an above-board legalization of cyber privateers, who will be held to a strict code of conduct and authorized by a bonding authority who won't take kindly to 100-to-1 restitution metrics. I'm intrigued that my first draft of the cyber privateer code seems to stand up, even after three months of kicking it around. Draft one! Not bad, friends. Not bad.

Go figure.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?