Defense spending, out of control…

Not long ago, Secretary of Defense Robert Gates gave a speech on the defense budget and defense spending.  In it he states:

the US battle fleet is larger than the next 13 navies combined, 11 of which belong to allies and partners

The Pentagon must hold down its spending and make choices that will anger “powerful people” in an era of economic strain, Defense Secretary Robert Gates said in a weekend speech in Kansas.

I had pointed this out in a video I made a few years back, granted this was focused on the War on Terror and the Bush Administration’s Policies, but let’s be honest, so far Obama hasn’t exactly brought the budget into control for defense or overall.  Granted economically he was more challenged by failed policies of previous, but he hasn’t (publicly) shown to have reduced the defense budget or spending.

Now I am ex-military and insist we arm and equip our service people with the tools needed to carry out their mission, but when we are so overwhelmingly big vs our next competitors, it really shows we’ve gotten out of hand in our priorities and spending.  Given that we’re touting how our taxes are the lowest in years, I’m curious how we think we can stay viable when we are running ever larger deficits and spending more with each year relative to our economy?  I guess the theory is if we can beat the rest of the world up, we can’t be forced to pay our debts.

Islamic Cleric Speaks out against terrorism

Ok old story but I just am getting around to posting it…

Maybe this happens more often than I know of, but I think it’s great that this is happening.

Maybe if more religious people spoke out against people using their religion as an excuse to commit crimes and acts of violence, then we’d have less terrorism, abortion clinic bombings, and general stupid stuff going on.

Update 8/12:

New video produced by moderate Muslims condemning terrorism.  It was covered by CNN.  Another Muslim summit, denouncing terrorism, from the same cleric who issued a fatwah against terrorism.  In addition, this is a good article describing the controversy and the issues around the building of (among other things) a Muslim Center and Mosque near ground zero.  Specifically the point being made about the marginalizing of Islam being the exact wrong thing to do when trying to avoid extremism in that religion.  Worth a read, even if you don’t agree with the placement of the Mosque.

Air Marshals not so effective…

So I’ve posted about the ineffectiveness of anti-terrorism measures before, but this is truly rediculous.  More air marshals are arrested than they have made arrests?  That’s a truly WTF moment if I have ever heard of one.  Of course security isn’t always easy, and even doesn’t always work even if the idea is good, but this is bit over the top.

 Thanks to Bruce Schneier and his blog for the link and comments.  Also a note to say that I do understand the deterrant effect of the program, I just think that the trouble here outweighs the benefit.

UPDATE:  It looks like the No-Fly List is being reviewed for improvements.  This process could be effective, but really isn’t, largely for the same reasons that security is hard, and often doesn’t work.  The bad guys have the advantage of not following rules; like not using their own names, having aliases, identity theft, etc.  Then this situation is compounded by the politics not allowing anyone to be removed easily for fear of “letting one go”.  Rediculous, because the lists become so large and unmanagable that you might not catch the guy until it is nearly too late. If at all.

TSA Rulings, good news to my ears

I just wanted to drop up a short post to share this ruling about TSA Searches.  Why?  I had just asked about where my protections from illegal search and seizure were, and this comes out.  Maybe I should ask where my lottery winnings are next?  🙂

Just a quick link….

Edgy and very tech related, but I found this Tech Cartoon Site a while back and never posted a link.  So here is a link to the site.

A recent favorite:  A Salute to Bio Majors.

If we join you against the Chemists, will you train our fleshy minions to leave us alive?

Homeland Security, if it would only work…

So it’s approaching seven years of the anniversary of 9/11, and one can argue that progress has been made to better secure our country against the threats of low intensity, asymmetrical conflict (for those not familiar with those terms, read that as terrorism, though really that term is nearly meaningless now with all the ways it is abused).  But for as much security and security theater as we have, there is still a notable opportunity for pork barrel spending, cases of misuse after misuse after misuse, and heck even lots of just plain incompetence to go around. 

Business Week shows that many Department of Homeland Security (DHS) projects are plagued by trouble and their own IT Systems might not be secure.  And with all of the focus on airports, we might just be missing out on the bigger threats like our borders.  (This isn’t meant to extend to the immigration debate, only in so far as terrorists can in fact cross the border in many ways not guarded today).  Heck even MI5 has come out and stated there is no profile for a terrorist candidates or potential recruits and Malcom Gladwell states profiling doesn’t really amount to much.

But they did warn us about liquids that can be dangerous, and Yankee Stadium got into the spirit of things by confiscating sunscreen.

So how do we do this?  What’s the right answer?

I’d suggest to start with the basics, and that is that a cost benefit analysis and some rational thinking, which would go a long way to resolving this.  Oh yeah, and remembering that life isn’t safe.  Ever. Terrorism is nasty, no doubt, but it’s not likely going to be the thing that kills you.

How do you know if you have good code?

Ok, I saw this on the site of the Veracode folks a while back, but it still bears mentioning, or as they say in some circles QFT.

Is my Code Good?

Is my Code Good?

So lots of folks have been wondering about a security mindset and how that maps to product creation or implementation of software.  Some even state that this mindset is in fact part of mathmatics and can be taught there.

Security is about thinking about stuff and how it can be broken, and the usual computer engineering is more busy thinking about stuff can be built.  The trick is, we need our builders to think about BOTH while building systems, or we can’t sufficiently and cost effectively move away from security as a separate governance to an engineering process.  And if we can’t do that we’ll be stuck paying for security as an after thought, vs having security “built-in”.  I see trending that this might be changing at the OS / platform level, however the Web 2.0 and Cloud / Grid folks really seem to need to pick up on this lesson.