Journal: Who will trust open source security from the government? Any government?

Collaboration Zones, Collective Intelligence, Communities of Practice, Computer/online security, InfoOps (IO), Key Players, Methods & Process
Looking for Integrity...

Sometimes the old joke is true. Sometimes the government is just trying to help.

An open source consortium funded by military and civilian security agencies within the U.S. government has released a final version of Suricata, a new security framework.

. . . . . . .

Unfortunately the timing of the release could not have been worse, coming as it did the same week the Washington Post launched its series Top Secret America, detailing just how immense and intrusive the nation’s national security apparatus has become, an economic boom for Washington seen as increasingly dangerous by many on both the left and right.

Jonkman acknowledged the help of “thousands of people” in delivering Version 1.0 of the software, which was immediately fisked by Martin Roesch, creator of Snort, who called it a cheap knock-off funded with taxpayer dollars.

. . . . . . .

On the Sourcefire blog, Matt Olney offered the headline “Innovation — you keep using that word” and a more detailed critique. He concluded with this challenge:

If you want to see what innovation looks like, come to Vegas and let the Vulnerability Research Team (VRT) show you the Razorback system. It isn’t Snort, it isn’t ClamAV, and it isn’t Suricata. It’s a new approach to the detection problem, and was built from the ground up in close collaboration with groups that are facing APT-level threats. It may not be perfect, it may not even be the right answer (but we think it is), but it is truly innovative.


Phi Beta Iota: The Open Source Agency (OSA) recommended by the 9-11 Commission should of course be under diplomatic auspices rather than born dead within the secret world.  It would initially focus on the three Opens (Software, Intelligence, Spectrum), assuring the secret world of a near-real-time feed of processed information in 183 languages they cannot handle now, while also providing decision support to the UN, NGOs, multinational endeavors, and of course the entire USA from chambers of commerce to schoolhouse to tribal and municipal governments.  The OSA will be the first US government enterprise in the 21st Century that understands that government is supposed to steer not row; that government is a beneficiary, not the benefactor.  If and when the OSA is created, it will yield intelligence-driven government policy, acquisition, and operations that should over time result in the reduction of the government to a fraction of its current size and cost.