video:
http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/view/
transcript:
http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/etc/script.html
A PBS Frontline documentary, (1 hr. long, streaming) where our new best friend, R. Clarke is a main subject. It was published April 24, 2003 meaning the actual interviews with Clarke took place over a year ago, while Clarke was still employed by the White House. Any question about what this guy's interest is should be laid to rest after watching this. This man is all about security, NOT politics. What made him such a security nut, I don't know, but his single-minded focus is a freakish gift that we all ought to be thankful for.
Given that this was filmed while he was still working with this administration, and also that by the time editing wasn't complete until after he resigned, this documentary has captured a perfect reference point-in-time. At the end, there is mention of the issues that have come to light for most Americans in the past few days, and it is obvious that the White House was ignoring Clarke obviously enough that Frontline picked up on it:
NARRATOR: But elements of the Bush administration simply aren't in the mood to back Clarke up in these battles.
BARTON GELLMAN: He runs very quickly into ideological opposition in the Office of Management and Budget and the Council of Economic Advisers and elsewhere in government to the very idea of telling private industry what to do. It looks too much like "big nanny" government to them, and so they are putting very sharp limits, or were putting very sharp limits, on what Clarke could do there.
NARRATOR: And in February 2003, a bureaucratic shuffle removed Clarke's operation from the White House. It was folded into the gigantic Department of Homeland Security. But Clarke wasn't. He decided to leave government. But he would not go quietly.
NARRATOR: The man who was right about the danger of Al Qaeda -- and who has come to believe that the cyber war is real and that America is unprepared -- will now do all he can to sound the alarm.
RICHARD CLARKE: After Pearl Harbor, we did a tremendous job of defeating the Nazis and the Japanese. After Sputnik showed that the Russians were winning the space race, we did a pretty good job of national mobilization and we beat the Russians to the moon. After September 11th, Al Qaeda's little sanctuary in Afghanistan was gone in a couple of months, and we're now doing a very good job of rounding terrorists up around the world. After the fact.
Wouldn't it be nice, for once, when we have the experts telling us we have a big risk-- wouldn't it be nice, for once, to get ahead of the power curve, solve the problem so there never is the big disaster?
Frontline has around 30 full documentaries available on
There is more talk about corporate responsibility as well. I reccomend watching the whole thing, but for those of you too busy to watch it, too lazy, or using a 28.8 modem, I'll post more transcript:
NARRATOR: The Bush White House made it clear to Clarke that a public-private partnership was the way they were going handle this problem. But in the beginning, American industry didn't believe cyber war was a problem. Then they didn't believe it was their problem. And they didn't much like the idea of the government telling them to spend their own money to plug cyber holes.
ROGER CRESSEY, Cyber Security, White House, '01-'02: Dick's objective in educating industry on the importance of this issue was to get their attention, to shock them-- in some respects, to shame them because they needed to understand that the return on investment here is not something that's tangible, that you can put your finger on. It's a return on investment that plays out over an extended period of time. So if you're spending so little money on cyber security, then you really deserve to be hacked. And if your systems are brought down and if your systems are compromised, you have no one to blame but yourself.
NARRATOR: When it comes to blame, the favorite targets of the cyber security forces are the companies that design and make software. They say enemies identify its vulnerabilities and exploit them in SCADA in home and industry computers. Clarke says this is the chink in America's armor.
RICHARD CLARKE: It's absolutely unforgivable that major software companies in this country and around the world continue to produce sloppy products.
NARRATOR: When it comes to fixing the software problems, all roads lead to Microsoft, and it says it's now committed to improving its products. Cyber security chief Scott Charney speaks for Microsoft.
SCOTT CHARNEY, Microsoft Corporation: What would you have us do as a company that we're not doing today? We're doing a security push on every product. We're building things that are secure by design, secure by default. And we're fixing patch management to keep you secure in deployment.
RICHARD CLARKE: Major software companies have in the last year said that they're cleaning up their act-- notably, Microsoft, which says it has introduced new qualify assurance procedures. Frankly, it needs to, because it's had a record of very sloppy products rushed to market without concern for security.
NARRATOR: There are a variety of tough measures being talked about. They're designed to force Microsoft and others to clean up, including imposing civil liability.
SCOTT CHARNEY: When companies start paying liability claims and legal fees and everything that comes with it, where does that money come from? Well, you can raise the cost of the product, but that might be counterproductive because one of the great things about software is how the price has been driven down so it can be available to everyone.
The second thing you can do is take it out of profit, which means it comes out of the investor's pocket. Or you can take it out of cost, perhaps by paying people less, and driving your best security people right out of the company.
NARRATOR: More and more, Clarke found himself having arguments like these with leading high-tech industries, arguments that led to the ultimate threat: regulation.
RICHARD CLARKE: If there's a major devastating cyberspace security attack, the Congress will slam regulation on the industry faster than anything we can imagine. So it's in the industry's best interest to get the job done right before something happens because after something happens and our economy has been really badly hurt, there will be regulation.
SCOTT CHARNEY: Is regulation really an effective way to get where we need to go? And to what extent will regulation stifle innovation? Because if you tie down industry and say, "This is what you must do," then you also tie down the technology. So I think there are a lot of reasons not to go in a regulatory fashion.
O. SAMI SAYDJARI, CEO Cyber Defense Agency: Regulation is not part of the policy of the current administration. They are very reluctant to use that, and it's understandable. Regulation and its effects can be-- can have different effects than you really intend them to have. And so one has to think about it carefully. At the same time, this is very much on the order of fire codes. If we don't do these things, it not only affects the people who are going to be attacked but the entire society fabric.
NARRATOR: But elements of the Bush administration simply aren't in the mood to back Clarke up in these battles.
Frontline has around 30 full documentaries available on the site. Check them out, as they are are consistently great.
(another video link for all of you without tv, but still crave moving images from time to time.... TOP secret daily show link, (archive):
http://www.comedycentral.com/mp/browse.php?s=ds