Neil Degrasse Tyson proposes solution to computer hacking problems

[vaskidmark]

http://twitchy.com/2015/01/03/neil-degrasse-tyson-blows-more-minds-with-idea-to-prevent-computer-hacking/

With minds like this our country ought to be safe.  I'm pretty sure ISIS/ISIL and La Raza both will pass on conquering us once they realize the implications.

Hopefully the  next time Degrasse Tyson applies for a day pass from the institution it will be denied.

stay safe.

[Devonai]

That website no worky on my tablet. What's the gist of his proposal?

[Fly320s]

That website no worky on my tablet. What's the gist of his proposal?

Neil deGrasse Tyson        ✔   @neiltyson 
Follow

Obama authorized North Korea sanctions over cyber hacking.  Solution there, it seems to me, is to create unhackable systems.

[roo_ster]

Obama authorized North Korea sanctions over cyber hacking. Solution there, it seems to me, is to create unhackable systems.

    — Neil deGrasse Tyson (@neiltyson) January 3, 2015

Dude's a ****ing genius!


Some of the responses to Tyson's stroke of genius:

    .@neiltyson Also, how about a new type of dog that poops money? Hey, I'm just an idea guy, you scientist work out the details

    — David Burge (@iowahawkblog) January 3, 2015

    .@neiltyson I think an answer to time travel is a time travel system of some sort. Are you hiring at the Science factory?

    — David Burge (@iowahawkblog) January 3, 2015

    Tornadoes? The answer, it seems to me, is have Bill Nye the Science Guy trap them in 2 liter Coke bottles, then blow them up with Mentos

    — David Burge (@iowahawkblog) January 3, 2015

    .@neiltyson Solution, it seems to me, is to genetically engineer cancer-proofed humans.

    — Popehat (@Popehat) January 3, 2015

    .@neiltyson Solution, it seems to me, is to convince ISIS that they are wrong, and should embrace universal love, and Science.

    — Popehat (@Popehat) January 3, 2015

    .@neiltyson Solution, it seems to me, is to create foods that make farts smell like roses.

    — Popehat (@Popehat) January 3, 2015

    .@neiltyson Solution, it seems to me, is clone Carl Sagan and let him produce a Cosmos remake that isn't bad cartoon about evil inquisitors.

    — Popehat (@Popehat) January 3, 2015

    .@neiltyson Solution, it seems to me, is that babies and puppies should be housetrained in the womb.

    — Popehat (@Popehat) January 3, 2015

    .@Popehat @neiltyson Solution, it seems to me, is to allow the Enterprise to warp backward to 1967 and help Gary Seven prevent the internet.

    — Tom Nichols (@RadioFreeTom) January 3, 2015

    .@Popehat @neiltyson Solution, it seems to me, is to secretly replace all microchips in North Korean computers with Necco wafers.

    — Tom Nichols (@RadioFreeTom) January 3, 2015

    .@neiltyson Solution there, it seems to me, is to let Edith Keeler live.

    — Nathan Wurtzel (@NathanWurtzel) January 3, 2015

    @iowahawkblog @neiltyson I'm out of bacon and the bacon store is 300 miles away. Solution, it seems to me, is flying, self-butchering pigs.

    — Todd Lemmon (@toddlemmon) January 3, 2015

    .@neiltyson There were 30,800 fatal car crashes in the U.S.A. during 2012. Solution there, it seems to me, is to create crash-proof cars.

    — Brian P. Hickey (@BrianPHickey) January 3, 2015

    @neiltyson and umbombable cities, and unkillable people, too

    — Stuart Taylor (@chainbear) January 3, 2015

    @neiltyson that's as realistic as creating humans who can't get sick.

    — Drew Starr (@TheDrewStarr) January 3, 2015

    .@neiltyson we should also make people immune to gunfire and nuclear explosions while we're at it. [Seriously, WTF?]

    — Voidy (@Voidy_) January 3, 2015

What gems do future Neil deGrasse Tyson tweets hold?

    Neil deGrasse Tyson's next tweet: "Solution, it seems to me, is to make the entire PLANE out of the black box."

    — Jeff B@AoSHQ (@EsotericCD) January 3, 2015

[roo_ster]

Of course, there is the bit that the Norks may not have been behind the Sony hacking.  Obama did not let that stop him.  OTOH, slapping the Norks about is generally a good thing in and of itself.

[230RN]

Is it possible that he was saying in a backhanded way that there's no way to prevent it anyhow?

Might be sarcasm/humor that just fell flat.

Terry

[roo_ster]

Is it possible that he was saying in a backhanded way that there's no way to prevent it anyhow?

Might be sarcasm/humor that just fell flat.

Terry

I've seen him speak.  He is big on derision and takes himself very seriously.  Self-deprecating humor is not his style.

[Perd Hapley]

Some of the responses to Tyson's stroke of genius:

I liked "You're gonna need a bigger science wand."

[MillCreek]

I laughed so hard at some of the comments that tears ran down my leg.

[mtnbkr]

I've seen him speak.  He is big on derision and takes himself very seriously.  Self-deprecating humor is not his style.

I haven't seen him speak in person, but I get the same vibe from him in his videos.  It makes it hard for me to enjoy what he's a legitimate expert in.

I liked "You're gonna need a bigger science wand."

Me too.

Back to the OP...

While he's a bit too flippant with his suggestion, NDT does have a point in that we don't do enough to secure systems these days.  I work in IT Security for a Managed Security Services Provider (MSSP) and have access to the security infrastructure (either directly or via the monitoring we put in place) for some scary large companies worldwide (I'm quite certain everybody on this board has a product or service from, or is in some way touched by the companies that are my customers).  I see frequent examples where things were done "the easy way" or not at all.

There's a huge amount of space between what we have today and "unhackable" just on the technological side (defense in depth, monitor what you have, respond to the alerts, centralize security functions so a cohesive plan is developed, implemented, and followed).  Then you get into the human side of IT operations (users and such) and the space grows even more (passwords, monitoring user activity, policies with teeth).  Even proper physical security plays a role (don't allow people unescorted access within your DC, keep all equipment cages locked, cage off critical systems separately from the rest, etc).  The point is, we're not doing enough and aren't taking advantage of the controls we have at our fingertips today.  Even if there were such an unhackable system, it wouldn't remain that way because humans are stupid and lazy and will punch all sorts of holes in the system to make life easy.

Chris

[Hawkmoon]

Is it possible that he was saying in a backhanded way that there's no way to prevent it anyhow?

Might be sarcasm/humor that just fell flat.

Possible ... but unlikely.

[Ben]

Tyson is an A#1 example of a pompous ass out of academia.

Mtnbkr brings up good points though. I have no experience in private sector IT security, but in fed.gov, we did annual security inspections involving scans and inspectors physically coming out to look for holes - everything from improperly configured equipment, to visitor logs, to people going to the head and leaving their CAC plugged in. I forget which DoD protocol it was, but it generated POAMs every year (basically a list of crap that had to be mitigated). The end responsible person was each agency's head, generally an Undersecretary.

All anyone ever cared about when mitigating POAMs was, "How can we respond that this actually isn't a problem that needs to be fixed? If we can't do that, what's the quickest and easiest workaround to check the box that the POAM was fixed, even if it's really not?" Mitigating security holes was all about doing the least amount of paperwork and having the fewest POAMs so that your agency CIO wouldn't look bad when reporting to the Undersecretary. Actually fixing security holes was secondary.

In some defense of the people who wanted to sweep stuff under the rug, the entire POAM process was such a big boondoggle of time consuming reports and paperwork, that you spent more time talking about problems than actually fixing them. If the procedure is similar in large private sector companies, I can see why they have security holes.

[RoadKingLarry]

It isn't much different in big corporations. "Security theater" is alive and well in the private sector.
We were issued iPad airs for work a few weeks ago, I have log into the device with a password,  log into the VPN with an RSA token, then once I'm on the VPN I have to use separate and different passwords for each of the applications I might use.
Oh, and we're told that writing down a list of passwords is discouraged and might be cause for discipline.

[TommyGunn]

Neil deGrasse Tyson        ✔   @neiltyson 
Follow

Obama authorized North Korea sanctions over cyber hacking.  Solution there, it seems to me, is to create unhackable systems.

It's too bad the people who designed the Titanic didn't design an "unsinkable ship," that would have solved the problem ...   uh, wait..... .....  never mind.



Tyson is a "scientist?"   Right?  I mean, he did that "COSMOS" revamp awhile back.   

Unhackable.  Right.  Hey, if I turn my computer off, isn't THAT "unhackable?"   But wait, it's not a system.



  Move along, people ... nothing to see here .....


 

[Hawkmoon]

Unhackable.  Right.  Hey, if I turn my computer off, isn't THAT "unhackable?"   But wait, it's not a system.

But if you network two home computers together, don't you have a system? And you can turn them both off ...

[dm1333]

I laughed so hard at some of the comments that tears ran down my leg.

Were those really tears?   

[Ron]

Like Sagan I wanted to like NDT.

Unlike Sagan he has given me little reason to actually like him.

He's just another dishonest godless philosopher hiding his unsubstantiated presuppositions behind a thin veneer of science falsely so called.

Not a worthy heir to Sagan IMHO.

Of course they are probably blood brothers; Sagan being a little bit more sophisticated and subtle in his approach due to the times.
 

 

[RevDisk]

Very good security isn't easy.

But I do think it would be a very good idea to make any entity processing credit cards reasonably liable for security breaches. Mind you, I've had to implement PCI compliance.

[MillCreek]

Were those really tears?   

I actually shamelessly stole this from my wife, who found it on an eeCard geared towards middle-aged women who have had children.  If you have one of those in your house, you know about the laughing, coughing, sneezing, etc. leading to 'tears down the leg'.

[Andiron]

Perfect example of an obnoxious jackass that's an expert in his narrow little field,  running his suck about everything else and being taken seriously.

[Firethorn]

Some of the responses to Tyson's stroke of genius:

I read the responses in Cave Johnson's voice.

Mostly because they're things I see him suggesting.

[Scout26]

Perfect example of an obnoxious jackass that's an expert in his narrow little field,  running his suck about everything else and being taken seriously.

I think this describes NDT (among many others) perfectly.

[230RN]

Armed Polite Society.

That is all.

[RevDisk]

Armed Polite Society.

That is all.

Concur. I'd like to point out that the alleged NK cyber attacks may or may not have actually occurred from NK sources. Trusting the internet lynch mob is a hundred thousand times more naive than Mr Tyson's notions about information security. IT forensics are even less trustworthy than normal forensics, which verge on pseudoscience. It's pretty gorram rare that you can ever truly pinpoint who did what when it comes to intrusions.

[makattak]

It's pretty gorram rare that you can ever truly pinpoint who did what when it comes to intrusions.

...as long as the perpetrators keep their mouths shut.