The strategy is expected to recommend steps industry and government can take to improve the nation's computer security posture. The majority of the document likely will direct the government to lead by example and tighten the security of federal information systems.

Clarke on Thursday also confirmed media reports that he will resign after 30 years of public service. His deputy, Howard Schmidt, has assumed his duties, Clarke said.

Slashdot | Bush Names New Cyber Security Czar.

goombah99 writes "The Washington Post reports that Cybersecurity "czar" Richard Clarke has confirmed widespread reports that he is leaving the White House, to be replaced by former microsoft security chief Howard Schmidt. He was also part of the Air Force's 'Computer Crime and Information Warfare division'. In related news, the National Strategy to Secure Cyberspace has received Bush's signature and will be released to the public in the next few weeks. Clark's blunt staements on the to the need to avoid erosion of privacy rights is rumored to have rubbed the administration the wrong way, prompting his exit. Anyone know how Schmitt will view the relative security of closed versus open source?" --- Nothing says "Security" better to me than "Former Microsoft Security Chief".

Slashdot | Your Rights Online - E.U. Commission Suggests Permissive Copyright Rule.

An anonymous reader submits "ITworld.com is reporting: 'The European Commission on Thursday presented a draft directive that punishes copyright infringement for commercial purposes, but leaves the home music downloader untouched, infuriating the entertainment industry.'"

Business 2.0 - Why Spy?

Technology that monitors employees' Web usage sounds like a smart way to keep them focused on work. Wrong. Let 'em surf.

[ ... ]

Other unintended consequences of electronic monitoring are more difficult to measure but potentially worse for business. Studies show, for instance, that electronic monitoring results in lower job satisfaction, in part because people begin to believe the quantity of their work is more important than the quality. Monitoring also induces what academics call psychological reactance: the tendency of people to rebel against constraints. Tell people they can't shop, they can't use corporate networks for personal business, they can't make personal phone calls, and their desire to do all those things goes up. Another worrisome consequence stems from the self-fulfilling prophecy, which simply means that people behave as they are expected to. So if you expect an employee to do a good job, he or she probably will. Act as though you distrust people, and you create employees who are, in fact, less trustworthy.

This is the thinking at SAS Institute, the world's largest private software company and a place consistently ranked in the top 10 on those "Best Places to Work" surveys. Other than flagging for porn sites, SAS doesn't monitor its workers' Web use. The company tells its people to use company resources responsibly but doesn't mind if they, say, check sports scores or use the Web for shopping.

Slashdot | Microsoft Blasted For Lax Security.

fducky writes "Once again Microsoft is blasted for lax security. This CNN article cites experts denouncing the recent Microsoft security efforts as rating an 'F'. The recent MS-SQL worm got this most recent round of MS bashing going. Google News has more stories on the subject."

Slashdot | The Always-Encrypted Firewire Hard Drive.

ducman points to the announcement of an encrypted hard drive running on the MacNN website. The drive features a DES 64-bit/ 40bit key strength and "is intended for use by banks, insurance providers, government agencies, and those individuals with sensitive digital intellectual property. It supports the IEEE 1394a connectivity standard, in addition to USB 1.1 and 2.0. It offers data transfer rates over FireWire 400 of 100, 200, or 400 Mbps. The SuperGuard is expected to be available February 7." --- Sounds great -- but the USB key stuck in the back looks like a likely point of failure.