(Via Ars Technica)

There’s a new report out on US cyber security(PDF)

It’s a big-ass problem:

a growing array of state and non-state actors are compromising, stealing, changing, or destroying information and could cause critical disruptions to U.S. systems. At the same time, traditional telecommunications and Internet networks continue to converge, and other infrastructure sectors are adopting the Internet as a primary means of interconnectivity. The United States faces the dual challenge of maintaining an environment that promotes efficiency, innovation, economic prosperity, and free trade while also promoting safety, security, civil liberties, and privacy rights.

Yikes. So how does the government feel about this?

Leadership should be elevated and strongly anchored within the White House to provide direction, coordinate action, and achieve results. In addition, federal leadership and accountability for cybersecurity should be strengthened.

OK, good. I’m glad to hear that, because the last guy wasn’t really up on this stuff. He had this guy named Richard Clarke, remember? Right before 9/11 he got politely demoted for making a nuisance of himself by whining about a group called Al Qaeda. He asked to go to cyber-security, but wasn’t in the National Security Council anymore because oldster politicians think computers suck and wish they’d just go away.

So cool — glad that we’ve got someone in the White House who cares about keeping computers safe so that it’s easier for computers to Run All the Things of Man. Now that we’re down with cybersecurity, what are we going to do about it?

Well here’s an action plan from p. 8:

• Appoint a cybersecurity policy official responsible for coordinating the Nation’s cybersecurity policies and activities; establish a strong NSC directorate, under the direction of the cybersecurity policy official dual-hatted to the NSC and the NEC, to coordinate interagency development of cybersecurity-related strategy and policy.
• Prepare for the President’s approval an updated national strategy to secure the information and communications infrastructure. This strategy should include continued evaluation of CNCI activities and, where appropriate, build on its successes.
• Designate cybersecurity as one of the President’s key management priorities and establish performance metrics.
• Designate a privacy and civil liberties official to the NSC cybersecurity directorate.
• Convene appropriate interagency mechanisms to conduct interagency-cleared legal analyses of priority cybersecurity-related issues identified during the policy-development process and formulate coherent unified policy guidance that clarifies roles, responsibilities, and the application of agency authorities for cybersecurity-related activities across the Federal government.
• Initiate a national public awareness and education campaign to promote cybersecurity.
• Develop U.S. Government positions for an international cybersecurity policy framework and strengthen our international partnerships to create initiatives that address the full range of activities, policies, and opportunities associated with cybersecurity.
• Prepare a cybersecurity incident response plan; initiate a dialog to enhance public-private partnerships with an eye toward streamlining, aligning, and providing resources to optimize their contribution and engagement
• In collaboration with other EOP entities, develop a framework for research and development strategies that focus on game-changing technologies that have the potential to enhance the security, reliability, resilience, and trustworthiness of digital infrastructure; provide the research community access to event data to facilitate developing tools, testing theories, and identifying workable solutions.
• Build a cybersecurity-based identity management vision and strategy that addresses privacy and civil liberties interests, leveraging privacy-enhancing technologies for the Nation.

Ambitious — especially the public awareness campaign. How should they go about doing that? My vote is for a public viewing of the movie Hackers in every city.

Now that Arrington has weighed in, I’ll place myself in his rarified company by writing the obligatory blog post about why I think Apple is doing a tablet.

Because I am a loser, I have no access to Arrington’s clandestine sources, so I’ll content myself with doing a plebian version of trying to break down the reasons why it might make sense for Apple to do this.

Why would they do this?

People cry wolf on the Apple tablet thing almost every year:

• 2007
• 2008

Why would 2009 be any different?

Well for starters, netbook sales numbers are getting pretty huge. Apple hasn’t made a netbook yet, but why not? Well one reason is that Tim Cook thinks that netbooks suck. But a better one is that Apple has to know it could just do something a hell of a lot cooler if they made a device with the functionality of a netbook but the form factor of a a giant iPhone.

Why do I think this? Because Apple hasn’t entered the netbook market yet even though they have the expertise to own it. The iTunes Store is a juggernaut engine of adoption, and Apple’s also sitting on some badass multi-touch patents that they’ve hardly begun to make use of yet, not to mention supply chain prowess that is the envy of the industry and the cash/demand to ensure they can get whatever they need from overseas suppliers. I think they’re going to enter the netbook space in a major way, and that when they do, it will be a tablet.

What would it look like?

I’m thinking something like Amazon’s Kindle, but with the capabilities of an iPhone, and most of the look — big, flat tabula rasa touch screen. The size would be really important, because you would want this thing to be able to be a book or a control panel for your home media center, but also have a netbook-like capability set.

It’d probably have to have a better version of OS X on it than the iPhone does — more bells and whistles. This could be why OS X Snow Leopard has support for 3G. (I don’t think that the Air sells enough to be the reason. If that’s why, then they’re going to severely lower the price of that badboy).

What it would do

In general, I’m envisioning an on-the-go “instead of the laptop” option for when you’re travelling light but the iPhone isn’t enough. Here’s a list of the potential use cases that get me excited:

• Touch-screen notebook/sketchpad/eisel (a bigger space for Brushes!)
• E-media reader a la the Kindle
• Home media remote control
• iPod with awesome capacity
• iPhone with magnetically-attached, Ive-designed earpiece (we can dream, right?)

OMG! When can I have it?

Supposedly this fall, but who knows? The intensity of the buzz has been building for awhile. Most people think that an announcement would come at WWDC next month. Let’s hope so — I’d definitely be first in line for this one.

Kicked up the site to start using Wordpress, because it’s just too hot. Mephisto is great for some things (prototyping, for instance) and it’s made of Rails, but OMG does Wordpress kick ass — it’s come a long, long way since I first used it in 2004.

Some things I like to use with it now:

• Code Colorer — get gorgeous syntax highlighted code blocks for a variety of languages. Comes with Blackboard, which is my favorite TextMate theme. Props to Sam Huckins for suggesting it.
• Textile 2 — get some Textile(markup_language) action for your Wordpress content. Vital to doing the next thing.
• Blogging from TextMate — not a plugin so much as a way of life, the ability to simply shoot posts at my blog is one of the main reasons I switched to Wordpress. Not having to go to the web to do something is really my kind of method. One key combo shoots this stuff right into the blog. Lovely.
• Easy-ass deployment — I love Capistrano, but it’s overkill for deploying a CMS. With Wordpress, I just have a tiny script on my server to update my wp-content folder, which I keep as a git repo.

I also made a TextMate snippet to make it easier to do code color blocks:

Oh boy am I an efficient blogging machine now…

I’ve come full circle since part 1 in this mini-saga, and am now describing my simple WebEx XML web service with three classes in a WebEx module.

Ruby modules offer the programmer the ability to group classes together into like structures and to control namespaces for methods. They also function as a sort of pseudo-class, in that you can define “module methods” inside the module that feel like class methods. If you have a module Foo and a method self.bar, you can call it with Foo.bar.

That’s what I ended up doing with all the helper methods I’ve got in this new class definition — WebEx.time_from_string, WebEx.filter_by_session_name, etc.

I also abstracted the things I’d need into several classes. Now the XML client has:

• An Attendee class to describe the most common type of API data we need to create and manipulate
• An XMLObject class which describes a generic object containing XML and the recipe necessary to process it into Ruby data structures (implemented as a Proc object), as well as class methods for generating various types of such objects
• A Request class which is responsible for sending an XMLObject to the WebEX API, sending the retrieved data through the object’s processor, and exposing the processed data as well as the processed result strings from the API request.

Here’s how you’d create an attendee (I’m stipulating the existence of an initialized Attendee object — @attendee)

Gist of the new WebEx module

This is necessarily kind of a spare time project. It’s something for work, but it does what it’s meant to just fine right now, so re-factoring it is something I’m doing in spare cycles. However, I’m gratified that continued refactoring has brought me back to the original idea of having a simple class with class methods that mirror the API’s methods. I had to trip through the things that brought me to make the other classes and gather everything together into a module, but it was a helpful (if stumbling) process to go through.