back to article US military goes zero-trust on software and government gets busy

Federal agencies are continuing to put in place their cybersecurity strategies 18 months after the Biden Administration issued its executive order to strengthen the government's defenses. Most recently, the Pentagon this week outlined its zero-trust strategy [PDF] roadmap while the Cybersecurity and Infrastructure Security …

  1. Anonymous Coward
    Anonymous Coward

    Zero trust and Zen Mindfullness

    Cut all LAN cables, smash all wifi's and cellphones, full body and cavity scans to reveal any contraband peripherals.

    Then assume the lotus position, empty your mind and focus on the immense emptiness of absolutely perfect digital security.

    1. Ken Moorhouse Silver badge

      Re: Cut all LAN cables...

      Surprised not more upvotes for this, maybe the 2nd para was overkill.

      Rymans has everything needed for this new strategy. Notebooks (wide or narrow feint, what did you think I meant?), a few HB pencils, a pencil sharpener and a rubber/eraser (mustn't upset Jake).

    2. Anonymous Coward
      Anonymous Coward

      Re: Zero trust and Zen Mindfullness

      I like this idea - a lot - I volunteer to do the full body searches on all good looking females.

  2. Lordrobot

    US military goes zero-trust

    And the feeling of the rest of the world is Mutual in regard to the US Military.

    "There you go again Pilgrim... talking fresh about the US Military that saved Britain, and Europe so you can scoff in our faces... Maybe we should just bring a few Carrier groups into the English Channel to refresh your memory."

  3. amanfromMars 1 Silver badge

    When BullShit Rules there’s No Hiding Place for Sensitive Secrets and Explosive Facts ....

    ...... Exploiting Virtual Fictions

    As laudable as the aspirations penned in the DoD Zero Trust Strategy may be .... and its task is certainly formidable, and some would even venture impossible, given the persistently unwary base it, the Military Industrial Complex, will be obliged to try and educate and reform ....... if it is ever in defence and support of the perversely corrupt and subversively inequitable which will guarantee it never ever succeeds in practice.

    The best that can be achieved in such circumstances is most aptly described in this earnest observation ........."You can't polish a turd but you can roll it in glitter”

  4. Anonymous Coward
    Anonymous Coward

    US security hamstrung by finance

    I once worked for a US entity that had a network switch/router product line that worked securely in red/black networks and was designed to actively block any attempts to create insecurity via its (pen tested and secure) HTTPS configuration interface - with sensible warning messages to tell the operator why what they were trying to do was not allowed, etc. The line was used across all sorts of gov/def applications.

    Finance didn't like the fact that there was an accumulated licensing cost of $35 for each $3-5K device.

    The switch/router line was replaced with one based on hand editing config files from Linux root user!

    I took one look, refused to support such an abomination and swiftly left.

    Sometimes the customer is only left with a terrible solution.

  5. ChoHag Bronze badge

    "ambiguous terminology, confusing timelines, and the potential for regulatory fragmentation."

    aka. "But it is le hard!" followed by the standard bureaucratic ground laying for continuing to do bugger all and deflect the blame.

    Useless bastard, pull your finger out, do what you're supposed to have been doing *already*, and stop sulking just because mummy finally told you to behave.

  6. Anonymous Coward
    Anonymous Coward

    They could make a significant start ..

    .. by not trusting Microsoft.

    Even though I suspect the company is a significant net contributor to their global intercept efforts, that's not a reason to expose your own infrastructure to the same.

  7. Ken Moorhouse Silver badge

    Re: a significant net contributor

    Yeah, that's how the baddie's get in.

  8. Tron

    4FA and a certificate of moral purity...

    ...or your computer will not turn on.

  9. amanfromMars 1 Silver badge

    MRDA WTF FUD SNAFUBAR

    Whenever a Zero Trust policy has sensitive first hand, third party communications not acknowledged and shown to have arrived at its chosen destination/starting point, is it most likely to NOT RECEIVE continuing critical information and further vital future intelligence directly and timely from an originating core source, and that renders one catastrophically self-disadvantaged and easily prone to almighty defeat from knowledge which will eventually, quite naturally, trial and trail itself for acceptance and supportive grateful reward elsewhere in more foreign fields of attractive endeavour, and of which there be a more than just many.

    Consider the following and realise it mainly just refers to two competing and probably opposing bodies in a vast see of fabulous opportunities.

    amanfromMars [2211231532] ..... clearly freely shares some breaking disruptive news on https://www.nationaldefensemagazine.org/articles/2022/11/23/jadc2-could-introduce-cyber-risks-at-unprecedented-scale

    [Thank you. Your comment will be displayed soon after reviewing.]

    "The Army calls its version Project Convergence, the Navy Project Overmatch and the Air Force the Advanced Battle Management System."

    OpenAI have presented a very attractive offer to anyone able to provide and develop something extremely similar in the civilian sphere ...... however, whether such developments be equally well suited to military needs and feeds, is something else altogether quite different and much more challenging to ensure does not fail spectacular and catastrophically even though one imagines there be as much money and resources available to be ploughed into the project as would make the likes of an Elon Musk blush and be prepared to deliver a working model.

    "The OpenAI Startup Fund was founded on the belief that powerful AI systems will spark a Cambrian explosion of new products, services, and applications. We also believe that the most enduring and impactful of these companies will use emerging AI capabilities to revolutionize existing markets and create entirely new ones, rather than simply enhance what’s already possible.

    To help usher in this new era, we’re launching a program to accelerate founders as they build transformative companies powered by AI.

    We call it Converge.

    Converge is a highly selective, five-week program for exceptional engineers, designers, researchers, and product builders using AI to reimagine products and industries.

    Participants will receive a $1 million equity investment from the OpenAI Startup Fund, as well as early access to OpenAI models and programming tailored to AI companies. Converge will offer workshops, office hours, and events with practitioners from the OpenAI team and beyond, with a focus on ways to navigate the challenges—and opportunities—of building in a rapidly evolving AI landscape. You’ll also join a community of fellow founders building on this frontier.

    Our aim is to share a glimpse into the future of powerful AI, give early access to the newest systems, and empower you to build transformative applications.

    The first Converge cohort will consist of approximately ten founding teams, and we’re excited to meet groups across all phases of the seed stage, from pre-idea solo founders to co-founding teams already working on a product.

    Founders from all backgrounds, disciplines, and experience levels are encouraged to apply, and prior experience working with AI systems is not required."

    I don't know about you, but to me such shenanigans all sound far too much like Alien Quantum Field Work to be realised and supplied as anything different and better.

    It is not a big jump or quantum leap to make to equate Joint All-Domain Command and Control ..... JADC2 ...... as being quite similar to Alien Quantum Field Work

    1. This post has been deleted by its author

  10. Anonymous Coward
    Anonymous Coward

    Everything considering someone or something is under control, and the policy, if this term needs to be substituted, has no changes, which ones were not even thought to be invented

  11. TheInstigator

    Only trust the person/organisation paying your salary - for they can do no wrong ...

    Right? .... right?????

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like