Brennan Center provides resources for security activists

Security Strategies This newsletter is sponsored by Symantec Security Information Management Solutions: Beyond Threat Management Learn the latest Security Information Management best practices from IT research firm Forrester Research and Symantec. Watch now and also discover how solutions are evolving, as well as how to get more out of SIM - much more than incident response and threat management. Network World's Security Strategies Newsletter, 05/24/07 Brennan Center provides resources for security activists By M. E. Kabay One of my constant themes to students (and to readers) is that security professionals ought to apply our knowledge of security fundamentals and technology to all aspects of our lives, including our roles as citizens. Here in the United States, one of the areas where I have personally contributed my perspective as a professional in the public sphere is discussions of electronic voting systems. As I have written in previous columns over the years (see for example this, this, and this), I profoundly object to electronic-voting systems that have no independently verifiable audit trail; I’ve testified to that effect before the Vermont Senate, in public meetings on the issue, and in briefings presented to the office of the secretary of state of Vermont. Discover the Business of Gaining Organizational Support for your Security Initiatives. September 10-11, 2007 | The Fairmont Chicago How do you get everyone from the boardroom to the mailroom to comply with your security initiatives? Come collaborate with peers on critical business topics like this at The Security Standard-the only business summit for senior security executives. For the latest in planning and management strategies. Click here for more details On this theme of public involvement, I want to draw readers’ attention to an excellent resource that touches on many aspects close to our professional interests: the Brennan Center for Justice of the New York University School of Law. The Center has many areas of possible interest, including: - Access to Justice - Campaign Finance Reform - Courts & Government - Immigrant Rights - Liberty & National Security* - Criminal Justice Reforms* - Voting Rights & Elections* - Wages, Jobs & a Strong Economy Readers of this column may be particularly interested in the resources in the three sections I have marked with an asterisk. On the “Liberty & National Security” page the Center has links to many valuable documents discussing security implications of issues such as the abrogation of habeas corpus, the implications of unchecked presidential power, reduced independence of the federal courts, increased governmental secrecy, and racial and ethnic profiling. The “Criminal Justice Reforms” section has a number of areas of possible interest to security practitioners, especially those with experience in or ties to law enforcement. Topics where security experts may be particularly interested in contributing their expertise include: * Sentencing reform, where one can read about attempts to “promote rational sentencing approaches through law reform that secures both fairness and safety” and which may help us reduce recidivism and the dangers posed by habitual offenders. * Post-conviction penalties, which examines to what degree offenders should continue to carry the stigmata of their crimes after their sentences are complete. These issues significantly affect our hiring policies and practices. “Voting Rights & Elections” is potentially the most interesting to technically savvy security experts. There’s a comprehensive report available that appeared in October called “The Machinery of Democracy: Voting System Security, Accessibility, Usability, and Cost” that packs in 190 pages of detailed analysis of all aspects of electronic voting systems (watch out for the violently red page 2, which practically burst my eyeballs when I switched past it the first time). I was particularly pleased to see a section entitled “Voting System Vulnerabilities” that defined threat analysis and then went into several pages of details of potential attacks on voting systems. The six security recommendations are interesting and I encourage readers to study them in detail: 1. Conduct Automatic Routine Audit of Paper Records 2. Conduct Parallel Testing 3. Ban Wireless Components on All Voting Machines 4. Mandate Transparent and Random Selection Procedures 5. Ensure Decentralized Programming and Voting System Administration 6. Implement Effective Procedures for Addressing Evidence of Fraud or Error In summary, there’s plenty of material on the Brennan Center’s site for anyone to study. Whether you agree with the Brennan Center’s positions, I hope that some readers will be motivated to get involved in their local, state and national affairs to contribute their intelligence and expertise.   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. A cynic rips open source 2. IT jargon you just love to hate 3. Top 15 controversial Microsoft quotes 4. Cisco routers cause major outage in Japan 5. Foundry readies monster Ethernet switch 6. Alltel agrees to $27.5B buyout 7. Why Argonne has pulled the plug on VoIP 8. Slideshow: Foundry's biggest Ethernet switch 9. DoD software protection comes to commercial sector 10. Microsoft won't sue over Linux - yet MOST-READ REVIEW: Midtier management tools register high marks

Contact the author: M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information Assurance and CTO of the School of Graduate Studies at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site. Special discount for Network World Security Strategies readers: For a 10% discount on the upcoming INFOSEC Year in Review workshop in Marina Del Ray, Calif., on June 4-5, 2007, use code WNW07 when registering online or by phone. This newsletter is sponsored by Symantec Security Information Management Solutions: Beyond Threat Management Learn the latest Security Information Management best practices from IT research firm Forrester Research and Symantec. Watch now and also discover how solutions are evolving, as well as how to get more out of SIM - much more than incident response and threat management. ARCHIVE Archive of the Security Strategies Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007