Techies with hammers

The concept of the golden hammer has long been considered an anti-pattern. Yet, it seems to be in full swing when it comes to approaches to changing the technical culture in government.

• The US CTO believes that technical people are missing in government

• Wondering how the the GS-2210’s in the civil service feel when they hear these types of statements

I’ve always wondered what the results would be if you put two teams head to head to solve the same problem. One, drawn from a pool of technical folks who are career civil servants, and the other, made up of technical folks who are from the startup/internet companies doing a short time stint in government.

The key difference would be to give the career folks the same level of political air cover, resources, training and recognition when it comes to changing/breaking culture, processes and policies that is currently available only to the other half.

I know where I would place my bets.

Encryption Everywhere

OMB has proposed the “The HTTPS-Only Standard,” which would require the use of HTTPS on all publicly accessible Federal websites and web services. Why, oh, why, is this even open to debate?

• The UK GDS folks are already there

• While on this encryption and authentication journey, it would be nice if the government implemented DMARC on .gov mail servers. There are a lot of folks, many of them elderly, getting phished by email from .gov addresses.

• A pretty nice tutorial on enabling PGP for MAC OS X

cyberLinks: random and relevant

Post-Snowden is now a term of art. Pew has the results of a survey on Americans’ Privacy Strategies Post-Snowden. Let the selective cherry-picking of data commence!

• Top 10 API Security Considerations

• List of websites that support 2FA. Just remember, Multi-Factor and 2FA may not be the same!