PDA

View Full Version : Does the Internet need an off switch?



Aaranar
8th April 09, 09:54 PM
Senators Jay Rockefeller and Olympia Snowe have introduced a bill that would seemingly let the President shut down much of the Internet if he thought necessary.
The Secretary of Commerce would also be given "access to all relevant data concerning [critical] networks without regard to any provision of law, regulation, rule, or policy restricting such access" in the event of a cybersecurity emergency.

How now Net Neutrality?

Bill Lets Obama Turn Off the Internet
By Jason Lee Miller

Two bills introduced giving the President the power to deem a private network part of the nation’s critical infrastructure and shut it down for cybersecurity reasons also gives the Commerce Secretary the power to access network data outside of oversight.

The Big Brother vibe coming off both is reminiscent of a demanding report submitted before Obama even took office. About a month after Election Day, the Center for Strategic and International Studies (CSIS) issued a report called Securing Cyberspace for the 44th President.

Heard of the military-industrial complex? The CSIS is likely where they meet to carpool.

The recommendations in the report, ignored by the previous administration, are sweeping and demanding. The principle minds behind it hailed from the CIA, the US Navy, Microsoft, Sun, AT&T, ICANN, Lockheed Martin, Cisco, and GE—among a slew of others—and likely those minds felt confident they’d get a more sympathetic ear from the new President. And they were likely right. They’d get that from Congress, too.

Senators Jay Rockefeller and Olympia Snowe introduced legislation last week echoing much of what the CSIS report was looking for, which is primarily a set of standards network operators are to live up to—more on that in a bit. One bill creates the office of cybersecurity czar, called a National Cybersecurity Adviser, who will oversee national network security. Confirmed by the Senate, the cybersecurity czar will have the highest security clearance necessary to monitor infrastructure networks and will be a party to secret initiatives.

Thanks to the Cybersecurity Act of 2009, the cybersecurity czar will be advised by a panel stakeholders from government, private, academic, and nonprofit sectors, much like the signatories to CSIS’s report. Also under the longer bill, the President can order the disconnection of any federal or private critical infrastructure network during emergencies or for reasons of national security. “Critical infrastructure” could include the networks attached to financial, power, transportation, medical, communication or any other network deemed critical that could be the target of a cyber attack.

In short, the President could shut down much of the Internet if he thought necessary. The Secretary of Commerce would also be given "access to all relevant data concerning [critical] networks without regard to any provision of law, regulation, rule, or policy restricting such access" in the event of a cybersecurity emergency.

The National Institute of Standards and Technology would be charged with developing standards and tests for information networks and software used by federal agencies, contractors, or other private networks deemed part of the critical infrastructure.

Typically, when legislation affecting, limiting, or dictating major corporations hits Congress, those corporations make big stinks. Watch AT&T and Verizon go mad with anti-regulation fervor whenever Net Neutrality is brought up. All sectors are suspiciously quiet on this front, though. It could be because there’s big money in standardization, especially if your company gets to create the standards, and there’s big money in government contracts, too. Essentially, sometimes a report is a bid for a job.

While no one would object to the federal government improving its ability to fight off cyber attacks or to updating cybersecurity policies to reflect 21st Century approaches, it seems wise to be wary of handing over so much power to a few people and wary of giving up so much of our digital sovereignty.

Source : http://www.webpronews.com/topnews/2009/04/07/bill-lets-obama-turn-off-the-internet


Given the levels of knowledge regarding technology and the internet displayed by various members of our government, how could one not be wary?

Kein Haar
8th April 09, 09:56 PM
Do Gorilla's need sweet potatos?

The answer es obvio.

Steve
9th April 09, 02:48 AM
The internet is the ultimate form of free speech. Should it have an off switch?


The answer es obvio.

Sirc
9th April 09, 03:11 AM
It's very easy and possible to do.

L0pht figured it out. They could do it, a large enough group of assholes could figure it out if they didn't love it so much.

elipson
9th April 09, 03:32 AM
The internet is the ultimate form of free speech. Should it have an off switch?

Nuclear weapons are bad, should they even exist?

Both these questions come down to responsible use. Do we think this new law will be used responsibly and sparringly? Or will it be used just before elections and during disasters?

Steve
9th April 09, 03:45 AM
You have seen Live Free or Die Hard, right?

elipson
9th April 09, 03:50 AM
Didn't you see the Superman where he caught all the nukes?

We don't have a superman to catch them all.

Steve
9th April 09, 03:55 AM
http://i71.photobucket.com/albums/i141/forstevee/super-386x450.jpg

Steve
9th April 09, 03:57 AM
/trolling

Off to bed.

HappyOldGuy
9th April 09, 10:58 AM
It's very easy and possible to do.

L0pht figured it out. They could do it, a large enough group of assholes could figure it out if they didn't love it so much.

Bullshit

Sirc
9th April 09, 11:08 AM
Bullshit

Nope.

It's not like it's that hard to create a hijacking malware that corrupts winsock and TCP/IP shit.

And with the bullshit that is conficker, we see how easily (read: how stupid people are) it is to spread.

Fearless Ukemi
9th April 09, 11:21 AM
Agree with Sirc.

Most people I know who get infected with something as stupid as a browser hijacker can't do anything about it other than reformat. And most of them can't even do that.

Phrost
9th April 09, 11:47 AM
It's very easy and possible to do.

L0pht figured it out. They could do it, a large enough group of assholes could figure it out if they didn't love it so much.

L0pht is still around? Whoa.

HappyOldGuy
9th April 09, 11:49 AM
Nope.

It's not like it's that hard to create a hijacking malware that corrupts winsock and TCP/IP shit.

And with the bullshit that is conficker, we see how easily (read: how stupid people are) it is to spread.

Take down sites != take down the internet. The nastiest botnets ever built can just barely take down a top tier website long enough for it to switch over to a more expensive provider to weather the storm.

As far as a virus/malware type attack. They follow the old 90/10 rule. 90% of infections happen to the same 10% of idiots. Luckily, those idiots tend not to be responsible for crucial systems (although there are obviously exceptions).

Ajamil
9th April 09, 12:27 PM
We should ask China how well this works out for a govt.

On a related note, I was rather amazed in the Wall Street Journal how nonchalant the reporting was on the fact that our infrastructure (electric grid was in the report, but they mention water and sewer as well) has been hacked - multiple times - by China and Russia, leaving little malicious programs they can turn on "just in case." The only thought I have is we're not worried because we've done the same thing to them, and we can defeat their programs.

WarPhalange
9th April 09, 12:36 PM
When I was at Livermore Labs over the summer, I went to a talk about cryptography and security, etc. Basically they said they have hacking attempts all the fucking time. Multiple in a day, almost constant, really. Individual people, corporations, and countries. They actually have people to actively counter this shit and not just like a program or some hardware that just stops it. I thought it was really cool.

So, you can bet your ass we do the same to them.

RickTheCritic
9th April 09, 12:45 PM
The internet should never have an off switch. You guys have a very "meh" reaction to this bill because Obama is in charge but in 8 years this could come back to bite you in the ass

elipson
9th April 09, 12:51 PM
US power grid infected with outside code.
http://www.cnn.com/2009/TECH/04/08/grid.threat/index.html


In matters of computers, I usually believe Sirc.

HappyOldGuy
9th April 09, 01:01 PM
In matters of computers, I usually believe Sirc.

He drives the cool black and white mini cooper. That makes him an expert.

Fearless Ukemi
9th April 09, 01:28 PM
The internet should never have an off switch. You guys have a very "meh" reaction to this bill because Obama is in charge but in 8 years this could come back to bite you in the ass


Why should I worry any less about this no matter who the president is? This bill was introduced by a Democrat and a Republican Senator, both of whom should be replaced immediately.

HappyOldGuy
9th April 09, 01:34 PM
Please be very specific about what parts of the bill (as opposed to the article) you find objectionable.

Fearless Ukemi
9th April 09, 02:03 PM
All I have to go on is what its creators have publicly stated:

"to create an Office of the National Cybersecurity Advisor, part of the Executive Office of the President. That office would receive the power to disconnect, if it believes they’re at risk of a cyberattack, ‘critical’ computer networks from the Internet."

Rockefeller joking around that the internet should not have been invented is also worthy of my scorn.

Is there a wroking draft of the bill somewhere?

Fearless Ukemi
9th April 09, 02:19 PM
Found it, I think.

http://cdt.org/security/CYBERSEC4.pdf

and LOL at "cyber-Katrina"

HappyOldGuy
9th April 09, 02:33 PM
That's definetely it. Or at least a version of it.

Robot Jesus
9th April 09, 05:32 PM
correct me if I'm wrong, but i thought the whole point of the internet was to have a network that could not be taken down.

elipson
9th April 09, 05:40 PM
correct me if I'm wrong, but i thought the whole point of the internet was to have a network that could not be taken down.

Two things with that.
1) that kind of idea is just daring people to try to knock it out just to make a name for themselves. Imagine being the hacker who killed the internet? Would that earn you a spot in the history books?

2) Something that can't be taken down could be dangerous if someone is able to turn it into a weapon. That seems to be the fear going through this type of legislation.

HappyOldGuy
9th April 09, 05:41 PM
correct me if I'm wrong, but i thought the whole point of the internet was to have a network that could not be taken down.

Part of the hype in the article. What this is really about is the president getting the authority to order critical infrastructure networks to cut off internet access in the event of (for example) a massive botnet attack in their servers.

bob
9th April 09, 09:26 PM
What's elipson banned for?

Dark Helmet
9th April 09, 11:04 PM
What's elipson banned for?
Goat fucking.

Ajamil
9th April 09, 11:24 PM
Things I got from this bill:

- Alluding to the creation of a CSA - cyber security agency - to be "a single voice for cybersecurity within govt."

- cyberspace security strategy "is and will remain a public-private partnership."

- creates an Advisory Panel to the President

- Commerce Director needs to set in place intel gathering process of govt. cybersecurity

- regional cybersecurity centers

- govt. cybersecurity standards set in place

- hiring/creating "cybercops" (my words)

- review of NTIA dopmain name contracts - ?

- develop "secure domain name addressing system"

- cybersecurity "awareness"

- cybersecurity R&D

- fed. cyber-scholarship-for-service program

- comps & challenges

- sec. of commerce gains "access to all relevant data concerning such networks without regard to any provision of law, regulation, rule, or policy restricting such access" - ouch. Networks being fed. govt. and private sector owned critical infrastructure information systems and networks.

- 1 yr risk management report, legal framework review and report, and civil liberties report

- President responsible for coming up w/long term strategy and plan regarding cybersecurity

- President can declare emergency and shut down any govt. or "critical infrastructure" system or network

- President oversees the created CSA

- President should work internationally for norms and joint cybersecurity defenses

I can see where people would get upset - I certainly am cautious about some of that, but how is this much different than the President's ability to declare martial law?

Cullion
11th April 09, 09:04 AM
I wish politicians would stop listening to security consultants and anti-virus company sales reps so much. They get all confused and scared.

Fearless Ukemi
17th April 09, 03:08 PM
To quote HappyOldGuy:

"If you give them the tool they will abuse it."

HappyOldGuy
17th April 09, 03:14 PM
To quote HappyOldGuy:

"If you give them the tool they will abuse it."
If the thread title was at all connected to reality. I would be totally manning the barricades. But the only really risky tool here is the ability to declare an emergency, and that isn't a new tool. It's arguably got better transparency in this legislation than it does in other implementations.

Plasma
17th April 09, 03:51 PM
Think about it.

This:
http://www.thestellarvortex.co.uk/emotes/1%20Cool/Stupid_InternetPolice.png
Could be real and no longer a joke

And this:
http://brian-moffatt.com/images/internetpolice.jpg

nihilist
18th April 09, 04:06 AM
Something that can't be taken down could be dangerous if someone is able to turn it into a weapon. That seems to be the fear going through this type of legislation.


9NDsfUANcws