Mixing Business With Gov't Stupidity: General Clark Tells Congress Why It Should Regulate P2P (And Make Him Richer)

from the all-about-the-money dept

Remember the ridiculous story last month about how some clueless politicians were blaming the fact that some government employees were breaking rules and too stupid to understand how P2P software worked that P2P software needed to be regulated for the good of national security? It turns out that there's even more to this story. Congress called in a "star witness," in former presidential candidate General Wesley Clark, who took the position that P2P must be regulated: "If you saw the scope of the risk, I think you'd agree that it's just totally unacceptable. The American people would be outraged if they were aware of what's inadvertently shared by government agencies on P2P networks. They would demand solutions." And what kind of solutions would those be? Apparently, the kind whereby the gov't regulates P2P providers and requires they build in security. And what kind of security would that be? Why, perhaps the kind of security supplied by a company advised by the very same General Wesley Clark. We won't even bother to name the company here, because it doesn't need any additional free publicity, but its website is full of scary statements about how P2P software is threatening national security.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: congress, file sharing, national security, p2p, wesley clark
Companies: tiversa


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    bt garner, 14 Aug 2007 @ 11:05am

    Wow

    Have we as a society become so shallow that stuff like this just happens without the uproar it deserves?

    How about this: Corporate policy the forbids P2P activity. Block the P2P ports on the firewall you are using (you are using a firewall, right? right? RIGHT?) and if anyone is found trying to circumvent and use P2P software, they are terminated.

    That might be a bit extreme, but this is nothing that needs regulatory oversight.

    link to this | view in chronology ]

    • identicon
      Matt, 14 Aug 2007 @ 11:36am

      not to mention something that wouldn't work

      BT Gamer: "block p2p ports" I sincerely hope that is satire. However in the wonderfulness of the internet lets try to add some assumptions that its not. How is that going to work when any bit torrent program can be assigned to any port. Also if you just go around only allowing certain ports (without same lack of knowledge), you'd be amazed at the legitimate things you'd block and/or can't. Also you can't just "block encryption" since torrent programs use encryption as does VPN. It is easy to find a high amount of upstream/downstream coming to 1 pc. But it's equally unlikely anyone torrents for work other than for legitimate reason (universities sharing lectures for one). You're not going to see it visually (minimize the program). And when it all comes down to it, someone can bring a program on a USB drive to get by all the blocking. So it's kinda hard to secure stuff like that.

      link to this | view in chronology ]

      • identicon
        Chronno S. Trigger, 14 Aug 2007 @ 12:03pm

        Re: not to mention something that wouldn't work

        You make a valid point. P2P programs are too hard to block so this regulation must be passed. Unless you take into account that firewalls can block or allow specific programs. In a military installation I'd expect to see those firewalls in effect. but then I'd also expect to see some personal restraint on the part of the employees.

        "you'd be amazed at the legitimate things you'd block and/or can't. Also you can't just "block encryption" since torrent programs use encryption as does VPN."

        Again this is a military installation. Please tell me how many places these people need to be other than other military computers that probably already have a dedicated VPN set up in the routers or even a hard line.

        link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Aug 2007 @ 12:31pm

      Re: Wow

      "Have we as a society become so shallow that stuff like this just happens without the uproar it deserves?"

      Yes: Iraq.

      link to this | view in chronology ]

    • identicon
      Sanguine Dream, 15 Aug 2007 @ 6:09am

      Re: Wow

      Well considering a guy can be fired (and sued) if a woman hears him tell a dirty joke (which is not directed at her but she just happens to be in earshot of it) I don't think instant termination for trying to install any restricted software is too extreme. In fact I'll go as far as to say that is one of the few rules that I would support at any company.

      But here's the trick. If a simple rule like that were to be passed and enforced then that means that there's no big corporation getting paid to do a job that they created themselves and we cannot have that.

      link to this | view in chronology ]

  • identicon
    Unknowledgeable Geek, 14 Aug 2007 @ 11:18am

    This is

    This is such a no-brainer I am sure the gov't will screw it up somehow. I am the network administrator on several dozen networks, you know how easy it is to not allow P2P traffic and monitor for people trying to circumvent? Now, spelling that ain't my fortay. But, stopping P2P (which at the gov't level, I have no clue why this isn't done already) is simple.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Aug 2007 @ 11:19am

    a HUGE problem is that the good folks in congress don't understand technology - but of course they are qualified to regulate it...

    link to this | view in chronology ]

  • identicon
    CatBandit, 14 Aug 2007 @ 11:23am

    Flag level officers chase dollars

    Clark is no different than others with high military rank - or high GS ratings - who find ways to "milk" the enlisted people or the public who they are supposed to "lead".

    Look at any military installation for any service. The "civilian" dry cleaners, tailors, restaurants and bars and on and on are owned by senior enlisted or officers - sometimes retired but often not. These guys pass the regulations and then get wealthy providing the goods and services required by those very regulations.

    Clark has just found a technical twist to a very old game.

    link to this | view in chronology ]

  • identicon
    GoblinJuice, 14 Aug 2007 @ 11:50am

    I respect General Clark, but I think he's gone the shill. Sad, very sad.

    A BOFH can handle P2P. A private corp, with a multi-million dollar solution that'll be circumvented quicker than you can google "pr0n", can't.

    link to this | view in chronology ]

  • identicon
    Greg Piper, 14 Aug 2007 @ 12:28pm

    Clark was transparent about the affiliation

    It should be noted that Wesley Clark was up front with the committee about his interest in this security company. His statement isn't on the committee website (odd because everyone else's is), but the print handout at the press table noted his affiliation, on the first page if I remember correctly. You can watch the archived video yourself at the Oversight Committee site.

    http://oversight.house.gov/story.asp?ID=1424

    link to this | view in chronology ]

  • identicon
    t, 14 Aug 2007 @ 12:44pm

    not a tech geek, but -- if you don't allow people to install software on their own machines at gov't installations, which seems prudent, then no p2p software should get on the machines. That, along with other reasonable care, including the threat of discipline if personnel are caught using p2p software would seem to make sense.

    I've been at companies with tight security around software installation connecting to anything outside the LAN and use of company computers. The funny thing is, people actually wind up working instead of shopping EBAY, tracking their fantsy foot ball teams or building their music collections.

    link to this | view in chronology ]

  • identicon
    Fat Tony, 14 Aug 2007 @ 12:46pm

    Solutions

    The way to block p2p programs is to block installations. Not every idiot in an organization requires rights to install. So restrict those rights and anyone who circumvents the system gets one warning. Second warning = fired
    If you can't respect the rules of your organization you shouldn't be in it.

    link to this | view in chronology ]

  • identicon
    Dave, 14 Aug 2007 @ 12:48pm

    groan

    Wow, and I thought that guy was actually reasonably intelligent.

    You know, nothing's constant in the universe except for one thing - politicians are unerringly stupid about regulating technology, and should not be trusted to do so without a HUGE amount of help from smart people. Like that's ever going to happen.

    They'd screw it up even if they weren't listening to lobbyists with an ax to grind.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Aug 2007 @ 1:10pm

    As plenty of people have stated, blocking p2p traffic, especially in a military institution (shouldn't security be their top priority?) is not that difficult. I've worked in corporate environments where we enforced policies that are apparently 10x more strict than the government/military. Even if someone managed to get a p2p app installed (why oh why can a user install ANYTHING), they wouldn't get through the perimeter defenses.

    Unfortunately I am not surprised by this. Attempting to regulate an 'industry' that's impossible to regulate since anyone with some decent programming knowledge can write and release a p2p app just gives a false sense of security and completely ignores the core issue. Hire some competent infosec admins, listen to their advice and enforce the policies they create. That includes the people at the top of the food chain.

    link to this | view in chronology ]

  • identicon
    anonymous coward, 14 Aug 2007 @ 1:28pm

    I have yet to hear of one single government employee ever being terminated because of a data breach no matter how stupid or avoidable it was.

    You don't penalize everyone because one person does something wrong. You punish that person. If we go down that road, cars should be outlawed tomorrow.

    link to this | view in chronology ]

  • icon
    John (profile), 14 Aug 2007 @ 2:16pm

    I'm confused...

    Maybe someone can explain it better, but I'm confused about why people in government offices, and who deal with secure data, need p2p software installed on their computers?
    Like one of the posters already said, don't they have a VPN set up? And even if they really, really do need a p2p software program, who installed the program and allowed it share everything on the computer?

    But, it's better to put in government regulations instead of holding the IT people and the government worker accountable for their actions.
    (Yes, that was sarcasm)

    link to this | view in chronology ]

  • identicon
    Guy who thinks Clark is a moron, 14 Aug 2007 @ 3:02pm

    Clark is a moron....

    'nuff said...

    link to this | view in chronology ]

  • identicon
    Dragon Spirit, 14 Aug 2007 @ 5:17pm

    P2P a threat to national security???

    Wouldn't it be cheaper and easier to either A) Train the incompetent government staff in setting up P2P properly, or B) simply block the ports used by P2P software on the Government Servers???

    Why should the entire free world be penalised because of some incompetent government employees? GET REAL!!!!! Teach them how to use it properly, or block them from being able to use the P2P software on Government Computers. SIMPLE SOLUTION, that does not encroach on the rights and civil liberties of everyone else on the planet! Dead set these wankers in Government and politics seem to think that everything is an opportunity for them to bullshit their way in to making more money for themselves, whilst telling us all that "This is for your own good and for national security". What a crock.

    link to this | view in chronology ]

  • identicon
    jammerman79, 14 Aug 2007 @ 6:43pm

    not employees

    If you notice, the security breach examples provided are all from contractors... maybe they should be looking at that.

    link to this | view in chronology ]

  • identicon
    eris23, 15 Aug 2007 @ 1:13am

    Communication is the threat

    Stories of p2p, unsecured ftp sites, etc, being a threat to National Security blind the public to the underlying problem: Communication is the threat.

    To prevent any potential enemy from finding out things all we have to do is make any form of communication illegal. Muzzle mouths, bind up hands, etc.

    With no communication possible, no information can be stolen.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.