Pentagon: If You Don't Let The US Gov't Spy On Your Network, You Place American Lives At Risk
from the moral-panics? dept
The whole "cyberterorrism" fear mongering is being taken to even more extreme levels. At the Strategic Command Cyber Symposium, William Lynn III, the deputy defense secretary apparently told the audience that companies who operate critical infrastructure need to let the US install monitoring equipment or it puts everyone at risk. The NSA has apparently developed a monitoring system called Einstein (I wonder if they paid the license fee), and want to let companies "opt-in" to installing the gov't's system on their own systems, or face the "wild west" and put everyone at risk. This sounds like blatant fear mongering to let the government tap into all sorts of private infrastructure systems. After all, the government has shown, time and time again, that once it gets access to information, it doesn't take those whole "oversight" or "privacy rights" issues particularly seriously.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cyberwar, einstein, government, monitoring, networks
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
It seems that there are some people at the top that need to see Enemy Of The State. Or maybe we should just install a webcam in their homes.
[ link to this | view in chronology ]
FUCK YOU
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Aaah, now it's starting to make some sense.
The whole Cyberterrorism thing is just a smoke screen to allow the government to push for increased electronic surveillance, the same way 9/11 was used to take airport security to extremes no sane person would agree to otherwise (I'm not implying 9/11 was intentionally triggered for that purpose...but it sure was convenient).
Pretty soon, every operating system, every application and every piece of hardware will be required to have backdoors for them to spy on you.
All you need to do is just toss in some plausible scary scenario (with a hint of making people feel guilty) and you can make people agree to anything...
The funny thing is, they are digging themselves a bigger hole. That monitoring software can also be used by the "bad guys" to spy on those systems, making them actually LESS secure. Heck, it'll make their life a hell lot easier. They don't need to infect the system with a trojan, since the system is already "infected"...
[ link to this | view in chronology ]
Re:
--------------------------------------------
Why, of course, the people don't want war. Why would some poor slob on a farm want to risk his life in a war when the best that he can get out of it is to come back to his farm in one piece. Naturally, the common people don't want war; neither in Russia nor in England nor in America, nor for that matter in Germany. That is understood. But, after all, it is the leaders of the country who determine the policy and it is always a simple matter to drag the people along, whether it is a democracy or a fascist dictatorship or a Parliament or a Communist dictatorship.
Gilbert: There is one difference. In a democracy, the people have some say in the matter through their elected representatives, and in the United States only Congress can declare wars.
Göring: Oh, that is all well and good, but, voice or no voice, the people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same way in any country.
----------------------------------------
The irony here would be if a DMCA was delivered over this qoute ;)
[ link to this | view in chronology ]
Re:
http://boingboing.net/2008/08/05/lawrence-lessig-on-t.html
[ link to this | view in chronology ]
Thanks, but "Wild West" works for me and others quite well.
[ link to this | view in chronology ]
The Complete Opposite
The other issue is "critical infrastructure"; this is the same asinine concept as "too big to fail". The idea that we must control what individual parties can do because the rest of us are somehow helpless and completely vulnerable to being negatively affected by what they do with their own money and their own property, and that if anything bad happens to them it will be the end of the economy/internet/....is phenomenally stupid.
But the public is too willfully ignorant and stupid, and politicians are either too stupid or too willing to exploit that for power, so we get this cyberterrorism crap and pretty much every single thing the government did as a response to the housing slump/recession - which did exactly nothing to actually improve the system or country.
[ link to this | view in chronology ]
Reminds me of this...
What I don't know is whether this proposal has been already implemented at this point.
[ link to this | view in chronology ]
Has promise if installed to *ACTUALLY* protect the public.
The recently approved finance bill that is now in the House is a joke. Like this system, has no oversight, which is why they would be at parity.
[ link to this | view in chronology ]
Why is it that so many people go with the flushing flow?
I mean, unless you grew up in a communist country, this move towards sharing even bowel movements doesn't make sense. I don't understand why there isn't more (not less) respect for the very basics of privacy, especially at the highest of levels like the Pentagon. Is it treasonous?
I don't think any legitimate business will be jumping for this and think opening up their proprietary data to anyone is a good idea. It's probably aimed towards backbone providers, and other companies that have hordes of personal data.
[ link to this | view in chronology ]
Wow...
[ link to this | view in chronology ]
No critical systems ?
As for no critical systems, there are thousands of critical systems, it's not that their too big to fail, (allthough they can be) but they are too important to fail, and not just fail to be manipulated in a manner not intended.
GPS navigation system IS a critical system, and it's not accessible by the 'net'.
How about the US air traffic control system ? Not critical, not at risk of possible attack?
What about the thousands or even millions of Programmable Logic Controller computers that control almost every aspect of you're life, especially things like, water, electricity, gas, all you're transport systems, aircraft, power plants, waste water everything, (and most things you cannot do without).
It's not "just trying to put scares into people, it's a common occurance" that means it happens ALLREADY, and possibly too easily.
So again, trying to say "it's all ok, there is really no problem" is misleading at best and irresponsible at worst.
It is real, it does happen, and it can cause massive damage, loss of life, huge expense, loss of productivity, and massive repair bills.
And you want to do nothing, but I would take the NSA's advise over yours anyday. I know from experience when it comes to security they know what they are doing.
NSA have been building and providing this equipment to NATA forces for well over the last 30 years from my personal experience.
Just wait for the day, when some company creates a CPU that does on-the-fly encryption of the executable, you'll have DRM on everything from the CPU up, OS, Apps, and media, but that will only be introduced if the industry sees software and media theft as a big enough issue to take those measures.
So thanks to the file sharers, the rest of us have to suffer with DRM and other measures put in place to stop people doing things they should not be doing.
IF there was really no problem, then measures to fight the problem would not need to be implemented, but there are problems, people do break into critical systems, people do copy copyrighted products without legal rights to do so.
Therefore measures need to be put in place to stop or reduce the problem.
If you run a bank and you get robbed, you increase security to stop the action, or the other option is to close the bank, sure you wont get robbed, but you're not doing what you wanted to do.
Allowing them to rob you is not an option, so you take measures to stop it, put in guards, camera's, vaults etc. And you put the criminals when you find them in jail.
What you're trying to say, is music downloading is always going to happen, therefore let it and change how you make a living.
Does not work that way, that is why we have locks on door, if everyone was honest they would not be necessary.
If no one ever tried to break into a computer system, computer security would not be necessary.
If no one ever tried to illegally copy someone elses work, then copyright, and DRM would not be necessary.
If no one ever tried to copy someone elses invention, then patents would not be necessary.
Thats just how it is, and if no one ever tried to break into the US ATC, or the GPS sat Nav system, or the NY exchange, or the US power grid, then security systems would not be required.
Just as if no one listened into the enemies communications, encryption would not be necessary.
But people do, and because they do, you expect them do continue to do it, therefore measures need to be inplace to contend with that problem.
Imagine the outcry, if the US power grid dropped off, mabey like in 97, remember the 'cascading failure', it was proposed that was due to a hack on the power grid system detected several days before, it cost the US billions of dollars from losses.
Now if the power companies, said "there is no problem, so we dont employ any security thats silly, there is no such thing as a people breaking into computer systems and causing problems". They would not be employed the next day, for neglegence.
[ link to this | view in chronology ]
Re: No critical systems ?
Oh, wait, I forgot, "if you're not with us, then you're against us", right?
Give up your freedom to your government, rather than the terrists, because the terrists will just watch everything you do and you'll have no freedom. "If you aren't doing anything wrong, then you've got nothing to hide."
The biggest issue is that most people won't educate themselves about this stuff and it will make its way through congresses and parliaments and what have you around the world with barely a whimper of protest from the common man. In other words, even if the terrists lose, they win, because either way, some schmuck with a cybersecurity mega-contract is more worried about making money than about personal rights and freedoms.
While we're at it, why don't we just install CCTV cameras at ever corner and have a webcam or two feeding live pictures of our homes? Hey, we're not doing anything wrong, so we should mind anybody watching us, right?
[ link to this | view in chronology ]
Re: No critical systems ?
1. if its DRM, it will get cracked regardless of what type and where it takes place in the system.
2. we have locks on doors to keep dishonest people out. we do not have locks on doors to keep the government from violating our constitutional rights - huge difference
3. all things change. including how companies and individuals do business. sometimes that change is brought about by proactivly finding better ways, sometimes forced by obsolesance. but they always do change. to say its unfair to force people to change the way they do business because of obsolesance is a disservice to society as a whole. a much more appropriate metaphore would be the USPS and the combustion engine.
in and of itself, there is nothing wrong with snail mail. its an effective means of communications. should we just scrap the entire internet because some companies just cant seem to figure out how to use it and it jeapordizes their business structure? the horse and buggy are perfectly acceptable modes of transporting goods from one place to another. should the rise of the transportation industry have been halted because it put the entire industries that relied on the sale of products to keep the horse and buggy industries working out of business?
(psst, the answer is no)
oh and by the way, trying to say because of file sharing we have to have safeguards on systems that are critical to infrastructure is over the top hyperbole and fear mongering. it adds nothing of substance to the conversation and only serves to distract from the real issues. sorry if i didnt fall for it.
[ link to this | view in chronology ]
Re: No critical systems ?
[ link to this | view in chronology ]
Its time
[ link to this | view in chronology ]
I think Big Brother could be good for America...
Why? Because they probably have transparency and accountability issues.
[ link to this | view in chronology ]
Right...
Given that my network is FAR more secure than yours, I think I'll take a pass on your monitoring equipment.
@Darryl: Nice rant. Unfortunately, you're distant relation to the facts is a little hard to swallow. The NSA has a long (and secret) history of screwing things up. I wouldn't be surprised if they were on the class-action against Google StreetView. If someone can hack the GPS satellites, we're already screwed. GPS navigation is a one-way communications system. CPUs can already do JIT encryption. Most DRM is not based on need, but paranoia. DRM did not stop music piracy, the availability of quality music at a decent price did (iTunes). The failure of the powergrid in '97 was traced to an engineer not following proper protocols. The energy policies of the Clinton and Bush administrations allowed power companies to connect their grids so they could sell energy in different markets. This led to grids without buffers, Enron, and the California energy crisis. It had nothing to do with Internet security.
But that's all moot. The Pentagon want civilian contractors to accept NSA-monitoring of their networks. This is a colossally bad idea, as it effectively gives network admin rights to a third-party without any oversight or liability. If the NSA wants to monitor my network, then they'll have to prove that my network doesn't meet their standards.
[ link to this | view in chronology ]
To what degree can monitoring prevent an attack?
I think it's not just a matter of privacy, but of efficacy. The Pentagon should be out there proving that what they're offering is actually capable of protecting something, may be then a real dialog can start about who should join, how, and when.
[ link to this | view in chronology ]
That's just what everyone's IT deparment needs...
Honest though, shouldn't they just set up standards and auditing, starting with a specific definition for "critical infrastructure".
[ link to this | view in chronology ]
Why you shouldn't bet on Government Security...
http://www.zdnet.com/blog/projectfailures/fbi-counterfeit-cisco-routers-risk-it-subversion/ 740
Yup, lots of security. Pot meet Kettle.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
ALWAYS HAD CONTROL
[ link to this | view in chronology ]
Re: ALWAYS HAD CONTROL
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
PCI
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Do what thou wilt, shall be the whole of the law.
Nice and simplistic :), I would have thought Alister Crowley's main quote would be more appropriate for those there who do not think the law is for everyone. And somehow you're above every else and the existing laws in some way.
So what did Crowley say ?? hmm
[ link to this | view in chronology ]
you already know
if I could spell I would spell (BUCK FUTT) with your collective names on it......911 is just an excuse for abuse!!!
[ link to this | view in chronology ]