Hey Everyone, CISPA Is Back... Because Of The Sony Hack, Which It Wouldn't Have Prevented
from the because-bad-ideas-never-die dept
This isn't a huge surprise, but Rep. Dutch Ruppersberger, the NSA's personal Rep in Congress (NSA HQ is in his district), has announced that he's bringing back CISPA, the cybersecurity bill designed to make it easier for the NSA to access data from tech companies (that's not how the bill's supporters frame it, but that's the core issue in the bill). In the past, Ruppersberger had a teammate in this effort, Rep. Mike Rogers, but Rogers has moved onto his new career as a radio and TV pundit (CNN just proudly announced hiring him), so Ruppersberger is going it alone this time around.Not surprisingly, he's using the Sony Hack as a reason for why this bill is needed:
“The reason I’m putting bill in now is I want to keep the momentum going on what’s happening out there in the world,” Rep. Dutch Ruppersberger... told The Hill in an interview, referring to the recent Sony hack, which the FBI blamed on North Korea.Fair enough, then perhaps Ruppersberger could explain how CISPA would have prevented the Sony Hack? Of course, he can't, because it wouldn't have helped. CISPA is focused on getting companies to share more information with the government (including the NSA and DHS), but there's no indication that Sony would have actually opened up its network for the NSA to snoop through and find these hackers (wherever they might have come from). Even if Sony had opened up its system to the government, it seems unlikely that the NSA would have magically spotted this hack and done anything about it.
Instead, using the Sony Hack as a hook is a cynical political ploy for a losing idea that is designed to harm the public and take away their privacy.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cispa, cybersecurity, dutch ruppersberger, sony hack
Reader Comments
The First Word
“- Aesop
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
It would have helped.
[ link to this | view in chronology ]
- Aesop
[ link to this | view in chronology ]
We Need It ALL
/s/ the 3-letter agencies
/sarc
[ link to this | view in chronology ]
Re: We Need It ALL
From The Risks:
We in the U.S. have just completed one of the largest case studies of what happens when every individual in an industry has all of its e-mail and financial records available to regulators. The Securities and Exchange Commission (SEC) already requires every person in the financial industry to make every e-mail, cellphone text and financial record available to the SEC in order to enforce insider trading and other financial rules.
The result: NADA! NOTHING! With thousands of bankers involved in fraud on the U.S. taxpayer running into the trillions of dollars, _not one has been prosecuted; not one has gone to jail_. If this level of surveillance of the financial community has produced zero convictions in the largest ripoff of tax dollars in history, there is no reason to expect that any increased level of surveillance of non-financial citizens will produce any better results.
[ link to this | view in chronology ]
Re: Re: We Need It ALL
However, as the massively overflowing jails can attest to, they are very interested in prosecuting and jailing normal citizens, so mass surveillance would most certainly result in a whole lot of trials and jail sentences in that case.
[ link to this | view in chronology ]
Re: Re: Re: We Need It ALL
You've got to admire the prescience of the people who managed to get The Drug War up and running. Just look at how effective that's been, and for so long now. From the start back in the 19th century, through to now, it's had *such* an effective run ballooning spending, incarceration, regulatory capture, and military spin-offs, just to mention a few. Truly right up there with The Inquisition and Nazi Germany.
This's a great read: 'https://en.wikipedia.org/wiki/War_on_Drugs'
[ link to this | view in chronology ]
Re: We Need It ALL
/as if total power has ever worked like that... bleh
[ link to this | view in chronology ]
The White House has been pushing for it:
http://www.zdnet.com/article/white-house-wants-congress-to-revisit-controversial-cispa-style-cybe rsecurity-laws-after-sony-attack/
They all seem to be playing "Don't let a good crisis go to waste" rather than focusing on the absolutely shitty security Sony used.
[ link to this | view in chronology ]
Re:
These companies forget that they have some very sensitive information such as CC numbers and SS numbers (whatever the latter are called overseas) and therefore they need very restrictive security for some things.
[ link to this | view in chronology ]
Re: Re:
Most people don't expect to get punched in the face by a random stranger when walking down the street. However, if that has happened to my family multiple times, caused severe injury at least a couple of times, and I haven't made radical changes to protect my family, I have sh**ty security practices, full stop.
Notice it isn't the top executives getting punched in this scenario. They'll take the corporate jet to DC, stay at a swank hotel, maybe take in a couple of private spas, do damage control "testimony" while spending more time "encouraging" key representatives and lobbying organizations from the "family" savings account. Absolute worst case, they'll bail with an enormous golden parachute while their "family" is out on the streets.
[ link to this | view in chronology ]
Re: Re:
Even if true, that doesn't make it not shitty.
[ link to this | view in chronology ]
Re:
This is The Hollywoodification of Network Security, after all. Most regular users haven't a clue what really happened at SPE or what actually happened in the hack. They're fed salacious email gossip and nationalistic sabre rattling instead.
[ link to this | view in chronology ]
The wrong time
(I don't think the Sony attack is anything remotely like a crisis except perhaps for Sony, but the government insists on pretending that it is, so I feel OK with invoking this rule.)
[ link to this | view in chronology ]
Re: The wrong time
[ link to this | view in chronology ]
Apparently Sony did open up itself so DHS and NSA could get in there, sadly someone else got the key too...maybe they need to change the password from 12345 to 54321....
[ link to this | view in chronology ]
Re:
Oh, wait, ISIS would be able to figure that one out.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
DARTIUSC
The stated goal of CISPA is ludicrous. Companies can share anything they like with government agencies right now without additional legislation. What CISPA would do is grant companies a shield from being sued by irate customers for doing so (and, perhaps, compel companies to share even when they don't want to).
The existence of CISPA would mean that it's even more dangerous to share your data with companies than it already is -- and it already is plenty dangerous.
In terms of actually enhancing security, CISPA is worthless. In terms of further eroding trust in both companies and the government, CISPA is a superstar.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
You never want a serious crisis to go to waste
https://www.youtube.com/watch?v=1yeA_kHHLow
[ link to this | view in chronology ]
Then it gets bent a little.
Then it gets bent a lot
Then it breaks but there is still a little bit attached.
Then the little bit severs bus still is in proximity.
Then it was attached, traditionally.
Now it is enough to get mentioned in the same sentence.
(It looks like the default state of `modern' politics is mission creep.)
[ link to this | view in chronology ]
it is just adding more tentacles for the national surveillance agency (NSA)
http://www.pbs.org/wgbh/nova/next/military/snowden-transcript/
[ link to this | view in chronology ]
we are fast heading for a serious global issue where there is no privacy and no freedom because those that say we need to be protected from losing our privacy and freedom, by terrorist attacks etc, are doing those things instead, removing the need for any terrorist or other organisation to do anything! how can anyone, even for a second, think that having a government or government security forces remove your privacy and freedom is any different from having the same things removed by someone purported to be anti-government?? the result is exactly the same! we have no privacy and no freedom. the government has no respect and no trust. off we go into yet another world war, this time however with the capabilities to destroy everyone and everything!! no going back then! no saying 'i'm sorry'! no saying 'i didn't mean for things to go this far'!! this situation gives no alternatives and no second chances!!
[ link to this | view in chronology ]
...I guess I'll take my chances with the Chinese then.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Im actually fckin gob smacked that he actually admitted that
So this is a guy that thinks its ok to pass laws during times where the media has mustered up a frenzy in the public, coincedently? Who the fuck knows.........and the when the frenzy subsides and emotions normalize people start wondering, mmmm was that really a good idea
Let me ask, in a hypothetical world, should all "terrorist" drop dead tomorow, will our governments stop, give up and revert back to the means that takes our rights back into account......WILL THEY FUCK......their not gonna give up the things they worked so hard to get, the real reason why they "care"......care about the ability to control oposition absolutely, and i think the internet is the biggest reason their doing it, for the, i dont know, maybe the first time in our history has give the public previously un-accesible information they previous had no access to, a medium they cant easilly control unlike the camera.......people are starting to realise their governments are alot worse or not exactly as good as they previously thought........their scared that their nature will show
There is no such thing as a terrorist, they are, if anything, criminals, irregardless of what a two man "army" says......
Quite frankly, im getting sick and tired of being this angry, ontop of my anger, its infuriating knowing that however much we peacably try to stop this train, its gonna run over us anyway..........governments create terrorists......they also create revolutions, if they go full out tyranical, i pray for that generation
[ link to this | view in chronology ]
How do you stop that, how invasive would you have to get, to stop THAT
Where are the restrictions to go with these "laws", where is the accountability, WHERE IS THE DISCUSSION on the bill brought up today passed tomorow, or when no ones looking, or nobodies read but still blindly votes for because leadership says so, or a beneficial promiss is made by said leadership
The whole system is fucked........how can we do good if ours are so corrupt, how can someone say, yeah i agree, politicians just seem to lie all the time in one breath, and then listen and agree with them in another breath...........this is all so infuriating
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Not to mention..
[ link to this | view in chronology ]
Re: Not to mention..
[ link to this | view in chronology ]
What? I should care a about a multi million corporation being hacked, while not caring about ME being hacked, by those now selectively and hypocritically choosing THIS to "fast track"
Moral of the story
Money = rights
[ link to this | view in chronology ]
Why not? Sony certainly opened up its network enough for the hackers to snoop through! /s
[ link to this | view in chronology ]
Corporate hacking......baaaaaad
People hacking ..........gooooood
[ link to this | view in chronology ]
As Mike said in another post, companies can already share information with the FBI without CISPA. In fact, Sony brought in the FBI in to help analyze their security breach. All with CISPA.
CISPA is another pretext for the Mass Surveillance State, just like Section 215. Another attempt to legalize their unconstitutional warrentless search and seizure programs. It serves no other effective purpose. It's only effective at mass spying.
In the end, CISPA will end up making us all less safe and secure. By creating more soft spots in corporate systems for hackers to exploit and exfiltrate people's personal data.
[ link to this | view in chronology ]
Still,
[ link to this | view in chronology ]
Re: Still,
[ link to this | view in chronology ]
Fool me once, and you can fool me forever...
That "something" is of course CISPA.
A legal stunt that will do absolutely nothing to help in the phony fight against terrorism, but will aid and abet the criminals in the Whore House tremendously.
And once again, it all worked perfectly.
What a gullible bunch of pathetic humans. I'm beginning to believe you really do get the government you deserve.
---
[ link to this | view in chronology ]
Re: Fool me once, and you can fool me forever...
[ link to this | view in chronology ]
Re: Re: Fool me once, and you can fool me forever...
[ link to this | view in chronology ]
Re: Re: Re: Fool me once, and you can fool me forever...
When the only weapons held by citizens are in the hands of criminals, then democracy really is two wolves and a sheep deciding what's for dinner.
That is the current situation in the USA today.
On the other hand, when the citizenry of a nation is armed and dangerous and well trained in the use and control of fire arms, then the wolves are kept in check by their own cowardice, and everyone thinks twice about causing anyone else grief.
That is the way the founding fathers planned things to be.
---
[ link to this | view in chronology ]
Re: Re: Fool me once, and you can fool me forever...
Well I suppose its the shiny plastic-coated blue cotton tights, long-sleeve skin-tight red, white and blue kevlar shirt, the velcroed red cape and plastic ski-mask style face covering. Although in truth, my trademark 1957 jet-black T-bird with rocket boosters and rear stabilizing wings might be more readily associated by the public as an avatar itself.
What makes you ask stupid questions?
---
[ link to this | view in chronology ]
Re: Fool me once, and you can fool me forever...
It seems more likely they took advantage of an opportunity. If this were cooked up from the start, surely they could have come up with something more scary than a movie studio getting hacked. I mean who cares, really? The citizenry is not frightened or motivated by something like that. Plus the feds LOVE Hollywood, and Sony has been quite embarrassed by the whole thing.
[ link to this | view in chronology ]
Re: Re: Fool me once, and you can fool me forever...
I think blaming it on NK was purely because the USG believes Americans generally think NK is a nation of assholes, led by assholes, who are perfectly suited to pulling off such a stunt.
There is also the very real possibility that, aware of the plot against Sony by Sony's ex-employees, the USG has actually asked the leaders of NK if they would be willing to be seen publicly as the powerful and technologically savvy nation who hacked Sony in return for some future under-the-table arms deals or technology transfers from the USG.
The bombing threat itself was, I'm certain, devised as damage control by the USG and Sony as a way to detour public attention away from the emails and their contents and onto "The Scary Terrorist Hackers from NK" scenario, which is the only aspect of the hack I've seen on TV news to date. TV has made not a single mention of the emails so far.
The hack was, in my opinion, revenge by ex-employees and while I think that the NSA was probably somewhat aware of the plot through its global surveillance, I'm also pretty sure that the theft of all those emails was something they did not foresee.
That can be blamed on Sony's continued incompetence in its own data security.
I suspect that some of that communication cache could implicate the USG in some of Sony's shenanigans eventually - thus the instant assistance of the USG in destroying sites (and yes I think it was the NSA that DOSed those sites), that disclose the info and in flooding the news with the Terrorist Hacker From NK Story.
The USG assistance in covering up Sony's criminal activity will also put Sony in a position of debt to the USG, and the whole scenario was perfect for the Cyber Security FUD to come.
However, I think the people behind CISPA were informed of the plot to hack Sony right at the start because its exactly what they've been trying to set up themselves - a "terrorist hacker gang threatens the west" scenario, upon which they could re-launch their pet legislation with public acceptance.
What I do not believe is that NK hackers did Sony, or that NK hackers threatened US theaters, or that the USG believes any of that.
I think the USG simply twisted all the facts into their newest "False Flag Bogey-Man Story", because it was exactly made to order for their intended purposes re CISPA and Cyber Security and puts the books on the credit side of Sony's future favors to the USG.
---
[ link to this | view in chronology ]