Techdirt Podcast Episode 10: Is Cybersecurity A Real Issue Or Government Boondoggle?
from the and-why-is-it-focused-on-information-sharing? dept
Cybersecurity has become a big buzzword in Washington, and there have been plenty of calls for legislation, usually focused on "information sharing" setups that allow companies and the government to compare notes on threats without fear of any legal liability. But the actual issues of cybersecurity are never clearly defined, nor is the need for various legislative changes fully explained. Is the problem really as big as it's made out to be? Or is the whole thing just a bureaucratic turf war?
Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cybersecurity, hacking, podcast, privacy
Reader Comments
Subscribe: RSS
View by: Time | Thread
It's as boondoggle as it comes.
[ link to this | view in chronology ]
(Not to say they are geniuses on the issue)
[ link to this | view in chronology ]
Re:
Computer security, like every other form of security, is important and shouldn't be neglected. However, "cybersecurity" of the sort that is constantly being discussed in Washington DC is clearly a boondoggle, since there are more effective, less expensive, and and less intrusive ways of accomplishing security than legislation that weakens our overall security.
The recent Sony hack (the recent one where they were the victim rather than the perpetrator) is a good example of this. That hack is being treated as if it were an event of national security when nothing could be further from the truth. As a result, we are going to burn through countless dollars and civil rights to respond to it. That's a boondoggle.
[ link to this | view in chronology ]
Re: Re: Sony BMG
With regard to the rootkit hacks, how were there no criminal charges brought against Sony, when these are clear violations of the CFAA? If an individual were to do to Sony, what Sony did to millions, that person would never see the light of day.
Further, one must wonder how the class settlement was achieved so quickly, and so cheaply for Sony. In most other cases these things drag on for years. In addition, Sony BMG did nothing to aid those it had hacked, but rather released software reputed to fix the problem, but actually caused additional damage.
[ link to this | view in chronology ]
Yes but...
[ link to this | view in chronology ]
Re: Yes but...
Security (of any sort) is ultimately dependent on the regular users having the correct procedures and habits. The best technological countermeasures in the world can't protect against people being stupid or ignorant very well.
[ link to this | view in chronology ]
Re: Re: Yes but...
[ link to this | view in chronology ]
Re: Re: Re: Yes but...
This is certainly untrue. If you still have swiss cheese software, security is more difficult to be sure, but if your behavior is up to snuff, you are still reasonably safe. Not as safe as you could be, but you're better off having good habits and no technological countermeasures than having bad habits and top notch technological countermeasures.
[ link to this | view in chronology ]
Re: Re: Re: Re: Yes but...
[ link to this | view in chronology ]
clearly a boondoggle
[ link to this | view in chronology ]
Re: clearly a boondoggle
That is a terrible idea, as it will result in closed source software, which due to regulatory overheads can only be produced by a few large corporations. You can almost guarantee that under such a scheme, users would not be allowed to use any software development tools, as it would allow them to bypass any regulations applied to all software.
[ link to this | view in chronology ]
two aspects of a broad problem
Consider driving on the interstate with a car that has gas tanks mounted externally behind the rear bumper. That's a security risk. A defensive driver will reduce the risk, but that driver cannot reduce the risk on his own. Bringing the gas tank to a shielded area helps, but it still won't make up for poor drivers.
[ link to this | view in chronology ]
Re: two aspects of a broad problem
I agree.
I'll add a third category, as well: inappropriate exposure to public networks. Most of the types of risks that the government trots out when they want to grab more power in the name of "cybersecurity" actually fall into this third type. This type of security error includes things like connecting critical infrastructure (power grids, etc.) to the internet. The irony is that this is the easiest sort of fault to fix -- disconnect the system from the internet -- but is the one where the government seems the most intent on spending our gold and freedom to resolve using less effective means.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
CyberTerrorism Legislation is needed to deal with this very real threat to the well being of our wealthiest fellow humans, so the rules governing the use of the internet and public communications must be altered to allow constant surveillance of all users, and in many cases allow these systems to be secretly rebuilt and restructured to insure such unauthorized access and exposure never can occur without official sanction.
However, the comic-book version that they are currently trying to foist onto the public consciousness is:
CyberTerrorism is the plots of Evil-Genius Citizen Computer-Hackers, who electronically break into nuclear power plants, water purification plants, hospital drug sorting programs and other important and sensitive public and commercial computerized infrastructures, in order to cause chaos and mayhem and death and injury for chortles and giggles, and occasionally for money from one or more of the hundreds of millions of Evil Muslim Terrorist Organizations that occupy every fifth building on earth.
The NSA has of course thwarted thousands of these Cyber Terrorist threats annually and utterly foiled their plots to bring the world to its knees, destroy the moon, cause multiple simultaneous nuclear meltdowns, explode a 2000 megaton herpes bomb over Chicago, bring about a new ice age, and create a black hole in New York City, for example, but due to the nature of the investigative and surveillance tools that the Forces of Goodness and Light have used to catch these Evil Minions of Chaos, they cannot actually tell anyone, anything about any of them, ever.
And because the Evil Minions of Chaos are becoming smarter than your average bear, year after year, the Forces of Goodness and Light need some new laws that will let them ignore many more public concerns like freedom of speech, freedom of association and the like, in order to catch the new, even Eviler Minions of Chaos V2.0, who wear black masks to keep people from realizing they're really just white, ex-military mercs, who are also certainly looking for ways to use the internet to kill Good Guys via means of on-line electronically triggered mass destruction.
Be afraid.
Be very afraid!!!
(ghostly sound effect fading slowly into a distant wolf-howl)
---
[ link to this | view in chronology ]
Conspiracy theory up in here!
[ link to this | view in chronology ]
Re: Conspiracy theory up in here!
That would certainly explain the nearly instant reactions by the feds in offering their unlimited assistance to that certain Japanese company, and would also explain the massive news coverage that totally ignored the part about the incriminating emails found on that Japanese Company's computers pertaining to the buying of Attornies General for the purpose of creating legislation to harm competitors and net neutrality, and noted instead only the Evil Chinese Hacker Terrorists (Cyber-terrorists) who threatened Movie Theaters around the world with bombings.
Very astute indeed. :)
---
[ link to this | view in chronology ]
Rant Warning
====================================================
When a government claims that a new legislation is necessary for the security of the nation and that needed legislation happen to give their enforcement and/or investigation arms more power over civilians and civilian dealings, they are lying.
The "problem" has been manufactured to justify the initiation of the new laws, so that their enforcement and investigation arms can be given new powers over civilians and civilian dealings.
Prior examples:
War on Drugs - a lie giving new powers to police and G-Men and detouring tax money into a never-ending fake conflict where billions of dollars can be spent on paper, but pocketed in reality.
By making any substance illegal, the government creates a new black market for its friends in organized crime and other m/billionaires world wide to invest in, and presents a situation where these investors can and will kickback a great deal of their untaxable profit to the government officials in charge of maintaining the illegality of the contraband substances and to police and local governments to "look the other way".
This war cannot be won.
---
War on Terror - a lie giving new powers to police and G-Men and detouring tax money into a never-ending fake conflict where billions of dollars can be spent on paper, but pocketed in reality.
The fall of Russia lost the American Government its best boogeyman and forced them to create a new one - Muslims - by financing a few body-bombs via young religious idiots desiring martyrdom over poverty.
As this fake threat began to wane into obscurity, and the government realized that the FBI's make-a-terrorist programs were ineffective in the government's goal of scaring Americans back under their beds and getting them to demand more legislative protection from the bad evil men in return for relinquishing more of their civil rights, a new face was needed for Terrorism and ISIL was created from tax-payer financed international mercenary ex-military forces wearing identity protecting masks and made famous by massive news coverage.
This war cannot be won.
---
War on Piracy (P2P) - a lie giving new powers to police and G-Men and making the mob-owned entertainment industries the new gatekeepers of the internet, eventually eliminating anonymity and freedom of speech from the internet.
Both government and the Mob want the internet placed under the sort of control that television suffers from in order to end the free flow of information between civilians world-wide and to allow better property control and sales revenues for legacy industry products, by eliminating disruptive competition.
This war cannot be won.
---
War on Hackers - a lie giving new powers to police and G-Men. The pattern will hold true, as the new legislation simply gives the government and its crony corporate friends in the mob and elsewhere, more control over the internet and legalises all of the government's surveillance techniques and programs that are already in use today and those they want to introduce down the road, but know full well will not be acceptable without appropriate legality already on the books.
The real fear of hackers is the fear government and organized crime have that such people will expose their criminal dealings.
This war cannot be won.
You are being managed.
---
[ link to this | view in chronology ]