Slashdot Mirror

← Back to Stories (view on slashdot.org)

GOVNET In the Works

Posted by ryuzaki0 on from the cutting-off-your-nodes-to-spite-your-face dept.

gtg010b writes: "According to USA Today, the U.S. government is considering a private network to be used for all government communications. This network would be "separate from the Internet to keep it safe from hackers or terrorists" according to Richard Clarke, the head of the president's "cyberspace security adviser." Whatever happened to government not being above the people?" Clarke is the guy who's been crying "cyber Pearl Harbor" for a few years; apparently if you cry wolf long enough you get promoted. His request (.doc format) is informative. I should point out that the U.S. military already has such a network (I'm not even going to ask why the Feds can't piggy-back on it), so GOVNET would be for critically-important government agencies like the Department of Agriculture to communicate.

9 of 271 comments (clear)

  1. Sure... by dghcasp · · Score: 5, Funny
    GOVNET would be for critically-important government agencies like the Department of Agriculture to communicate.

    and get spammed with MAKE WHEAT FAST!

  2. This is bad why? by chinton · · Score: 5, Insightful

    So, they want to set up an intranet for the government. Why is this a bad thing? Should all corporations be required to use the internet for any and all communications between employees/remote sites/customers?

    1. Re:This is bad why? by MikeyNg · · Score: 4, Interesting

      So, they want to set up an intranet for the government. Why is this a bad thing? Should all corporations be required to use the internet for any and all communications between employees/remote sites/customers?


      This is not a bad thing. It's a redundant thing. If you read up on DARPA and the creation of the Internet, you'll see that all that's being proposed has already been proposed some forty years ago or something. So commercial entities have the majority of sites on the Internet now. Big deal. The Internet was initially created just to handle this sort of thing.


      Yes, if they want to do videoconferencing, etc., they'd need to beef up the bandwidth. You'd need something like an Internet2 or something like that. Oops. That's already in the works, isn't it?


      (As an aside, when's the last time anyone used a .mil address? They're still valid TLDs, right?)

      --
      Where the wind blows, the tumbleweed goes.
    2. Re:This is bad why? by dachshund · · Score: 4, Insightful
      Well, it sounds like it'll be a big intranet. We could eventually be talking about thousands of sites, all over the country. Presumably all of these links will operate over isolated (and hopefully secure) communications lines, which aren't cheap-- there shouldn't be any tunneling over other networks, otherwise it you might as well just use a big VPN setup across the public Internet.

      I hope that they understand that a large-scale network like this isn't going to solve all of their problems. They'll still have to maintain heavy security on all of their sites, regardless of how much more secure this network is.

      I think it's not a bad idea, if you're looking to avoid a William Gibson type scenario (where all sorts of critical resources can be accessed from the public networks, if you've got enough tools and skill.)

      The main issue here seems to be cost. It's not going to be pretty. And it's entirely possible that this network will be more trouble than it's worth.

  3. F. Lee Ermey, "Well...No Sh!t..." by Dolly_Llama · · Score: 5, Funny
    Apparently, the concept is to build a decentralized network so that government officials, academicians, and others can communicate with one another via a technology called "electronic mail." Planned but not yet implemented is a feature whereby entire files can be sent via this "Inter-network." Proponents of the decentralized model tout that communications could be routed around damage in such a network, even perhaps, a nuclear attack!

    In business news, Cisco Systems stock [CSCO] rose 60% today.

    Thank god for USA Today: America's Pravda

    --

    Somewhere, something incredible is waiting to be known. -- Carl Sagan

  4. This is the dumbest thing I've ever heard of by JoeShmoe · · Score: 5, Insightful

    This is our government's security expert? This is his big plan to keep government data safe?

    The Internet is everywhere. It's so purvasive that there is zero chance you can have any isolated network. The second some low-level government flunkie at the Bureau of Railroad Employee Retirement signed onto AOL to check his e-mail, boom, there's a gateway.

    My thinking is that they plan to use GOVNET as an excuse to be lazy. Everything will have minimal authentication because there's no way big bad hackers can get on the network, right? Except that any PC on the network can easily become a gateway. There are plenty of examples of "private" and "secure" networks that were breached through classic hacking techniques like social engineering and wardialing.

    This is stupid. What bout PPTP/VPN? Why can't they just make a virtual network that runs over the Internet like every other business is doing? The infrastructure costs are minimal because you aren't running redundant wiring. It's just as secure, in fact, it's more secure because you are going to be extra paranoid about things like password schemes and encryption levels if it has to survive some public data transfer points.

    A few years ago, AOL tried to market this to companies. They called it EOL for Enterprise OnLine. Basically, for a fixed fee per user, all your employees got AOL accounts and access to a private keyword with your company's Intranet.

    Except no one but Century21 ever signed up, as I suspect they got a good deal for being a test case. No one saw the point when security, done properly, is going to produce a much more versitile and cheaper result.

    To make an analogy, this guys is suggesting that every government office get a tin can and a string so that they can communicate securely because there's alwaye the potential for someone to tap the phone lines.

    Re-freakin-diculous.

    - JoeShmoe

    --
    -- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
  5. The goverment needs network security, too by dillon_rinker · · Score: 4, Insightful

    Whatever happened to government not being above the people?

    Nice troll. I suppose suppose you think that the government should allow us all into their LANs - firewall separate the people from the government. And they shouldn't use private WAN links - they should transmit all their packets on public internet (and no VPNs!). Nor should they use encryption - that's just another barrier between the people and the information.

    Come on, we're not talking about hiding stuff that's not already (theoretically) hidden. We're talking about basic security. I'd be shot if I seriously proposed to my employer any of those tongue-in-cheek items in my first paragraph - and we're a private firm. You don't let just anybody look at you're business. "But we're the people," you cry. "We have a right!" So you do. Consider the privacy implications of unsecured governmental communications. The feds have HUGE amounts of information about the citizenry, and I think that info should be secured from the likes of J. Random Cracker. Whether or not the government should have all that info is a question for another day, but surely they should secure what they have.

    If you want to know what the government knows, use FOIA. Consider it a public interface; don't worry about the implementation details. Use your vote to eliminate bad implementors. encourage investigative journalism. Demand accountability in recordskeeping - make Ollie North a traitor. But for heaven's sake, don't be so pigheaded as to think that we should take phones out of government offices because ureaucrats use them to have point-to-point, uneavesdropped conversations.

    P.S. I'll bet some proactive GS IT types are using current events to finally get some long-needed network security into place.

  6. Re:You have never worked in corporate have you ? by cnkeller · · Score: 4, Insightful
    I just think it's impossible to prevent crossovers between GOVNET/Internet because users are going to balk at having two boxes on their desk. Someone, somewhere is going to present a business case for Internet access (how are the GOVNET techies supposed to download drivers unless everything is mirrored internally?)

    This is exactly how intelink (the classified version of in the internet) works dude. It is secure, guess why, because it ain't connected to the internet. You don't get access to it unless you need to have it. Sure you can tap the cable somewhere or steal sensitive info from work and post it on Yahoo. But assuming your a hacker not a traitor, good luck breaking in. I'm sure it's possible, though in the years I worked at NSA/DoD I never heard of someone hacking it.

    You want to use the internet from your desk? Tough. You sign up, get permission and walk to a room where unclassfied internet exists. You want the latest device driver? You submit a request, it's downloaded a day or so later, virus scanned, logged in a file, and given to you on a floppy or internal ftp site. Last year I posted a length article on slashdot about pros and cons of working for the classified government. No net access was a big minus. Every friday, someone was nice enough to import Linux weekly news in it's entirety and post it. That's how I got my linux news at work. Note that NSA is working with VMware on a solution to provide internet access and classified access on the same desktop; not sure it will ever happen. Anyway, just some insight from someone who has been there and done that.

    --

    there are no stupid questions, but there are a lot of inquisitive idiots

  7. Nothing New by nathanm · · Score: 4, Informative
    The US gov't already has worldwide networks that aren't connected at all to the internet, at least in DOD.

    In the US Air Force, they refer to the internet as NIPRNET (Non-secure IP Router Network). Only unclassified info is sent across it, and sensitive unclassified or privacy act info is restricted to .mil or .gov users only.

    The other network is called SIPRNET (Secret IP Router Network). On military installations its conduit is encased in concrete, junction boxes are alarmed, & cable drops are only in secure areas. Off the installations it's encrypted. I imagine the encryption is pretty strong since NSA designs the algorithms.

    For more info check out these AF regulations:

    AFI 33-202: Computer Security

    AFMAN 33-221: Computer Security: Protected Distribution Systems (PDS)