Slashdot Mirror
Bush Wants an Unhackable Private Network
Slur points out an article at the New York Times which says that the "Bush administration is considering the creation of a secure new government communications network separate from the Internet that would be less vulnerable to attack and efforts to disrupt critical federal activities," writing "It seems to me money would be better spent getting the next-generation Internet going, for the government to fund more of the existing research and standards boards to create protocols that are invulnerable to the kinds of attacks the government seems to fear, namely massive DOS attacks. Or is there something else a 'net terrorist' could do to 'disrupt the vital flow of information'?" Isn't hard-to-disrupt communication the reason that DARPA got involved in this "Internet" business anyhow? Update: 11/19 22:48 GMT by T : This was mentioned before a little while ago when USA Today wrote about the same concept, but apparently a Digital Pearl Harbor is still being flogged.
One more person who says they invented the internet (or in this case, the Neo-Internet)
Do I need to say that the only network that can't be hacked is the network isn't connected to anything? All this will be doing is creating a new challenge for a new generation of hackers and crakers. But then again, it will result in some interesting technological develpments, so I can think of things that could be worse wastes of taxes.
Sleep is for the weak!
:Isn't hard-to-disrupt communication the reason that DARPA got involved in this "Internet" business anyhow?
Yup
It seems to me this would evolve just the way the Internet did before; it would at first be used just by government agencies, next given to the large defense contractors, eventually adopted by the research universities, and then swallowed whole by Joe Public. This, IMHO, is the best way to get the next-gen Internet.
The problem is that much of the 'vital information' in today's society flows over the public internet - by definition. Sure, take military command and control comms out of band - that makes perfect sense anyway, which is probably why there are several separate, highly secure military and governmental IP internetworks that are supposed to be completely separate from the public Net. (Although, as Bruce Schnier points out in the latest Cryptogram, ILoveYou made it onto the 'secure' network within 48 hours...
"None are more hopelessly enslaved than those who falsely believe they are free." -- Goethe
What he's asking for is like asking for poison-free food. Sure, the ovens can be locked and the food can be tested over and over, but the cook is still there.
The only concievable way to do this is to either:
a) Eliminate Government Data Access to All But the Highest Officials (which still poses the same problem, in theory) or
b) Eliminate the network altogether.
Bush is asking for something that isn't possible because social engineering and the "inside job" is the oldest way to hack any system of anything. Hacking didn't start with computers, bank vaults, locks, jewelry stashes... they were all done in the past with inside work.
It's impossible because of human error and human presence.
Feel free to hack into my home network. It's IP range is 192.168.0.1 - 192.168.0.13.
Running drywire or some other method of lines as long as they are physically seperated from the rest of the internet (think of the way the bank systems do this via verifone boxes) does make it unhackable and private
Of course, it relies upon physical security and not so much bit-based security. Before flaming our president understand it is a real concept. And I'm sure he has quite a few people that know a lot more than you do on the matter; never try to know everything just know people who do.
Note, he didn't say an "internet based private unhackable network" but a private network. My guess in the private IP range. Considering all the secure channels (via satellite, or some other method of communication) I'm sure that this can easily be achieved. Granted all that, I do think it's a stupid idea... but realistic none-the-less.
Dacels Jewelers can't be trusted.
None of the major backbones are willing to provide IPv6 connections. The U.S. Government contracts out almost all of its long-haul communication requirements. They used to get AT&T to build underground bunkers for them, but now they get nothing. Why not start by requiring IPv6 in all government RFPs/RFQs for long-haul comm? That should provide an instant market to kick-start IPv6, complete with all the security features that have already been designed.
I'd be really interested to know how Mr. Clarke et al are going to come up with believable cost figures for this unhackable network, particularly as what makes a network hackable is NOT so much the routers, bandwidth, etc. as the due diligence done by the managers, which is an ongoing expense. (The exception might be for a physically secure signalling infrastructure... anyone know how to keep a physical network from being blown up or jammed?) But I just don't see how this would hold up in the long run... bad security inevitably drives out good if human operators (and usability drivers) have anything to do with its maintenance. Perhaps the money would indeed be better spent deploying IPv6 on a large scale, which is probably the only way we will see it replace IPv4. Since this network ultimately subsume the existing Internet or be subsumed by it, it seems best to keep this end in mind.
#!
Yes. And the internet itself is hard-to-disrupt.
However, a single server can be the target of an attack, and this is what they want to secure against now. The idea of the internet was to be able to communicate even if lots of nodes failed (i.e. got physically destroyed). The idea was not to secure every single node against destruction. Also note that the internet was designed with physical rather than digital attacks in mind.
The government certainly does have a point here, but I think you can reach security for each individual node only by securing those nodes, not by simply seperating them. How will they make sure that, for example, no email can get in from the internet? Have two computers at each user's desk?
Sig (appended to the end of comments I post, 54 chars)
All it takes is one idiot to install PCAnywhere and throw a dialup modem on their office computer so they can work from home. Or someone who dials out to the net from their office computer and runs something like Go to my PC.
The notion of a secure private network for the government seems like a decent idea. To think that through such a private network we can avoid some sort of internet peral harbor is absurd. Why? Real simple: was the world trade center a government building?
Why would any terrorist waste their time and resources trying to take down the FBI when it could go after banks, airports, power grids, and a whole host of other things that are on the public Internet? All of those things are far more visible and have a far more significant immediate impact on the lives of US citizens. Remember, terrorism isn't about taking out strategic assets, but creating a sense of fear in the every day lives of normal unassuming people.
Now, one might say that the answer to this quandry is to put corporations on that network. Of course then you are expanding the base of users and increasing the likelyhood that a few terrorists (or those easily bribed or fooled by them) will be able to breach that network. I suspect that even putting large swaths of the government on that network already risks that compromise within the government itself but that just amplifies it.
Why don't we take that money and put it into developing policies and technologies that will make the current networks more secure? I know that this doesn't look as impressive to the public, but in the long run it will probably do more to prevent an Internet Perl Harbor.
This sig has been temporarily disconnected or is no longer in service
Building a private network isn't a big deal. I think the government could build an encrypted WAN without much effort. I think the biggest challenge to security is going to be on the physical front... meaning that every piece of network equipment must be in a secure location. This includes every router and bridge in every network shack along the WAN lines. Wouldn't want any 1337 hax0r5 to come along with a patch cable and bring down the government network. Since guarding every inch of wire is impossible, point to point connections must be made with fiber line so it can't be tapped like copper.
None of this even begins to consider the physical local machine security... government workers shouldn't be alowed to bring any media from home, no incoming modem lines, etc.
Lots to think about. If GB wants to cut me a check, I'll begin the engineering work tomorrow.
Skiers and Riders -- http://www.snowjournal.com
Well, since the intent is to physically separate this network from other networks, it would indeed not by "hackable" by the common definition fo the term. The only way to penetrate it would be to breach the physical security (i.e. break into a building and tap a cable), which is more "breaking and entering" than "hacking."
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
The problem is that open networks evolve so much faster than closed, secure networks, that users become frustrated with the later and start moving files surrepticiously between them. Thats what Prof Deutch of MIT did while head of the CIA and Wenho Lee of Los Alamos.
The only concievable way to do this is to either:
a) Eliminate Government Data Access to All But the Highest Officials (which still poses the same problem, in theory) or
b) Eliminate the network altogether.
We already went down this path with the CIA and NSA. Turning to more hardware meant that we were less adapatable, and missed more things.
While people will always be the weak link of any network, and inside access the way to defeat security, this does not mean that it is unwise to trust people.
Instead, we should make security transparent and easy to use, and learn from our mistakes.
This is the lesson of open source - the security actually increases as the number of eyes peering at the code increases. Dependence on the technology ignores the fact that someone has to see the data at the beginning and end of the process.
-
--- Will in Seattle - What are you doing to fight the War?
Even with a private network that isn't connected to the Internet, there is still at least one big security issue: A false sense of security. Government employees may think that because their private network is so secure and separate from the big bad Internet, they can relax and give computer security a low priority. What most folks don't understand is that computers are like any machine: They require constant maintainence for reliable operation. Security is a large part of that maintainence, and cannot be set aside while other things take place. On the contrary, security must proactively be part of everything that goes on in a computer and network. This is partly why a false sense of security is dangerous.
Besides, intruders could still access the network through such techniques as war-dialing, to name one example off the top of my head.
first of all nothing is unhackable. Second they're talking about setting up a seperate wan for just the government. If just ONE computer on that network is also connected to the real internet, then someone can get in. If none of the computers on that network are connected to the internet, then government employees will be very unhappy at work. Hence, another waste of money.
The GeekNights podcast is going strong. Listen!
And I'm saying, and Bruce Schneier is saying, for that matter George Bush is saying that we're not talking about four computers and a hub. We're talking about a relatively large network of computers, pretty much all of which are likely to have floppy drives, network cards, modems, and various connector ports. You might be able to guarantee that the hardware is minimally secure -- take out the modem, ban use of the floppy drive, etc -- but I can absolutely guarantee that you can't get the users to be 100% vigilant about never transferring data to & from the open public internet, and that only has to happen once to violate the integrity of this so called isolated network. Your reduction to absurdity is, as advertised, absurd.
DO NOT LEAVE IT IS NOT REAL
KG-84
Secure telephones
The NSA has some really smart people to rip this stuff apart and certify it to be secure before it goes into production. These products are usually designed to a higher standard than software programmed by people in their spare time or microsoft.
Remeber JINTACCS? I doubt it, it was a messageing system, actualy kinda like XML. It allow an Army soldier to do things like call it Naval gunfire. On the lowest level it was a fill in the blank paper, then read over voice radios, at the higher levels a computerized intercomunications protocol.
Actualy it was a good system, not perfect but good, but it was murdered. They did this by teaching it. They didn't start with the easiest and work to the hardest, they tought the hardest first so the average pvt Joe Snuffy got hopelessly lost. They actualy tought me how to report the laying of a naval mine field, I was in an light infantry organisation at the time, that report was for Naval ships Captains. This happened because the middle management types realy didn't want to lose their turf. I think the same thing is going to happen here.
To us its easy, blow some fiber, install some routers between facilities, gateway to some secure sattalites and maybe change the networking code enough to make the civilian stuff incompatable. Add in an armor plated authetication, distr the software to authorized users and your done right? Well the Army won't like working with the Marines, DOD won't like working with DOJ, and Intell won't even like working with themselves.
The only good thing I see from this is sonner or later some of the reasearch is going to trickle down to us and be usefull.
Apocalypse Cancelled, Sorry, No Ticket Refunds