Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bush Wants an Unhackable Private Network

Posted by ryuzaki0 on from the and-i-want-a-cute-smart-girl dept.

Slur points out an article at the New York Times which says that the "Bush administration is considering the creation of a secure new government communications network separate from the Internet that would be less vulnerable to attack and efforts to disrupt critical federal activities," writing "It seems to me money would be better spent getting the next-generation Internet going, for the government to fund more of the existing research and standards boards to create protocols that are invulnerable to the kinds of attacks the government seems to fear, namely massive DOS attacks. Or is there something else a 'net terrorist' could do to 'disrupt the vital flow of information'?" Isn't hard-to-disrupt communication the reason that DARPA got involved in this "Internet" business anyhow? Update: 11/19 22:48 GMT by T : This was mentioned before a little while ago when USA Today wrote about the same concept, but apparently a Digital Pearl Harbor is still being flogged.

8 of 365 comments (clear)

  1. GOVNET analysis from Bruce Schneier by st.+augustine · · Score: 5, Informative

    Bruce Schneier has an informative story about this in the November 15 CRYPTO-GRAM, including some of the pros and cons. Basically, he says it would be better than what they have now, but still not all that great (he points out that the government already has several separate, secure internets, for various purposes, and they were still infected by Melissa and LoveLetter). And that this is one of the few cases where security and convenience might really be inversely proportional.

    --

    -- Some things are to be believed, though not susceptible to rational proof.
    1. Re:GOVNET analysis from Bruce Schneier by Philbert+Desenex · · Score: 5, Interesting

      the government already has several separate, secure internets, for various purposes, and they were still infected by Melissa and LoveLetter

      Now that's something we didn't see on C|Net.

      I worked in the aerospace industry from '86 to '92. Every big defence contractor had one or more classified IP networks. Unfortunately, the security measures imposed were sort of stupid: the ethernet cables of the classified net had to be at least so many feet from a phone line (they were worried that induced voltages from ethernet would allow someone on the phone to "tap" the classified net), keyboards attached to computers attached to the classified net couldn't be traded out to unclassified areas, and had to be elaborately destroyed when they broke. At the same time, you could walk through checkpoints with pockets full of floppies.

      It was as if a Korean War Drill Instructor dreamed up ways to actually impede using the classified network, but at the same time allow (possibly) classified information in and out of the building.

  2. Already exist by firewort · · Score: 5, Informative

    Bush may not know it, but these already exist in the form of SIPRNET, and INTELNET.

    SIPRNET

    SECRET INTERNET PROTOCOL ROUTER NETWORK

    SIPRNET will replace the DSNET-1 during the migration to DISN. It operates at the SECRET Collateral level and can interface with the TROJAN network. It provides higher and selectable data rates at a much lower O&M recurring cost. Inter-site data rates are 512 Kbps and in some cases T-1. Users can connect to the network at selectable data rates that meet the need.

    INTELNET

    NAVAL INTELLIGENCE COMMUNICATIONS SYSTEM

    The NICS is designed to consolidate Naval Intelligence communications systems. The system has three parts. INTELCAST plan calls for each FOCIC or Facility to consolidate up to 12 different message traffic circuits, including OPINTEL, MUSIC, FIST, and DODIIS through INTELDATA extended in an SCI LAN Extension and Stand Alone capability configuration. The SCI LAN encompasses a full suite of SOCRATES equipment, including workstations, secondary imagery dissemination systems, and a mapping and graphics capability. The Stand Alone capability provides a workstation with tailored data bases specific to unit operational orientation. Stand Alone capabilities are being provided to Guard and Reserve units as well as to certain active, lower-echelon units.

    NIPRNET

    UNIFORM INTERNET PROTOCOL ROUTER NETWORK

    The NIPRNET is the consolidation of several service/agencies networks (AFNET, NAVNET, MILNET) with common protocols and standards. It is a product of the DISN near Term Program, which sought a reduction in cost of operation through interoperability and standardization. Connectivity over high-speed trunking is supported by the NIPRNET. It operates at the unclassified level, while the SIPRNET supports classified networks in a similar manner.

    --

  3. In the beginning by Dirk+Pitt · · Score: 5, Insightful
    It seems to me money would be better spent getting the next-generation Internet going


    It seems to me this would evolve just the way the Internet did before; it would at first be used just by government agencies, next given to the large defense contractors, eventually adopted by the research universities, and then swallowed whole by Joe Public. This, IMHO, is the best way to get the next-gen Internet.

  4. There are Always Inside Jobs by Ieshan · · Score: 5, Insightful

    What he's asking for is like asking for poison-free food. Sure, the ovens can be locked and the food can be tested over and over, but the cook is still there.

    The only concievable way to do this is to either:

    a) Eliminate Government Data Access to All But the Highest Officials (which still poses the same problem, in theory) or
    b) Eliminate the network altogether.

    Bush is asking for something that isn't possible because social engineering and the "inside job" is the oldest way to hack any system of anything. Hacking didn't start with computers, bank vaults, locks, jewelry stashes... they were all done in the past with inside work.

    It's impossible because of human error and human presence.

  5. Great opportunity by ez76 · · Score: 5, Funny

    Perhaps in the spirit of bipartisan cooperation, he could contract Al Gore to invent one?

  6. Fear the Backhoe by The+Dev · · Score: 5, Funny

    If the current telco and internet infrastructure is any example, their efforts will do no good. A dozen terrorists with rented (or commandeered) backhoes in select locations could cause massive disruptions in the Internet (and therefore the economy). Miss Utility could even be an unwitting accomplice.

    Don't even start with "physical diversity blah blah blah". The fact that your physically diverse circuits aren't has been proven time and again by the mighty backhoe/flaming hazmat car/junior achiever.

    Of course some improvements to BGP wouldn't hurt either.

  7. Re:answer Re:question by man_ls · · Score: 5, Interesting

    According to The American Institute of Physics in their Physical Review Letters journal article "Resilience of the Internet to random breakdowns" (19 Oct 2000) [a copy of this article is available in .pdf from my personal web page on the left side bar for your reading pleasure.] stated that the Internet could lose 99% of its nodes, and still maintain routability. The content lost in those 99% of nodes is another matter, but the Internet would not segment until over 99% of the routing nodes were removed. That's pretty impressive.