Slashdot Mirror

← Back to Stories (view on slashdot.org)

Federal Cyberspace Policy Draft Released

Posted by timothy on from the left-hand-meet-right-hand dept.

mh_cryptonomicon writes "The initial public draft of the National Strategy for Securing Cyberspace was released today. This document outlines the Administration's plan for ensuring that the Net remains a 'good neighborhood.' Following the release of the plan, the Administration's Cybersecurity team will take it on the road for discussions with the people about what can and should be done to protect and defend the net. More information (and the 65 page draft) can be downloaded from the White House's Critical Infrastructure Protection site. This draft is considerably smaller than the 3300 page monster it was reported as being. Commentary is starting to pop up everywhere, including www.cryptonomicon.net/blog/."

11 of 187 comments (clear)

  1. Pretty Decent NY Times Article by Over_and_Done · · Score: 5, Informative

    Good article about it here. Don't worry, this is the printer friendly version, so you don't have to register.

  2. They're going to put this on a political road shw? by tcd004 · · Score: 5, Insightful

    Come on. No true thourough review will come from having "town meetings." This is just a public stunt to make people feel like they have input in drafting the policy. My bet is that this thing is already signed-sealed and delivered.

    If they really wanted a quality review they'd submit it to 20-30 different universities, think tanks and businesses and individuals who are integral to studying the internet. By doing reviews in a "town meeting" format, they might as well just put it on a call in talk show and have the callers "draft" the policy.

    I don't mean to put down the quality of input that ordinary "citizens" can add to this policy, a town hall is just not the way to do it.

    hrumph.

    tcd004

    Read Richard Gere's Ass Zoo, really

  3. Re:slashdot slams whitehouse by cosmosis · · Score: 5, Insightful

    Well, in the original Press release, and because one of its chief architects is an ex-M$ employee, the "secure Computing" initation, TCPA, and Palladium are sprinkled generously throughout the document. This is scary, when the federal goverment is serious consdiering M$ Palladium as the legally protocol for all computing within US borders in the future. Imagine, DRM become a legal mandate to "protect us from terrorism" and in turn Hollywood will get everything they want along the way. We all know full well how dangerous and restricting Palladium can and most likely be if it ever becomes the standard - open and free computing will end. If this happens, time to move out of the US where I can exercise my right to freely compute on the computer of my choice.

    I don't know about you all, but I'm completely sic and tired of the "war on terror" being used by big gov/big business to get everythng they ever wanted at the expense of everyone else.

    --
    www.enthea.org
  4. Re:They're going to put this on a political road s by Winged+Cat · · Score: 5, Informative

    Yeah, that was my impression, too:

    "'Discussion'. Yeah. Right."

    Still, from what I've heard of the plan, it's not too bad. Main points seem to be primarily relying on increased security awareness (come on, sysadmins of the clueless newbies, admit it: you've wished, at least once, that all new users of the chunk of the 'Net you control would have to get some decent training about what a virus is and how not to get one - well, that's about what they're advocating) and reliability rather than monitoring (not "scan all the traffic looking for something nasty" but "lock down the ports so nasty things don't happen" - i.e., prevention).

  5. Re:65 pages? by Skapare · · Score: 5, Funny

    Don't worry, the net will be safe for the next 10-15 minutes while all the hackers go get their laughs.

    --
    now we need to go OSS in diesel cars
  6. What the government can do by xlation · · Score: 5, Insightful
    The document says in part tha the Federal government can help to "empower Americans" to protect cyberspace by:
    1. raising awareness
    2. sharing information about vulnerabilities and solutions
    3. fostering partnerships with and among private sector groups, and others
    4. stimulating improvements in technology
    5. increasing the number of skilled personnel investigating and prosecuting cybercrime
    6. protecting Federal computers
    7. promoting increased security for the networks upon which the economy and national security depend.

    It seems that for cyberspace, as for species, the best protection is in diversity. The email worms thrive not only because Outlook is flawed, but because outlook is everywhere. The same concept applies to hardware from chips to the backbone as well.

    If anything, the Gov't should play a roll as a supporter of open standards, limited patent abuse and, for starters, fixing or flushing the DMCA

  7. Good neighborhood = net CC&R's? by gentlewizard · · Score: 5, Insightful

    I read the words "good neighborhood" and started to seriously worry. All the "good neighborhood" attempts I've seen in the past were implemented by ruthless Neighborhood Associations, complete with Codes, Covenants and Restrictions (CC&R's) attached to the land. Buy a lot in the "neighborhood," you're legally obligated to follow the CC&R's. Most of which seem to have something to do with what color paint you can paint your house, whether you're allowed to have a basketball hoop out front, or whether the garage door can be open at times other than when you're actually moving a car in or out.

    Do we really want the whole Internet to be one big anal-retentive "good neigborhood" controlled by an equally anal-retentive Neighborhood Association?

    The reason for this approach is not only obvious, but it's the same reason CC&R's are created. Property values. CC&R's protect the property value, not the human values of living there. They elevate the property above the people. This sounds like the same thing to me, elevating the property values of commercial entities over the human values of the average person who is using the 'net.

    1. Re:Good neighborhood = net CC&R's? by Matey-O · · Score: 4, Insightful
      The reason for this approach is not only obvious, but it's the same reason CC&R's are created. Property values.
      I've got a different, less pessimistic, view of HOAs, It might even extend to the 'good neighborhood' that's being proposed by this draft.

      Perhaps I'm a happy sheeple, but I don't find my CC&R's particularly draconian, nor do I find them elevating $tuff over people. The homebuilder offered one of 7 floor plans with one of 12 color schemes. If I didn't like that, I didn't have to buy the product. If there are restrictions in place to prevent my NEIGHBOR from affecting the value of my property, that's good too.

      My CC&R's, loosely paraphrased, state that I need to keep the property up and maintained. I don't see a problem with that as I have a vested interest in keeping that property in good shape.

      Now flip a coin and talk about the Internet(tm). I have NO qualms with maintaining a good network infrastructure (Firewall, Virus scanning) because if I and my neighbors are compelled to do so, the Network (neighborhood) as a whole benefits from it.

      That doesn't sound like such a bad idea to me.
      --
      "Draco dormiens nunquam titillandus."
  8. How to tell if it's serious, or just more wonkage by ethereal · · Score: 5, Insightful
    • Do they take software makers to task for poor quality software and/or insecure software which create the majority of security expenses for industry and the government?
    • Do they demand more accountability from software vendors for these flaws, including potentially requiring opening specs or even source code up for inspection before using the software in mission-critical systems?

    A news report that I saw yesterday, prior to the final document release, seemed to indicate that this report does not take insecure software makers to task for their role in the security crisis. If the final draft of the document keeps the kid gloves on like that, then I don't think this is going to be a very useful starting point for the government.

    Probably the single best thing the government could do would be to set up strong security requirements for software used by any federal government branch, and enforce those requirements. Setting a high standard would force vendors to get a clue if they want to sell to the federal market, and as a by-product consumer and business software would get some help as well.

    --

    Your right to not believe: Americans United for Separation of Church and

  9. Amusing quote from the Cryptonomicon Blog by caferace · · Score: 5, Funny
    "One of the most annoying features of Outlook Express is that it's default settings make it disgustingly easy for email to travel via email messages."

    Well, despite all it's security holes, I'd gather this was pretty important from a design standpoint. :)

  10. Freaking busybodies... by tlambert · · Score: 5, Funny

    Freaking busybodies...

    I will put my router up on cinderblocks in my front yard if I damn well want to...

    -- Terry