White House Declassifies Outline of Cybersecurity Plans

An anonymous reader writes "The Obama administration on Tuesday declassified part of the Comprehensive National Cybersecurity Initiative created during the Bush administration, outlining offensive and defensive strategies for protecting information networks. The initiative was originally intended to unify efforts of a number of government agencies into a comprehensive strategy to protect the nation's computer networks. 'One area in which the government did officially disclose new details was Einstein 3, a program to protect civilian government systems from intrusion by deploying sensors on the networks of private telecommunications companies. For the first time, the government disclosed officially that the program would use technology developed by the NSA, the nation's largest intelligence agency. It also said that the Department of Homeland Security, which would run the program, would share malicious code data with the NSA but not the content of communications, such as e-mails.'"

read the solution is here

[viralMeme]

"To strengthen the future cybersecurity environment by .. working to define and develop strategies to deter hostile or malicious activity in cyberspace"

How about designing an Operating System that strictly differenciates between code and data - and don't download code from the Internet, except from a well defined whitelist of known secure and verified sources. And don't allow the excecution of code by clicking on a URL or opening an email attachment.

"The EINSTEIN 2 capability enables analysis of network flow information to identify potential malicious activity while conducting automatic full packet inspection of traffic entering or exiting U.S. Government networks for malicious activity using signature-based intrusion detection technology"

Except enumerating badness is a bad idea, and if the computers didn't arbiterarly execute code coming in off the Internet then you wouldn't need to analysis of network flow of information. Such a monitoring system itself being open to abuse. Your one stop shop to hacking the entire grid.

Get A Clue Please

Maybe you've been living under a rock the last 10 years, or you are just willfilly being ignorant, but the fact of the matter is that these threats are real, and they are ongoing.

I love how the slashtards think the government is just making this shit up for their own benefit, as if China, Russia, and other US adversaries aren't basically broadcasting their intentions and advertise their espionage plans.

Seriously, just read up a bit before spouting such misinformed nonsense. Moderators, please do your jobs.

Re:Get A Clue Please

[ka9dgx]

Yes, the threats are real, but the solution that the "Cyber Warriors" came up with is crap. A much better solution than working around all the holes and patching them quicker is to simply rip out a bad design and replace it with a better one. Its not easy changing everyones OS, but it's cheaper in the long run.

Re:Get A Clue Please

[Kiaser+Zohsay]

Its not just the slashtards. Ryan Singel at Wired was spouting this exact same gibberish just two days ago. Of course, these are the same people who are in denial of the Brazilian power grid attacks.

The idea that the US Government would fabricate information to justify a corrupt agenda is ridiculous.

The nerve of some people.

Re:Get A Clue Please

[AP31R0N]

As 2003 unfolded i often wondered if the left would have been so cynical and vehemently opposed to overthrowing Saddam if Clinton or Gore had ordered it. What would take the place of "no blood for oil" or "Bush == Hitler"? Would they have drawn Hitler mustaches on Gore's face? Or would they have seen that the UN inspections, no fly/drive zones and sanctions were about to end and realized that Saddam would have gone right back to producing WMDs, brutalizing his own people and invading his neighbors? Followed by another 30 years of that from his sons.

Clinton didn't care about the Iraqi people or what Saddam had done or would do. That's clear from the evidence of him doing virtually nothing. But we can only guess what Gore would have done. i voted for both of them, but would have been disappointed in him if he let Saddam stay in power.

Re:Get A Clue Please

[morgauxo]

Go to a typical hospital. Count the number of life critical monitoring equipment is running old unpatched copies of XP and connecting to easily broken WEP encrypted networks.

How many financial transactions take place at ATMs loaded with Windows 2000? How many banks have crappy, poorly written ASP.NET websites.

How about all those malware filled crusty old porn surfing boxes that manage our power grid in their spare time?

Yes, there is a problem. We are vulnerable and something bad will someday happen. However, nothing our government is going to do is going to help. What's necessary is for the people to demand better from the hospitals, banks, power companies etc... which implement this crap. That isn't going to happen. The people don't understand, don't care and don't want to.

Meanwhile what is some government agent reading my email going to do to help? Our government has a horrible track record on privacy and lately even on basic human rights in general. On top of this, all three branches and both parties are in the pockets of media executives who admittedly do have some legitimate points about their property being stolen but would like to take things way beyond protecting what is truly theirs and eliminate fair use while closing off media to any potential competitors.

Protect the internet, protect free speech. Keep the government out.

Re:Get A Clue Please

[morgauxo]

I don't know about Clinton but I bet the Iraq war would be much more popular overnight if the current president came out in favor of it. His followers seem capable of swallowing anything he excretes.

I agree that Clinton didn't care about the Iraqi people, or, more accurately he didn't do anything to show it if he did. But then he wasn't president of Iraq was he, he was president of the US.

I honestly think Bush cared even less though. Bush never claimed he sent our troops to save the Iraqi people. He said he did it to save the rest of the middle east (I read that as Israel) from Saddam's WMDs. This would be all fine and good if his intel claiming Saddam had WMDs wasn't so questionable. One could argue he acted on wrong intel but even before the first bomb was dropped it was apparent that the information and the source were very questionable at best.

Now, when we attacked Iraq, I must admit I was happy about it. I for one expected a quick victory and a better world with one less dictator regardless of whether or not there really were WMDs. It didn't turn out that way though did it?

Next up in this story is Halliburton. All that money was funneled to Dick Cheney's friends while both our own troops and the Iraqi people suffered even more than they did with their mad dictator. Do I really have to go into the stories about parents scraping up change to buy their soldier kids the armor they were not supplied while Halliburton execs threw big parties and took home huge bonuses at our expense? Are the lights on 24/7 in Baghdad even now?

Now it is 2010. 2010!!! and the war continues. Did Bush know that once Saddam was gone Iraq would become the haven of so many insane terrorist types? Did he know that it would create an environment that converts more over to the terrorist side? Did he understand the ethnic tensions that lied dormant, suppressed by the terror of an evil dictator that would resurface once he was gone?

I for one supported the war at the start. I expect better of a leader in a position like president of the United States. If he didn't, he should have understood the area better and realized what would really happen. If he did realize and he decided to go anyway... well... let's hope his dead are waiting for him when he gets there.

Old news

[Kiaser+Zohsay]

It also said that the Department of Homeland Security, which would run the program, would share malicious code data with the NSA but not the content of communications, such as e-mails.

... because they already have that from the network providers.

Slippery slope

[MobyDisk]

I think this is the most obvious example of a slippery slope that I've ever heard. The government is going to install devices that can intercept communications, and promise not to use it. Pardon me while I go beat myself over the head repeatedly. I need to lose at least another 30 IQ points before I can continue to live in this country.

It also said that the Department of Homeland Security, which would run the program, would share malicious code data with the NSA but not the content of communications, such as e-mails

Defense: a legitimate government power, right?

If your neighbor is worried about the Red Menace, he might be inclined to put a ABM launch site in his backyard, or even ICBMs as deterrent force.

You probably don't want that.

There are some very good reasons for centralizing physical warfare under a single political authority. It's not just that the constitution says this is a federal executive job (i.e. not something you leave to the states or the people); it's a good idea. If it weren't in the constitution already, I think almost all people would support an amendment making it so.

But even so, there are limits to that. There's no legitimate reason the federal government should be able to have any sort of authority at all, over whether or not people are allowed to build bomb shelters. A bomb shelter isn't a particularly good way to deal with the threat of nuclear holocaust (the best thing to do, is persuade the Russkies to not attack in the first place), but it doesn't really endanger your neighbors or usurp the president's negotiating power.

The same applies even to 18th century threats. If your neighbor is worried that the Brits might try to retake the colonies, it's ok for him to stock up on musket ammunition, but that's not really a good solution either. You want a single political entity to deal with the Brits, hopefully at a point long before anyone has to worry about redcoats marching through their farms.

With cybersecurity, the situation is pretty different. The analogy to relatively ineffective private bomb shelters and relatively ineffective musket ammunition stockpiles, happens to be the best solution to computer security problems. If you decide to have a policy of not executing malware, you are pretty much invincible except for Denial of Service issues related to overwhelming traffic. (And the private network providers are able to deal with that.)

We don't need any sort of central authority for dealing with computer security. That doesn't mean a central plan would be totally useless, but the payoff is pretty low. A president in charge of cybersecurity is about as an effective solution to cybersecurity, as bomb shelters are an effective solution to nuclear war.

People can already deal with this; they just don't bother to. That's their problem.

Now, TFA is actually not all that stupid-looking. He's mostly talking about the government protecting goverement systems. That's a no-brainer. But we don't need them to protect private networks, and I hope people keep an eye on any bullshit that moves in that direction.

Re:Concerns About Dinner

[girlintraining]

I guess my most major concern about using the Department of Homeland Security is that if anything should go wrong; that it's not during dinner.

And I guess my most major concern about using the Department of Homeland Security is that. They take my nail clippers away because it's a security risk, say I can't wear underwire bras, have closed the bathroom down for most, if not all of the flight (and god help you if you have a feminine issue then) now they want to take high-resolution naked pictures of me and share them with their government buddies, contractors, and basically anyone not me. They can't even handle issues of basic sanitation and common decency -- a problem as I understand has been solved for a few thousand years now. I would go on a feminist rant right about now, but frankly I don't think they're being sexist, just retarded. Unfortunately, retardation isn't curable. But I digress...

The only reason the internet still works at all is because they haven't gotten around to screwing it up -- yet. I can just see it now -- The entire internet has been turned off because a kindergartner in Utah made a drawing that suggested he was going to shoot the president. It was later disclosed that the drawing was of a cat and the sun. And later, mom posts it on the fridge...