Slashdot Mirror

← Back to Stories (view on slashdot.org)

US House Passes P2P Ban On Federal Networks

Posted by Soulskill on from the you-can't-legislate-against-stupid dept.

An anonymous reader writes "Recently, the US House of Representatives passed a bill in an attempt to ban peer-to-peer file-sharing applications on federal computers and networks. Similar bills have been proposed before, apparently in response to confidential government documents being found on LimeWire. The text of the bill, however, provides a very broad definition of 'peer-to-peer file sharing software,' and may extend to more than they intend (SMB? LDAP?)."

91 comments

  1. How will the government botnets run!?!? by Orga · · Score: 5, Funny

    I think this will greatly hinder our offensive capabilities in a cyberwar

    1. Re:How will the government botnets run!?!? by Anonymous Coward · · Score: 1, Insightful

      Don't worry, federal law is ignored by TLAs left and right. Our safety is secure!

    2. Re:How will the government botnets run!?!? by Ron+Bennett · · Score: 4, Informative

      Nah, the government will just contract that stuff out to the likes of Halliburton and Xe (formerly Blackwater).

      Ron

    3. Re:How will the government botnets run!?!? by Nakor+BlueRider · · Score: 1

      Because the CIA is independent, would this even affect them at all?

    4. Re:How will the government botnets run!?!? by davester666 · · Score: 1

      Next up, a law against hiring stupid people to work for any level of gov't. If we're lucky, they'll word it poorly enough that it will include running in any election.

      --
      Sleep your way to a whiter smile...date a dentist!
    5. Re:How will the government botnets run!?!? by supersat · · Score: 2, Informative

      Government contractors are covered by this bill as well.

  2. Whitelist, not blacklist! by LoudMusic · · Score: 4, Insightful

    This is an issue of what can be installed on federal computers? I believe there should be a list of what is allowed and everything else is disallowed. And NO ONE has admin access to their computer.

    Come on people - federal security! Why the hell are they running MS OSes anyway?

    --
    No sig for you. YOU GET NO SIG!
    1. Re:Whitelist, not blacklist! by cbev · · Score: 1, Funny

      Ever try to write an OS using Ada? You'd spend 14 billion dollars and you might get a functional word processor. Copy and paste would be an extra 2 billion, and double the development time of the project.

    2. Re:Whitelist, not blacklist! by Sir_Lewk · · Score: 5, Funny

      Clearly there are only two options:

      • Use a Microsoft OS.
      • Write your own in Ada.
      --
      "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
    3. Re:Whitelist, not blacklist! by will_die · · Score: 3, Informative

      The US Air Force has this and it is a major pain.
      It use to be that a base could keep its own list and the local people could control it, however a few years ago that was removed and now there is a central office that does all approvals. This office takes an average around 1 year to approve major software releases,aka Microsoft, and if it not then it takes longer.
      However even then it is a people problem, the local base level admin and security people total ignore this and install almost anything they want.

    4. Re:Whitelist, not blacklist! by H0p313ss · · Score: 2, Insightful

      Come on people - federal security! Why the hell are they running MS OSes anyway?

      The answer is yes. Though if you do a full audit I'm sure you'll probably find a working copy of just about every operating system ever developed.

      That being said I'd be very surprised if Windows is anything less than 90% of the market.

      --
      XML is a known as a key material required to create SMD: Software of Mass Destruction
    5. Re:Whitelist, not blacklist! by fuzzyfuzzyfungus · · Score: 2, Insightful

      While I would certainly hope that the fed's IT guys would be on top of their game, the idea of attempting to compile a central list(or, worse, have legislators try to do so) sounds like a 100% assured productivity killer.

      Computer security is, surprise surprise, a technical enterprise(albeit with some organizational dynamics thrown in) WTF is congress doing in there? Should we start holding elections for sysadmins, just to make sure that the will of the people is there to defend the network?

      The idea of a room full of subject-matter nonexperts writing overbroad and dubiously sensible mandates just so that they can describe themselves as "strong on security" makes me throw up in my mouth a little. Hopefully nobody tells them how much "p2p" is going on in a DFS or AFS setup, or a failover system...

    6. Re:Whitelist, not blacklist! by girlintraining · · Score: 1, Insightful

      However even then it is a people problem, the local base level admin and security people total ignore this and install almost anything they want.

      That tends to happen when the chain of command breaks as badly as it has here...

      --
      #fuckbeta #iamslashdot #dicemustdie
    7. Re:Whitelist, not blacklist! by joocemann · · Score: 1

      This is an issue of what can be installed on federal computers? I believe there should be a list of what is allowed and everything else is disallowed. And NO ONE has admin access to their computer.

      Come on people - federal security! Why the hell are they running MS OSes anyway?

      ECHO.

    8. Re:Whitelist, not blacklist! by ShadowRangerRIT · · Score: 2, Informative

      Technically, there are a few Defense Department regs that are supposed to require Ada. "Special" exemptions are granted as a matter of course though.

      --
      $_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
    9. Re:Whitelist, not blacklist! by wsanders · · Score: 1

      That's basically one more rule than what is there now for most employees. I can't speak for all, but my wife works for a federal agency, and she has no control over what happens to her computer. The whole building came in a few months ago, for example, to find they had been upgraded from XP to Windows 7 without any notice. Hilarity ensured! They have been switched back and forth between Exchange and Lotus Notes several times. And I can't send her any email attachments, they are usually and somewhat capriciously blocked.

      In addition, control is from the top down. All email from the hinterland is routed via Washington, where presumably is it examined for evil and then archived forever.

      She was issued a brand new out of the box IBM-branded Palm III in 2005. She finally got a Blackberry two or three years ago.

      And so on, at the whim of whatever contractor they have selected to do IT (most of the federal-employed IT people have been let go and rehired as contractors.)

      --
      Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
    10. Re:Whitelist, not blacklist! by jd · · Score: 1

      You mean Linux isn't written in ADA?
      *ducks*

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    11. Re:Whitelist, not blacklist! by shentino · · Score: 1

      Because Microsoft lobbyists are in bed with congress critters.

    12. Re:Whitelist, not blacklist! by YrWrstNtmr · · Score: 5, Insightful

      I believe there should be a list of what is allowed and everything else is disallowed.

      That's pretty much the way it is. They actually have a pretty secure MS ecosystem. Between DISA, NIST and USAF and Microsoft, they've come up with the Federal Desktop Core Configuration (FDCC) (which is an outgrowth of the USAF 'Standard Desktop Computer' (SDC)).

      Various security settings, GPO's, etc. If you use a standard FDCC image, it is pretty well locked down, AND can be administered from anywhere. Having said that...'locked down' as much as XP or Vista can be. But the VAST majority of users do not need much more than Office and the base OS. No real need for 8 zillion extra little tools, which may or may not have their own vuln's.
      But there is quite a lot on the approved list. Installed on a case by case eval. Wireshark or Firefox, for example. It is up to each department to further refine that list. For instance, the USAF (mostly) bans Firefox in favor of IE7.

      Why the hell are they running MS OSes anyway?

      Changing the US fed govt infrastructure from MS to 'something else', Linux for example, will take an extremely long time, and may well end up worse than it is now. Take the Munich example and multiply the problems by 500. For better or worse, an org of that size can't just switch.

    13. Re:Whitelist, not blacklist! by YrWrstNtmr · · Score: 2, Interesting

      It use to be that a base could keep its own list and the local people could control it,

      Centralized control and admin. Used to be, a base would control its own network. No more. Even your local proxy server is now being admined from elsewhere.

    14. Re:Whitelist, not blacklist! by couchslug · · Score: 1

      They use MSFT OSs to avoid training users,

      FWIW, migration could be as easy as giving the order. When the USAF went from terminals to PCs, it was simply a matter of telling them to adapt.

      --
      "This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
    15. Re:Whitelist, not blacklist! by cnkurzke · · Score: 2, Funny

      Even your local proxy server is now being admined from elsewhere.

      Likely the system administration has been outsourced, and is now run from a CSC guy in Bangalore.

    16. Re:Whitelist, not blacklist! by stonewallred · · Score: 5, Funny

      I went to your link, then went to the FAQ, which sent me back to the patch notes, with a link available for the FAQs, which took me back to the patch notes. If that is the best the federal government can do, I am brushing up on my chinese, russian and arabic, because we are all fucked.

    17. Re:Whitelist, not blacklist! by Bugamn · · Score: 1

      Eccentric Choise for Homogeneous Operators?

    18. Re:Whitelist, not blacklist! by CapOblivious2010 · · Score: 1

      If you use a standard FDCC image, it is pretty well locked down, AND can be administered from anywhere.

      Gee, I can't imagine any problems with that aspect of the situation...

    19. Re:Whitelist, not blacklist! by YrWrstNtmr · · Score: 1

      Gee, I can't imagine any problems with that aspect of the situation...

      Anywhere = the next desk over, or 3 states away. The trick is getting inside the network in the first place, and having the correct rights once you are in. If you want to require physical access to do any admin functions, let's go back many years.

    20. Re:Whitelist, not blacklist! by Message · · Score: 1

      We have almost the same problem in the Army... there is a standard approval process that can take months or year to get something approved.. even basic things like a patch... and it doesn't even address things like do I need to get a webpart for SharePoint approved and if so what is someone really checking when it goes through the approval process

      I kind of wish we had centralized censorship... as it is now someone may have access to one post but not another... and who knows when my post will get around to actually following the latest policy on social media... or I love when DoD or HQDA post a link on their website to some URL shortner or file hosting service and the local NEC has it blocked...

    21. Re:Whitelist, not blacklist! by FlyingBishop · · Score: 1

      Changing the US fed govt infrastructure from MS to 'something else', Linux for example, will take an extremely long time, and may well end up worse than it is now.

      That is a problem, and it needs to be addressed. We cannot allow any piece of our infrastructure to be so dependent on a single company, especially not the OS.

    22. Re:Whitelist, not blacklist! by hedwards · · Score: 1

      That's an issue of specifics not approach. They could fix it in a way that works. For instance security patches could get an almost automatic green light. New types of software would take much more scrutiny and ones that were similar to currently approved ones would require somewhat less.

      But really, certain classes of application are just too dangerous and easy to screw up that they should be completely banned from the network. This is one of the rare areas where those stupid palladium chips could be an appropriate part of the solution. Additionally, some things just shouldn't be connected to the internet at all. If you need to do an update of one of those, you can hand carry the discs in after having verified the contents and verify them again on the way out. If it's that secure you kind of need that at minimum.

    23. Re:Whitelist, not blacklist! by Jeian · · Score: 1

      Don't be dense. "Anywhere" being "anywhere that a valid administrative user is logged onto an authenticated machine."

      It becomes a necessity when the helpdesk is located five states away, or on another continent.

    24. Re:Whitelist, not blacklist! by rtb61 · · Score: 1

      Now there is a rock solid example of proprietary lock in, it is too hard to change to something else regardless of whether it is better because the implementation might be worse. Once you get to that stage, the wisest thing to do, is an immediate swap, it breaks the lock in, it provides expertise in system changes and implementation, it breaks all existing security holes and it forces competition in supply contracts.

      As for banning P2P software, that is really pointlessly dumb. Only approved software for specific use at each desktop should be installed, you never have a banned list you only have approved to install for a defined function list. I could bet my bottom dollar that once secure documents that ended up in P2P network lists did not get there by accident but where loaded onto the P2P network on purpose.

      --
      Chaos - everything, everywhere, everywhen
    25. Re:Whitelist, not blacklist! by McGruber · · Score: 3, Insightful

      Come on people - federal security! Why the hell are they running MS OSes anyway?

      I'm a career US federal government employee.

      Right after the then-Governor of Texas became President, my employer (a federal agency) "standardized" on computers from a vendor headquartered in Round Rock, Texas. We were no longer allowed to purchase computers from any other company. This decision was made by a political appointee, appointed by the President.

      Right after the same Administration settled the MS anti-trust suit, our agency "standardized" on MS-Software -- Windows is the only operating session we were allowed to run, our email was moved over to Exchange, our websites were moved to MS-platforms, we were forced to move to only MS applications (Word, Powerpoint, Excel), etc. While this sounds bad, it actually used to be worse - for a while, we could only buy PDAs that ran Windows/CE.

      Although the political appointees who made these choices left in early January 2009, my agency continues to lock more and more of our data into proprietary MS formats - we are now moving as much of our internal data as possible into Sharepoint.

      The current administration seems to be big fans of "the cloud". From where I sit, this means that instead of just overpaying for crappy software and crappy hardware, we are going to start overpaying for crappy network services and the bandwidth to support those services.

    26. Re:Whitelist, not blacklist! by Sulphur · · Score: 1

      Were they ADA up?

    27. Re:Whitelist, not blacklist! by pclminion · · Score: 1

      And NO ONE has admin access to their computer.

      I have another genius idea. The doors to the buildings should be LOCKED at night!

      (You know, the idiom "It goes without saying" is meant to be taken literally.)

    28. Re:Whitelist, not blacklist! by Anonymous Coward · · Score: 0

      This reminds me of a large company I once worked for after having been sucked up in an acquisition. About once a year, usually after some virus outbreak completely unrelated to unapproved third party software, an email would come from the VP of development declaring something like "Only approved applications may be run on any corporate machine - see the list here. If you believe you need other software, contact Ms. Software Cop for consideration in the approved list or so Ms. Software Cop can identify an appropriate substitute approved product".

      My response was always the same. I inventoried the software on my Windows PC and diffed it to the approved list. I of course found all sort of evil unapproved things on my machine (emacs, SysInternals tools, cygwin, Xming, Putty, WinDbg, etc).

      I then sent this list (usually about 25 "free" software products) to Ms. Software Cop along with a short paragraph on each describing what it was, what I used it for, why I selected it over other alternatives, and an overview of the relevant license conditions. Then I asked if I should uninstall all these products -- but that I needed to know in the next three days as I would need to change my schedules to reflect the resulting loss of productivity and delaying the next release was going to be much less painful if done quickly.

      Of course, I wouldn't hear back on my request, so I would begin to nag Ms. Software Cop with emails copied increasingly high on both her and my management chain. This would usually get a response and a phone discussion with Ms. Software Cop . I'd start with emacs - and be informed that the standard "approved" editor (which they paid real money for and I had never heard of - it seems someone thought it was cool because it would highlight C++ keywords and constructs and auto indent - wow!) should be adequate -- at which time I'd look at my .emacs file and innocently inquire about how the approved editor provided something like ediff and how, exactly, I could sort a set or records in it and how, exactly, I could do a global replace using regular expressions picking some part of the matched string as part of the replacement string. Poor Ms. Software Cop had no clue what I was talking about (and it didn't get better when we moved on to X or Putty). Eventually she would decide that she would have to research my list and that I didn't need to uninstall them until she got back to me. Of course, I requested a commitment to when she would get back to me and she would always say in "three weeks" (she seemed to guess my attention span was less than two weeks). I, of course, put an event in my calendar and three weeks and one day later I'd send an email (copied to all the same management folks I had copied the last nag email) noting I'd not heard back and asking if I should now delete the evil software and change my schedules. Of course, again, Ms. Software Cop would say she was still working on it. Then, about every three weeks I'd "rinse and repeat" until I was completely bored with the game (usually about three months of this) and send a final note indicating that since I hadn't heard back, I assumed that my applications were authorized until otherwise notified.

      For some reason, Ms. Software Cop never sent me a holiday card - I was always hurt by that as I was trying so hard to help her do her job.

    29. Re:Whitelist, not blacklist! by gnapster · · Score: 1

      Let's hope the Indian administrators are not using Chinese DNS to access the American proxies!

    30. Re:Whitelist, not blacklist! by grahammm · · Score: 1

      Changing the US fed govt infrastructure from MS to 'something else', Linux for example, will take an extremely long time, and may well end up worse than it is now. Take the Munich example and multiply the problems by 500. For better or worse, an org of that size can't just switch.

      The other question is how did Windows become so entrenched? At one time, nearly all Government computers would have been running IBM's MVS, VM, DOS (the mainframe OS, not PC/MS DOS) etc, CP/M, VMS or some flavour of Unix. For many, especially clerical and 'call centre' like roles, users does a Windows PC offer better productivity and make the job easier than using a 3270 terminal connected to the mainframe to fill in forms and get back the responses.

  3. IT department's nightmare by LostCluster · · Score: 1, Insightful

    People shouldn't be making servers out of their company desktops... it's the nightmare of the IT department to have other departments starting Access databases on their PCs, and then inviting other users to use the file. Eventually this becomes unworkable and the user installs a smaller version of MS-SQL, and then you've got a patching nightmare which leads to a worm and then...

    1. Re:IT department's nightmare by fuzzyfuzzyfungus · · Score: 1

      Sounds like the IT department either needs more power, or someone who knows how to use an SRP...

    2. Re:IT department's nightmare by CharlyFoxtrot · · Score: 1, Insightful

      People shouldn't be making servers out of their company desktops... it's the nightmare of the IT department to have other departments starting Access databases on their PCs, and then inviting other users to use the file. Eventually this becomes unworkable and the user installs a smaller version of MS-SQL, and then you've got a patching nightmare which leads to a worm and then...

      Yeah, but the problem is precisely too much locking down: workers have always tinkered with their tools trying to improve them and the more locked down the environment the more frustrating their experience will likely be. People turn their workstations into servers because the alternatively of wrestling with the company bureaucracy to arrive at an unsatisfactory solution isn't very appealing. It would be better for all involved to provide an easy way for people to do these things in a safe environment where it can be monitored.

      --
      If all else fails, immortality can always be assured by spectacular error.
    3. Re:IT department's nightmare by Anonymous Coward · · Score: 1

      Yeah, but the problem is precisely too much locking down: workers have always tinkered with their tools trying to improve them and the more locked down the environment the more frustrating their experience will likely be. People turn their workstations into servers because the alternatively of wrestling with the company bureaucracy to arrive at an unsatisfactory solution isn't very appealing. It would be better for all involved to provide an easy way for people to do these things in a safe environment where it can be monitored.

      Also it would be even better with a pony.

    4. Re:IT department's nightmare by einhverfr · · Score: 1

      I actually agree with you. However there is a major problem that has to be overcome: folks don't know what they want in advance and the process for getting it all working right later is difficult even if the IT department cooperates fully. Either the IT department is in control of the design of the db needed for some in-house tool or you are stuck back with the idea that folks (with no training in database management, formal or otherwise) are doing their db design in access and then moving the data over to a networked database server like MS SQL or PostgreSQL....

      --

      LedgerSMB: Open source Accounting/ERP
    5. Re:IT department's nightmare by YrWrstNtmr · · Score: 1

      Yeah, but the problem is precisely too much locking down: workers have always tinkered with their tools trying to improve them and the more locked down the environment the more frustrating their experience will likely be.

      Generally, the job is not to dick around with the computer, but rather to produce something using the computer. Read and approve a report, produce a presentation, crunch some numbers in Excel.

      I rail against the lockeddownness too. But in an org of that size, if you give people free reign, some people WILL screw it up. And when your org also contains the DoD, do we really want to allow 'free reign' to install and configure however you want?

    6. Re:IT department's nightmare by demonlapin · · Score: 1

      Free rein. Not normally a grammar nazi, but since the phrase appears to work with either word, I like to keep its origins alive.

  4. Uh Oh by Anonymous Coward · · Score: 0

    Emp. Added

    With Windows XP, you can share files and documents with other users on your computer and with other users on a network. There is a new user interface (UI) named Simple File Sharing and a new Shared Documents feature. This article describes the new file sharing UI and discusses the following topics:

    Get em, DOJ!

    1. Re:Uh Oh by Logic+Worshipper · · Score: 1

      Not when your using active directory. You can't use your desktop to share with other users without the admin's permission.

  5. How am I supposed to patch World of Warcraft?? by Anonymous Coward · · Score: 0

    Now how will I patch World of Wacraft on Federal Networks? Blizzard uses a torrent-based patching system. Won't someone think of the MMRPG players!?

    1. Re:How am I supposed to patch World of Warcraft?? by Anonymous Coward · · Score: 0

      Now how will I patch World of Wacraft on Federal Networks?

      Even better question: why do you even think that you need to?

    2. Re:How am I supposed to patch World of Warcraft?? by Anonymous Coward · · Score: 0, Informative

      Morale reasons buddy! If you're deployed overseas in the military or even as a civilian contractor, there are fairly long periods of time where it can seriously get boring as fuck. I'd rather people blow off some steam in a game (when reasonable) rather than on other people or taxpayer bought materials and equipment. Besides bandwidth is typically cheaper in the long run than injuries, incidents, wastage, and damaged equipment.

    3. Re:How am I supposed to patch World of Warcraft?? by Sloppy · · Score: 1

      Hey, if I'm paying taxes for people to play games on the Social Security mainframe, they damn well be updated games with the latest patches to detect botting. We don't want our civil servants to slack on the job, automatically accruing gold and experience points while they sit back and read a book or something. Earn those achievements, government, or the Tea Party will vote you out!!

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
    4. Re:How am I supposed to patch World of Warcraft?? by matchhead650 · · Score: 2, Interesting

      Personal computer are not allowed on government networks, and you will get caught installing unauthorized software on a government computer. There are plenty of other internet options in the desert though.

  6. Bad law by LordSnooty · · Score: 3, Interesting

    Why is computing subject to such vague law-making, so often? Do other sectors suffer to such a degree? Presumably, government law-drafters will call on experts to clarify finer points. But this often doesn't seem to happen with computing law.

    1. Re:Bad law by Anonymous Coward · · Score: 1, Insightful

      Presumably, government law-drafters will call on experts to clarify finer points.

      You spelled experts wrongs, its spelled lobbyists.

    2. Re:Bad law by Anonymous Coward · · Score: 0

      Why is computing subject to such vague law-making, so often? Do other sectors suffer to such a degree?

      Absolutely. There is no sector of the law where somebody can't find a corner to hang all sorts of absurdity upon. That's why there is the legal code and the case law.

  7. Perfectly reasonable by H0p313ss · · Score: 4, Insightful
    If you read the bill it ONLY refers to OPEN-NETWORK p2p which they define as

    The term ‘open-network’, with respect to software, means a network in which--
    (A) access is granted freely, without limitation or restriction; or
    (B) there are little or no security measures in place.

    What part of this is unreasonable in any controlled environment? Can you think of any corporation that would allow such a thing?

    I wouldn't even let my kids run such a thing.

    N.B. This clearly does not cover things bittorrent since you have to explicitly publish individual files to it.

    --
    XML is a known as a key material required to create SMD: Software of Mass Destruction
    1. Re:Perfectly reasonable by Anonymous Coward · · Score: 0

      Samba (SMB aka Microsoft Networking) qualifies as open-network by this definition.

    2. Re:Perfectly reasonable by mdmkolbe · · Score: 1

      This might be perfectly reasonable, but why does this have to be written into the law? Agency/Department rules seem like a more appropriate way to handle this.

    3. Re:Perfectly reasonable by H0p313ss · · Score: 1

      Samba (SMB aka Microsoft Networking) qualifies as open-network by this definition.

      Samba can be secured. ANY unsecured distributed file system would qualify, any secured one would not.

      --
      XML is a known as a key material required to create SMD: Software of Mass Destruction
    4. Re:Perfectly reasonable by Anonymous Coward · · Score: 0

      That's basically what the law does. In effect it tells the OMB to tell the agencies to deal with the issue.

    5. Re:Perfectly reasonable by BiggerIsBetter · · Score: 1

      I would say it's a reaction to ACTA. They're not an ISP, so have no safe-harbour, and therefore must ban anything like "open" P2P where they could potentially be held responsible.

      --
      Forget thrust, drag, lift and weight. Airplanes fly because of money.
    6. Re:Perfectly reasonable by supersat · · Score: 1

      The Internet is an open network. The SMB/CIFS protocol (which is the basis for Windows file sharing) lets you remotely connect to file shares over the Internet. Sure, most people have file sharing turned off (or at least firewalled), but Windows will still let you shoot yourself in the foot, just like P2P software will.

    7. Re:Perfectly reasonable by Anonymous Coward · · Score: 0

      Read the bill again. It applies to all networks (no restrictions to "open networks" in Sec. 2,) and directs the establishment of procedures for appealing for the use of specific software on open networks, on a case-by-case basis (2.b.)

      The peer-to-peer definition may not apply to LDAP in general, as it concentrates on user-directed retrieval of files (Microsoft's LDAP-based Active Directory is excluded anyway under 4.3.b.iii ). NFS, SMB, FTP, HTTP, and CVS services do fall under the definition. Client-server applications are not inherently excluded, as long as "a compatible program, application, or software" (4.3.A.iii) can be used by the server's user to access or download files. I would expect most web servers in practical use also have a web browser installed.

  8. Completely useless by ZuchinniOne · · Score: 1

    It's really a pity that politician don't think before they pass sweeping laws. As the net continues to grow and the way that we share data changes this law will almost certainly prevent the gov't from being able to do useful things online ... and will need to be adjusted or repealed.

    And how exactly does banning P2P sharing prevent people from leaking classified docs?

    1. Re:Completely useless by skine · · Score: 3, Insightful

      It's also really a pity that Slashdot admins don't think before posing sweeping accusations. As the number of political articles continues to grow and the way we rely on only reading the summary to understand the article almost certainly prevent users from being able to determine what is sensationalized ... and probably won't be adjusted or repealed when proven biased.

  9. Well, after healthcare reform by Anonymous Coward · · Score: 0

    After the debacle with Healthcare Reform does it surprise anyone that Congress would create an overly broad bill to carve out absurdly broad powers?

    *ducks*

  10. Code is Law by spazdor · · Score: 1, Insightful

    Why is this being done as a federal law which regulates network users?

    It seems to me that this is a policy that ought to be enforced by federal government sysadmins on their own networks, rather than by the government legislaors on the users of the network.
    To use Lessig's parlance, this is a job for architecture, not law.

    --
    DRM: Terminator crops for your mind!
    1. Re:Code is Law by DrData99 · · Score: 1

      The way this works in reality (the words are in the bill, but may not be obvious):
      The law instructs OMB to (within 90 days)issue guidance to agencies.
      Agencies then have an additional 90 days to: ...establish or update personal use policies of the agency to be consistent with the guidance issued...
      So congress passes law, OMB translates law into guidance, and agencies develop policies and procedures (architecture if you will).

    2. Re:Code is Law by Anonymous Coward · · Score: 0

      Why in the HELL did we need the law to begin with in this case?

      So they can look like they're "doing something"? Wasn't the healthcare stuff enough damage as it was?

    3. Re:Code is Law by michael_cain · · Score: 1

      Why is this being done as a federal law which regulates network users? It seems to me that this is a policy that ought to be enforced by federal government sysadmins on their own networks...

      In fact, the policy will be enforced by federal government sysadmins. Absent direction, those sysadmins (or their bosses) would be free to establish their own policies, possibly varying wildly from agency to agency, or choose to have none. But the only mechanism Congress can use to establish a single consistent policy is to pass a law. This is fairly routine; Congress passes lots of laws to establish policies for how the government is supposed to operate: document retention, required publication of results, etc, etc, etc.

  11. But everything on the net is peer to peer! by Hurricane78 · · Score: 0, Flamebait

    There are always at least two peers. And one of them, having the port open, is the server. Doesn’t matter if it has a GUI installed or is a laptop.

    So in essence they are banning all connections that have a source and a target ip adress at the same time.

    Wow. EPIC FAIL.

    --
    Any sufficiently advanced intelligence is indistinguishable from stupidity.
    1. Re:But everything on the net is peer to peer! by vux984 · · Score: 2, Insightful

      So in essence they are banning all connections that have a source and a target ip adress at the same time.

      Or you could read the full article, and find out what they are really doing.

      Wow. EPIC FAIL

      So is a snap judgment based on a slashdot headline and reading the first few knee jerk responses.

      Is it a good move by congress? No, not really. But did they really just ban connecting to the office network printer? No.

    2. Re:But everything on the net is peer to peer! by Hurricane78 · · Score: 1

      Only if you interpret things in the same completely wrong and retarded way as those idiots.

      But I bet you also took the units of information from your TV host, and now talk in “libraries of congress” and clogging tubes, while referring to a lone display as “the computer”, because you got no fucking spine to stand by what you know (because you are the expert) is right, right?

      --
      Any sufficiently advanced intelligence is indistinguishable from stupidity.
  12. Lame site... by msauve · · Score: 1

    doesn't show the text in Opera. ( I'll assume it's a site problem, since Opera 10.51 scores perfect on all the acid tests).

    Here's a better one, and official, too.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  13. if wishes were fishes... by Anonymous Coward · · Score: 0

    why not just go all the way and wish for a unicorn while you're at it mr smarty-guy?


    a well-hung unicorn...

    1. Re:if wishes were fishes... by Anonymous Coward · · Score: 0

      one musn't ask for too much

  14. executive branch cant develop its own IT policies? by Anonymous Coward · · Score: 0

    thanks congress. Glad to hear it. You are a big help. Dont know what we would have done.

  15. smb/ldap by datapharmer · · Score: 1

    Well unless they screwed up even more than usual, smb and ldap should be safe as they are server-to-client and not peer-to-peer... I can see this having some rather bad side effects on their network routing setups though.... No more netbios m-node etc.

    --
    Get a web developer
  16. Bill seems to contradict itself by VTEX · · Score: 1
    It appears that this bill is extremely poorly written in how it defines peer-to-peer software:

    From the bill:

    (3) PEER-TO-PEER FILE SHARING SOFTWARE- The term ‘peer-to-peer file sharing software’--
    (A) means a program, application, or software that is commercially marketed or distributed to the public and that enables--
    (i) a file or files on the computer on which such program is installed to be designated as available for searching and copying to one or more other computers;
    (ii) the searching of files on the computer on which such program is installed and the copying of any such file to another computer-- (I) at the initiative of such other computer and without requiring any action by an owner or authorized user of the computer on which such program is installed; and (II) without requiring an owner or authorized user of the computer on which such program is installed to have selected or designated another computer as the recipient of any such file; and
    (iii) an owner or authorized user of the computer on which such program is installed to search files on one or more other computers using the same or a compatible program, application, or software, and copy such files to such owner or user’s computer; and

    (B) does not include a program, application, or software designed primarily--
    (i) to operate as a server that is accessible over the Internet using the Internet Domain Name system;
    (ii) to transmit or receive email messages, instant messaging, real-time audio or video communications, or real-time voice communications; or

    First off, wouldn't "the Internet Domain Name system" include reverse DNS? Secondly, "Peer-to-peer" software is nothing more than machines acting as both "clients" and "servers" and the broadness of what they believe "peer-to-peer" programs are could include public web servers.

  17. The blind man describing the elephant by Anonymous Coward · · Score: 0

    The House of Representatives ? ? ! !

    That collection of dummies isn't smart enough to understand writing a check on an over-drawn bank account is fraud, under what stretch of the imagination are they qualified to define network configurations?

    I'm sure they mean well, but then, so did the 5-yearold who put the cat in the toilet and pushed the flush handle thinking he was helping by giving the cat a bath.

  18. what are ping times like over seas? and WOW may us by Joe+The+Dragon · · Score: 1

    what are ping times like over seas? and WOW may use to much bandwidth to be download big updates like that.

  19. An insider's perspective.. by Anonymous Coward · · Score: 0

    I occasionally work as a lan administrator on a 'federally funded' network, and can tell you that network security on many fed networks as implemented is a joke.

    True, there are some very secure federal government networks out there, but they are a hassle to try to use as they are 'whitelist' on just about everything (websites, software, applications), but it is the other end of the discussion that is more common. But at the same time I am jealous of the central command and control the lan administrators on those network possess.

    There are US Government networks that are connected to the internet that:
    - Do not have any automatic update services at all. Sneakernet updates on a CD-ROM.
    - Virus scanning software is updated by hand distribution of definitions delivered by CD-ROMS mailed to the lan administrator.
    - Open ports all over the place in the OS.
    - Unneccessary applications installed.
    - Multiple versions of the same software installed (Reader 7, 8, and 9.2!)
    - No advertising blockers or adware removal tools.
    - /User/Documents And Settings/ set to world readable/world writable.
    - Active Directory incorrectly implemented.
    - No "least permissions needed" policy. All accounts are administrators level.

    On the other hand, you have the networks created by people who know what they are doing that have:
    - Central point patch and anti-virus update management and distribution.
    - GPO capability fully enabled.
    - Compartmentalized active directory.
    - File/Account permissions set properly.
    - Operating system enforced password rotation/change policies.

    I have actually seen a network whose 'security' was pretty much the limited bandwidth that it had to the outside world. It had 8 character passwords and no rotation/complexity policy. It was 3 years behind on patches and virus updates.

  20. Uh oh, better turn off Windows Update! by Xenophon+Fenderson, · · Score: 1

    Because BITS is a peer-to-peer protocol:

    Peer caching is a new feature of BITS 3.0 that allows peers (computers within the same subnet of a network that have the peer caching feature enabled) to share files. If peer caching is enabled on a computer, the Automatic Update agent instructs BITS to make downloaded files available to that computer's peers as well.

    This is actually a really, really useful feature for those of us operating networks (on behalf of the federal government) with significant bandwidth constraints.

    And never mind the fact that BitTorrent is great for transferring large data sets over slow and unreliable data links, even if it's just from one computer to another.

    --
    I'm proud of my Northern Tibetian Heritage
    1. Re:Uh oh, better turn off Windows Update! by TheLink · · Score: 1

      Windows Update could actually be intentionally turned off is many corporate environments.

      The updates would be downloaded from a central location, and hopefully tested (to see if Microsoft has done yet another screw up or not).

      And then they are pushed out to the clients via WSUS or whatever the company has decided to use for patch management.

      Once you get to a high enough machine:admin ratio, it's often better to not have the computers self update just because Microsoft thinks it's time.

      --
    2. Re:Uh oh, better turn off Windows Update! by Xenophon+Fenderson, · · Score: 1

      BITS peer caching has its place even in environments that use WSUS.

      Ultimately, what's ridiculous is the House's outlawing of a tool irrespective of intent. Sorry, no, it's worse than that. Because of their ignorance, they are attempting to outlaw an entire class of technologies that have great value to the federal government and its programs.

      --
      I'm proud of my Northern Tibetian Heritage
  21. NiggerWater, someone make another Company. by Anonymous Coward · · Score: 0

    Before Xe (formerly BlackWater), moves to another name. Worse they can do now is create XeOS of which Palm will sell through their new line of PDA's called Failhand.

  22. Won't somebody PLEASE think of the Chinese?! :( by Anonymous Coward · · Score: 0

    Won't somebody PLEASE think of the Chinese?! :(

  23. Code is not Law. by Anonymous Coward · · Score: 0

    (1)Code can be changed anytime at the whim of the dominating authority that owns that process, as is evidenced at the privy of the receptive King's or Queen's bench.
    (2)Code is derived from the Legislative Enactment adhering to a mission statement representing a perview in limited liability.
    (3)Code is a artificial construct with only detectable activities at variance to law.
    (4)Code is not endemic but compliant in tolerable regards to negotiate and direct exchange between otherwise differing hosts.
    (5)Law can't be changed and subconscious, never accurately translated but intentionally transcribed within scope of how it might adapt in a fictitious work of art re-played by actors in a theatre among audience to it's approval.
    (6)Law is infra-natural and resonant.

    (Ex. law is DNA, code is ploy of a Virus.)

  24. But without P2P.... by Anonymous Coward · · Score: 0

    ...how will we ever download those multi-mega page bills that seem to be all the rage in congress?

  25. shooting the messanger by Anonymous Coward · · Score: 0

    This is clearly an effort to shoot the messenger. P2P is ALWAYS used to send infringing material. P2P is NEVER used for any other purpose. Other methods of transmitting data on the internet are NEVER used to send infringing material. The mental retard who thought this one up, doesn't have ANY clue about what they are doing. When it fails, everyone cue up to laugh.

  26. Re:what are ping times like over seas? and WOW may by Anonymous Coward · · Score: 0

    700-900 ms for the well connected folks... 1200-1800 for those lesser connected folks. The question is just how many sat hops you end up doing before you are connected into the global internet.

    I am a network administrator for overseas DoD Networks.