Slashdot Mirror

← Back to Stories (view on slashdot.org)

US House Passes P2P Ban On Federal Networks

Posted by Soulskill on from the you-can't-legislate-against-stupid dept.

An anonymous reader writes "Recently, the US House of Representatives passed a bill in an attempt to ban peer-to-peer file-sharing applications on federal computers and networks. Similar bills have been proposed before, apparently in response to confidential government documents being found on LimeWire. The text of the bill, however, provides a very broad definition of 'peer-to-peer file sharing software,' and may extend to more than they intend (SMB? LDAP?)."

19 of 91 comments (clear)

  1. How will the government botnets run!?!? by Orga · · Score: 5, Funny

    I think this will greatly hinder our offensive capabilities in a cyberwar

    1. Re:How will the government botnets run!?!? by Ron+Bennett · · Score: 4, Informative

      Nah, the government will just contract that stuff out to the likes of Halliburton and Xe (formerly Blackwater).

      Ron

    2. Re:How will the government botnets run!?!? by supersat · · Score: 2, Informative

      Government contractors are covered by this bill as well.

  2. Whitelist, not blacklist! by LoudMusic · · Score: 4, Insightful

    This is an issue of what can be installed on federal computers? I believe there should be a list of what is allowed and everything else is disallowed. And NO ONE has admin access to their computer.

    Come on people - federal security! Why the hell are they running MS OSes anyway?

    --
    No sig for you. YOU GET NO SIG!
    1. Re:Whitelist, not blacklist! by Sir_Lewk · · Score: 5, Funny

      Clearly there are only two options:

      • Use a Microsoft OS.
      • Write your own in Ada.
      --
      "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
    2. Re:Whitelist, not blacklist! by will_die · · Score: 3, Informative

      The US Air Force has this and it is a major pain.
      It use to be that a base could keep its own list and the local people could control it, however a few years ago that was removed and now there is a central office that does all approvals. This office takes an average around 1 year to approve major software releases,aka Microsoft, and if it not then it takes longer.
      However even then it is a people problem, the local base level admin and security people total ignore this and install almost anything they want.

    3. Re:Whitelist, not blacklist! by H0p313ss · · Score: 2, Insightful

      Come on people - federal security! Why the hell are they running MS OSes anyway?

      The answer is yes. Though if you do a full audit I'm sure you'll probably find a working copy of just about every operating system ever developed.

      That being said I'd be very surprised if Windows is anything less than 90% of the market.

      --
      XML is a known as a key material required to create SMD: Software of Mass Destruction
    4. Re:Whitelist, not blacklist! by fuzzyfuzzyfungus · · Score: 2, Insightful

      While I would certainly hope that the fed's IT guys would be on top of their game, the idea of attempting to compile a central list(or, worse, have legislators try to do so) sounds like a 100% assured productivity killer.

      Computer security is, surprise surprise, a technical enterprise(albeit with some organizational dynamics thrown in) WTF is congress doing in there? Should we start holding elections for sysadmins, just to make sure that the will of the people is there to defend the network?

      The idea of a room full of subject-matter nonexperts writing overbroad and dubiously sensible mandates just so that they can describe themselves as "strong on security" makes me throw up in my mouth a little. Hopefully nobody tells them how much "p2p" is going on in a DFS or AFS setup, or a failover system...

    5. Re:Whitelist, not blacklist! by ShadowRangerRIT · · Score: 2, Informative

      Technically, there are a few Defense Department regs that are supposed to require Ada. "Special" exemptions are granted as a matter of course though.

      --
      $_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
    6. Re:Whitelist, not blacklist! by YrWrstNtmr · · Score: 5, Insightful

      I believe there should be a list of what is allowed and everything else is disallowed.

      That's pretty much the way it is. They actually have a pretty secure MS ecosystem. Between DISA, NIST and USAF and Microsoft, they've come up with the Federal Desktop Core Configuration (FDCC) (which is an outgrowth of the USAF 'Standard Desktop Computer' (SDC)).

      Various security settings, GPO's, etc. If you use a standard FDCC image, it is pretty well locked down, AND can be administered from anywhere. Having said that...'locked down' as much as XP or Vista can be. But the VAST majority of users do not need much more than Office and the base OS. No real need for 8 zillion extra little tools, which may or may not have their own vuln's.
      But there is quite a lot on the approved list. Installed on a case by case eval. Wireshark or Firefox, for example. It is up to each department to further refine that list. For instance, the USAF (mostly) bans Firefox in favor of IE7.

      Why the hell are they running MS OSes anyway?

      Changing the US fed govt infrastructure from MS to 'something else', Linux for example, will take an extremely long time, and may well end up worse than it is now. Take the Munich example and multiply the problems by 500. For better or worse, an org of that size can't just switch.

    7. Re:Whitelist, not blacklist! by YrWrstNtmr · · Score: 2, Interesting

      It use to be that a base could keep its own list and the local people could control it,

      Centralized control and admin. Used to be, a base would control its own network. No more. Even your local proxy server is now being admined from elsewhere.

    8. Re:Whitelist, not blacklist! by cnkurzke · · Score: 2, Funny

      Even your local proxy server is now being admined from elsewhere.

      Likely the system administration has been outsourced, and is now run from a CSC guy in Bangalore.

    9. Re:Whitelist, not blacklist! by stonewallred · · Score: 5, Funny

      I went to your link, then went to the FAQ, which sent me back to the patch notes, with a link available for the FAQs, which took me back to the patch notes. If that is the best the federal government can do, I am brushing up on my chinese, russian and arabic, because we are all fucked.

    10. Re:Whitelist, not blacklist! by McGruber · · Score: 3, Insightful

      Come on people - federal security! Why the hell are they running MS OSes anyway?

      I'm a career US federal government employee.

      Right after the then-Governor of Texas became President, my employer (a federal agency) "standardized" on computers from a vendor headquartered in Round Rock, Texas. We were no longer allowed to purchase computers from any other company. This decision was made by a political appointee, appointed by the President.

      Right after the same Administration settled the MS anti-trust suit, our agency "standardized" on MS-Software -- Windows is the only operating session we were allowed to run, our email was moved over to Exchange, our websites were moved to MS-platforms, we were forced to move to only MS applications (Word, Powerpoint, Excel), etc. While this sounds bad, it actually used to be worse - for a while, we could only buy PDAs that ran Windows/CE.

      Although the political appointees who made these choices left in early January 2009, my agency continues to lock more and more of our data into proprietary MS formats - we are now moving as much of our internal data as possible into Sharepoint.

      The current administration seems to be big fans of "the cloud". From where I sit, this means that instead of just overpaying for crappy software and crappy hardware, we are going to start overpaying for crappy network services and the bandwidth to support those services.

  3. Bad law by LordSnooty · · Score: 3, Interesting

    Why is computing subject to such vague law-making, so often? Do other sectors suffer to such a degree? Presumably, government law-drafters will call on experts to clarify finer points. But this often doesn't seem to happen with computing law.

  4. Perfectly reasonable by H0p313ss · · Score: 4, Insightful
    If you read the bill it ONLY refers to OPEN-NETWORK p2p which they define as

    The term ‘open-network’, with respect to software, means a network in which--
    (A) access is granted freely, without limitation or restriction; or
    (B) there are little or no security measures in place.

    What part of this is unreasonable in any controlled environment? Can you think of any corporation that would allow such a thing?

    I wouldn't even let my kids run such a thing.

    N.B. This clearly does not cover things bittorrent since you have to explicitly publish individual files to it.

    --
    XML is a known as a key material required to create SMD: Software of Mass Destruction
  5. Re:But everything on the net is peer to peer! by vux984 · · Score: 2, Insightful

    So in essence they are banning all connections that have a source and a target ip adress at the same time.

    Or you could read the full article, and find out what they are really doing.

    Wow. EPIC FAIL

    So is a snap judgment based on a slashdot headline and reading the first few knee jerk responses.

    Is it a good move by congress? No, not really. But did they really just ban connecting to the office network printer? No.

  6. Re:Completely useless by skine · · Score: 3, Insightful

    It's also really a pity that Slashdot admins don't think before posing sweeping accusations. As the number of political articles continues to grow and the way we rely on only reading the summary to understand the article almost certainly prevent users from being able to determine what is sensationalized ... and probably won't be adjusted or repealed when proven biased.

  7. Re:How am I supposed to patch World of Warcraft?? by matchhead650 · · Score: 2, Interesting

    Personal computer are not allowed on government networks, and you will get caught installing unauthorized software on a government computer. There are plenty of other internet options in the desert though.