Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Cybersecurity Act of 2009 Passes Senate Panel

Posted by CmdrTaco on from the this-won't-end-well dept.

An anonymous reader writes "The Cybersecurity Act of 2009 passed a Senate panel, giving the president unprecedented power to issue a nation-wide blackout or restriction on websites without congressional approval. The bill, written by Sen. Jay Rockefeller [D-WV] and revised by Sen. Olympia Snow [R-ME], was drafted in an attempt to thwart internet-based terrorist threats, and gives the president this 'kill switch' without oversight or explanation. The bill is up for Senate vote."

14 of 367 comments (clear)

  1. Oh yeah? by Yvan256 · · Score: 5, Funny

    Well, you can't contr[Connection dropped by USA Presidential request].

  2. Uh huh, terrororists by elrous0 · · Score: 5, Insightful

    Why do I have a funny feeling that The Pirate Bay will suddenly be labeled a terrorist organization?

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:Uh huh, terrororists by FriendlyLurker · · Score: 5, Insightful

      More likely Wikileaks than Pirate bay, especially with recent release of highly questionable CIA documents plus the imminent release of that video.

  3. It's ok people by AnonGCB · · Score: 5, Funny

    It's not as bad as the Patriot act, so therefore it's ok for this to pass. At least they're not as bad as the last administration, right?

    --
    http://CryoLANparty.com/ A lan I'm staff on!
    1. Re:It's ok people by Opportunist · · Score: 5, Insightful

      Laws like these tend to have a long life. Who in their sane mind would give that out of his hand again? Once granted, it will stay. Even if you eventually get someone that makes Dubja look like Mahatma Ghandi.

      To avoid Godwin, I'll pull a Dollfuß. He was the dictator of Austria before it was absorbed by the German Reich. Think of him as Mini-Hitler. He ruled with a law from the first world war that allowed the administration to make laws without oversight in case of "need". He simply declared the perpetual "need" and thus circumvented the government.

      Once such power is granted, it will not go away. And it invevitably will eventually fall into the wrong hands.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  4. Report to Congress by Akido37 · · Score: 4, Interesting

    Like most emergency powers, it requires the President to report to Congress within 48 hours.

    It doesn't seem, though, to give Congress power to stop the emergency action if it feels that it's not really an emergency.

    We'll see what the House does with it.

  5. Bye, bye freedom... by MahariBalzitch · · Score: 5, Insightful

    Our freedom in the US is quickly diminishing under the guise of "Terrorism". It makes me sick watching it happen and knowing there is nothing we can do about it.

    --
    Kickass Cheap Web Hosting
    1. Re:Bye, bye freedom... by WrongSizeGlass · · Score: 4, Funny

      there is nothing we can do about it.

      Vote.
      Run for office.
      Rebel.

      I believe you forgot:
      ????
      Profit!

    2. Re:Bye, bye freedom... by smooth+wombat · · Score: 5, Insightful

      If tyranny and oppression come to this land, it will be in the guise of fighting a foreign enemy - James Madison

      --
      We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
  6. Re:Better than the alternative? by Nadaka · · Score: 4, Insightful

    It depends on your definition of "harm" and "good". An revolt with widespread popular support by a significant minority or even majority of citizens could require the internet to be shut down to prevent the people from organizing to rally against an oppressive regime. It worked out pretty well for Iran.

  7. Where are the technical people on /. by tacokill · · Score: 5, Interesting

    Lots of comments but not one that is technically based...

    Ok, I'll ask. Exactly how would a kill switch for the intrawebs work? Specifically, how would the president hit one button and "shut down" all telecom infrastructure in the country (including wireless). What about the various mesh networks that sprung up?

    I am trying to envision how this would work on any technical level and I just can't get there. Yes, you could pretty easily cripple our telecom system here and there but to shut the whole thing down and make it unusable is quite a different scenario.

    Not to mention the hacking opportunity this presents. Yes, I am sure there will be many many layers of security....but still.....if the president can do it, then someone else can also do it.


    This actually raises (many) more questions than it answers.

  8. Change you can believe in by wcrowe · · Score: 5, Funny

    Change you can beli-- 404 ERROR...

    --
    Proverbs 21:19
  9. Not so terrible by KeithIrwin · · Score: 5, Interesting

    I've read the bill. It honestly isn't that bad. First off, the "kill switch" doesn't apply to arbitrary web sites or anything like that. It specifically targets 1) government computer networks and 2) computer networks connected to "critical infrastructure". By "critical infrastructure", they mean things like the power grid, water and sewer systems, natural gas systems, stuff like that. Some people who have read this bill have made the assumption that "infrastructure networks" is synonymous with "network infrastructure", i.e. internet backbones, but it's pretty obvious from the context that this is not what the bill is meant to cover. There's nothing in the bill which allows the president to turn off your internet or disconnect you unless you are a utility company.

    Now, that said, they really could have more precisely defined "critical infrastructure networks" in order to make that clearer. There is still a little weasel-room in the bill where it is possible that someone could try to justify ridiculous actions using it. They could have eliminated this with a more specific definition of what comprises "critical infrastructure". So I wouldn't say that I support it 100% in its current form, but honestly, I don't think that the bill is all that terrible.

    The bigger problem to me is that I don't see any reason to believe that the measures in this bill will do anything significant to address the problem which they are purporting to address. Although I'm not convinced that a "cyber attack" is a real threat, if it is, by the time the president declares a state of "cyber emergency", it will probably already be too late. If there really is a serious on-line threat then the way to fight that is not to give more power to people at the top to respond, it is to give people at the bottom more authority to make decisions and respond quickly to a developing security situation.

  10. Much More Than What It Appears To Be by Nitrobob · · Score: 4, Informative

    I urge everyone in the IT community to download and read S.773 - The Cybersecurity Act of 2009. This bill contains a number of troubling provisions beyond the most obvious one, which is Presidential ability to control the Internet by preventing its use when he deems it necessary to do so. It would require the President to establish a Cybersecurity Advisory Panel without requiring any approval of the members of such panel by Congress. It also requires the Secretary of Commerce to assist the panel with the creation of Regional Cybersecurity Centers that must be affiliated with a non-profit organization or consortium, funded by the panel. Per my reading of the bill, all of this is to be done by people who not been vetted or approved by Congress in any way. It places all of that power in the hands of the President and certainly creates an opportunity to politicize the entire process. Within one year, the Secretary of Commerce must develop a national licensing, certification and recertification program for cybersecurity professionals. Beginning three years after the bill is passed, "it shall be unlawful for any individual to engage in business in the United States, or to be employed in the United States, as a provider of cybersecurity services to any Federal agency or an information system or network designated by the President, or the President's designee, as a critical infrastructure information system or network, who is not licensed and certified under the program." Ask yourselves, please, who gets to define what is or isn't a critical infrastructure information system or network. That's correct. It's the President (or his designee). But wait ... there's more. Within one year after the bill is passed, the President (or his designee) gets to tell Congress if he wants to require cybersecurity to be a factor in all bond ratings (presumably only for private-sector companies and not federal bonds), Here's where it really gets good. "The term "cyber" means - (A) any process, program, or protocol relating to the use of the Internet or an intranet, automatic data processing or transmission, or telecommunication via the Internet or an intranet; and (B) any matter relating to, or involving the use of, computers or computer networks." Let's see if they left any possible use of computers out of that definition. Nope, they even seem to have VOIP covered. The President can control every computer in the country under that definition, irrespective of whether or not it is part of critical security infrastructure. The point here is that this bill is seemingly titled to make people think that it is a well-intended way to protect our country. When you dig deeper into the bill it clearly spells out command and control of potentially every computer in the country by ... the President. Forget about the person who is in office now. This is a dangerous consolidation of power in the hands of whomever is in the office of President. Read the bill and decide for yourself if this is the path the United States should continue going down - consolidating more and more power in the hands of one man (or woman). Then make your feelings know to your U.S. senators ASAP.