Slashdot Mirror
Sen. Bond Disses Internet 'Kill Switch' Bill
GovTechGuy writes "Sen. Kit Bond (R-Mo.) has introduced his own cybersecurity legislation with Sen. Orrin Hatch, and he had some harsh words for a competing bill sponsored by the Senate Committee on Homeland Security. Bond said that bill, which has been criticized for allegedly giving the president a 'kill switch' over the Internet, weighs down the private sector with mandates and puts too much on the plate of the already overburdened Department of Homeland Security. Sen. Bond's bill would create a new position in the Pentagon, reporting directly to the president, in charge of coordinating all civilian cybersecurity. Any private-sector involvement would be voluntary and free from legal challenge, rather than mandated."
We don't need a military-like "big red button" in the boss's office that shuts down all Internet systems... that would open us up to even worse problems. (Did anybody watch the recent CNN special "We Were Warned: Cyber Shockwave" about this situation exactly? If you shut down all civilian communications, how are you going to tell workers where they're needed? A simple attack somewhere along the power grid, and nobody will know where the fault is to repair it.)
But, there is something we should give over in this area. The ability to kill programs that are causing damage to other systems or the Internet structure. Basically, if food has a problem, we recall what had the problem, not all food. If MS-SQL has a problem, we have an Internet outage... what if Microsoft was able to say "You must patch to version 7.3.43... we've got a security problem with 7.3.42." Basically, if you're running a "wrong" version of an application, you shouldn't be allowed to expose that to the Internet... you're just going to spread the worm of the day once you get caught by the bad guys. Can we have some good guys shut you down first?
The difference is clear... you don't shut down the whole Internet when things go bad, you shut down the bad application. SysAdmins will notice their service is down, and hopefully will get a nice clear message that they've put off the patches for too long, and if their server wasn't already spreading the worm, it was about to before the kill switch got in the way.
This is much like the college solution where if their honeypot detects that you've sent out a worm packet, they tell the nearest network switch to cut you off. You notice your IM client can't connect and neither can your web browser, and call IT. The Internet isn't down... you're down for the safety of the computers around you. Bring your machine to IT, pay for the cleanup service and a free copy of the college's favorite anti-virus, and while you carry your machine back to the dorm they turn your port back on.
This is just basic cyber-defense. You're totally secure if you unplug everything... but then you also lose the services which are the point of having the server. We need to use the good servers to keep some level of communication going... and spread the word that the bad servers need the patch that was released a few months ago! When things go wrong, you don't throw the whole thing out without trying to fix it first!
So, what about the impact on all the other countries?
They tried to make the training video 'light' and humorous, but it still doesn't negate the fact that these plans have already been put into action.
RIP America
July 4, 1776 - September 11, 2001
Why is it such a shame that it's a Republican?
lolwut, because deregulation has done such wonders for the financial and energy sectors. Likewise, the problem we've had with the net is a lack of regulation rather than too much of it. The solution to not enough regulation has never, ever been less regulation. The firms like MS and the ISPs that do very little to curtail the soft targets aren't going to get better knowing that they'll face even less regulation.
As much as I don't want a kill switch on the internet, I also don't want that same kill switch to exist in the hands of private companies. Without some government regulation, what is to stop the media cartels (which own the majority of ISPs) from banding together against sites they dislike? Google seems pretty unpopular among media companies these days. Who is going to make sure that we can still access Youtube 5 years from now? Net neutrality is not something to scoff at.
/s
I also wouldn't object to forcing ISPs with threat of law to actually PROVIDE what they market. If they say it's unlimited, it should be unlimited, NOT "unlimited to a point."
But government is the source of all evil, right? Hand it over to Time Warner, Comcast, and Verizon... they'll take good care of your rights!
Great Intellect...
No good news here. Bond's concerns about a cyber security bill can only mean he feels it isn't harsh enough. If he's in league with copyright's Prince of Darkness Orrin Hatch, who not too long ago wanted to scan all PCs warrantlessly and without judicial oversight automatically destroy those found with "unauthorized content" (read: entertainment), it shouldn't take too much in the way of imagination to predict his response to information he defines as threats to security.
- js.
Our energy sector is insanely regulated also. The BP oil spill wasn't caused because of deregulation but because the morons "we" elected to congress thought it was a good idea to artificially cap liability.
Likewise, the problem we've had with the net is a lack of regulation rather than too much of it.
So what are these problems with the internet that are because of a lack of regulation that will magically become better with regulation? In almost every single case regulation simply leads to corporations screwing the public even more because they can game them and the public losing in higher prices and less choice because it makes it harder to start up a business or to compete with established companies.
The firms like MS and the ISPs that do very little to curtail the soft targets aren't going to get better knowing that they'll face even less regulation.
MS pretty much lives on the regulation we call software patents and copyright. ISPs got the way they did by screwing the public by taking money to provide internet access and then unilaterally changing the definition of the internet to their own interests.
We don't need regulation there, we need sane patent reform, we need a return of sane copyright, we need a correct definition of internet, we need to end all public handouts to businesses, etc.
When consumers have choice they will be more effective than "regulation" ever will be. The problem is regulation almost always reduces chocie.
Taxation is legalized theft, no more, no less.
Those that want a "kill" switch regardless of party better not get what you wish for. If a liberal is in charge of a kill switch, killing off conservative websites just remember that politics is like a circle, what goes around comes around. Personally, I wish a hands off approach to the internet under purely 1st amendment grounds. "Congress shall make no law..." what part of that do those pinheads not understand. With the good, comes the bad. 3/4 of the crap on tv, radio, internet, magazines I don't care for, but I'd rather it be left to the market to figure out, instead of some idiot politician to say if it should be banned.
Look back in the past, how did Comcast/Verizon/Time Warner/etc get so large? They basically stole your tax dollars to provide internet access and "modernize" America (and in the case of Verizon they got lots of infrastructure from the breakup of AT&T). Without governments screwing with the free market we can make sure that the corporations serve us rather than the other way around. We need a government to prevent force and fraud, as you pointed out, the majority of ISPs/Cell Companies use fraud in their marketing and should be forced to either provide what they market or provide compensation.
What we need is a definition of the internet to include all of the internet to start out. Secondly we need to stop handouts to private companies all of them to prevent this from happening in the future. Eventually, our current infrastructure will be obsolete and Comcast/Time Warner/Verizon will be as laughable of companies as Atari and AOL is today. But in the meantime, simply allow for more competition in the ISP market, allow for true free market systems where if one corporation can use public land to lay cable though any ISP who wants to should be able to within a certain window. When we solve the inequalities there, it fixes itself. If an ISP blocks YouTube and there is a choice, everyone will switch. The problem is our government has limited the choices.
Taxation is legalized theft, no more, no less.
The entire thing stinks to high heaven. These guys still think of the Internet as of tubes and trucks and who the hell knows what else, but it doesn't matter. The important thing is that this series of tubes and trucks is bothering them something awful.
They can't control dissemination of information on it like they do on TV. Anybody can just start a blog or a forum and discuss policy and worse, they can share actual information, the kind that government prefers you not to pay attention to... here is something shiny for you.
They need a kill switch, and when they say that, they likely mean a kill, as in Minigun type of kill switch.
Take this new cybersecurity bill, add the Trusted Security in Cyberspace proposal, involve the DHS, factor in Gitmo and rendition, multiply by Secret Service getting an 'upgrade' (from the same Lieberman ideas by the way), you are going to have a very neat 'kill switch'.
This 'cybersecurity' nonsense is supposed to be able to expire 120 days after execution, well, just make the emergency last longer, have the president sign an order or whatever it takes. Actually 120 days is enough to push through any kind of agenda if there are no opposing voices at all, and TV opposes nothing (except for clowns, but who listens to clowns, right?
They just want to stop you from being able to get and discuss any information that may end up hurting their agenda, and they have plenty of agenda.
You can't handle the truth.
"Kill it!"
Um, what?
How about instead funding some free-to-all open source antivirus, anti-spyware, etc. programs to hinder the spread of malware and botnets? And kill spammers while you're at it. Yes, those you can kill.
We are all God's parents.
The financial sector IS still highly regulated, one of the most regulated sectors of the economy. It was never deregulated; only the nature of the regulations changed, and that wasn't to promote freedom or capitalism, but to benefit certain people.
The deregulation of the net, of course, is the fundamental reason for it's rapid growth and incredible utility.
O Really? So basically the financial markets are highly regulated, except when there not. The fact that the portion of the entire market that was regulated is dwarfed by the ginormous amount of money represented by completely unregulated instruments, is the sign of a highly regulated market.
Sorry, I must not get it, because I'd think that it would be the other way around, that a highly regulated industry would be mostly dealing with regulated items, rather than mostly dealing with unregulated items.
Let us not be confused by suggestions that just because Sen. Kit Bond criticised the previous proposal, his proposal is any good.
IMO there is absolutely no reason to put a cyber security czar in the pentagon.
In America, as in any free country the military should do nothing but armed conflict with other nations, and civilian agencies should provide internal security.
But hopefully the existence of multitude of bills will result in no bill being passed, which would probably be the best outcome.