Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Director Says the US Must Secure the Internet

Posted by Soulskill on from the self-proclaimed-internet-police dept.

Trailrunner7 writes "The United States has a responsibility to take a leadership role in securing the Internet against both internal and external attackers, a duty that the federal government takes very seriously, the country's top military cybersecurity official said Tuesday. However, Gen. Keith Alexander, director of the National Security Agency and commander of the US Cyber Command, provided virtually nothing in the way of details of how the government intends to accomplish this rather daunting task. 'We made the Internet and it seems to me that we ought to be the first folks to get out there and protect it,' Alexander said. 'The challenge before us is large and daunting. But we have an obligation to meet it head-on.' It's unlikely that any of Alexander's comments Tuesday will do much to quiet the criticisms of the Obama administration's security efforts thus far. Speaking mostly in generalities, Alexander emphasized the administration's commitment to the Comprehensive National Cybersecurity Initiative, a plan developed by the Bush administration and recently partially de-classified by Obama administration officials."

2 of 250 comments (clear)

  1. Protection by D3 · · Score: 4, Interesting

    I think it would be more accurate to say we need to protect ourselves from the Internet vs. we should protect the Internet.

    --
    Do really dense people warp space more than others?
  2. Re:Are they joking? by rwa2 · · Score: 4, Interesting

    Meh, joking aside, there's plenty of technical measures that they could be doing (not that we'd necessarily want these people to do this kind of thing for us)...

    * Plopping down firewalls at internet trunks, then using them to filter out spam and portscans. Propagate rules to shut down bot traffic at the edge routers.

    * Sniffing / logging all traffic with snort / ntop (but more likely something big commercial and expensive) for, uh, forensic analysis

    * Requiring some sort of RealID authenticated onramps, so net access can be traced back to a credit card or better yet an "internet license" associated with someone's passport or other unique government ID

    * Encrypted key escrow so they can peek inside encrypted data and streams.

    Scary stuff with lots of room for abuse, but really not any different than what a mildly competent corporate IT department already does.

    Maybe on the internet2 for mobile phones (the next generation).... the question is whether the new system will be "pre-secured" by the corporate walled gardens, or if the government will finally finish "securing" and thus killing off the first gen internet just as the new one comes online ;-P