Slashdot Mirror
Internet Kill Switch Back On the US Legislative Agenda
suraj.sun points out a story at Wired that US lawmakers have revived the idea of a government-controlled "Internet Kill Switch," which reads, in part: "The bill, which has bipartisan support, is being floated by Sen. Susan Collins, the Republican ranking member on the Homeland Security and Governmental Affairs Committee. The proposed legislation, which Collins said would not give the president the same power Egypt's Hosni Mubarak is exercising to quell dissent, sailed through the Homeland Security Committee in December but expired with the new Congress weeks later. 'My legislation would provide a mechanism for the government to work with the private sector in the event of a true cyber emergency,' Collins said in an e-mail Friday. 'It would give our nation the best tools available to swiftly respond to a significant threat.'"
Seems to me, the biggest threat would be doing EXACTLY what Mubarak is doing now in Egypt.
It doesn't stand a chance. All it needs is for one person to compare a sponsor of this bill to Mubarak and it should be dead in the water. You can't bring something like this up right after all this tumult.
I live in constant fear of the Coming of the Red Spiders.
I can't see any reasonable purpose for a government being able to shut down internet access in broad swathes; any internet "emergency" could (and would) realistically be handled quite well by the array of network providers involved in standing up the internet. Otherwise botnets would have killed us all long ago.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
than used for the intended purpose IMHO.
P.S.
It's also unconstitutional. I can not lay my hand on any power given to the Union Congress which allows them to shutdown the mail or the newspapers (old-fashioned type or modern websites/email). That power is reserved to the Member States.
If they think Congress should have that power, let the states pass an amendment FIRST granting that power, rather than create an Egypt-type problem where some future Caesar/dictator can squash the people with a simple flip of the switch.
Information wants to be expensive AND wants to be free. So you have Value vs. Cheap distribution fighting each other.
After all, who knows better how they've screwed us than the ones doing it?
Why guess when you can know? Measure!
Because we'll only use it for your own good.
They're the bad guys. You can trust us.
We're looking out for you.
We(tech types) have to think about how to have an marginally working internet without the cooperation of the telcos. Off the top of my head I could see an entire city's wireless routers all sort of passing things along. The traceroute would be from hell but data would keep moving.
I suspect that this is being developed right now by civil minded Egyptian programmers and engineers.
It could also be used in disasters and whatnot.
As long as a node here and there could contact the rest of the internet then various governments would lose the power presently exercised to evil ends in Egypt.
Message me if anyone is serious about this and maybe something could be brewed up.
PS I finally remembered my password.
"It's for your own good". Whenever a government uses those words you can assume with some confidence it's for their good and not yours.
In light of the recent incident in Egypt, it seems that the real purpose of such a kill switch is more useful as a means of censorship (a la big scandals that could make the US look bad, like Wikileaks). On a local scale, if I know my network is about to be attacked, I would cut off the main entrance into my network, while leaving the inside up and running. If they insist on a kill switch, why not just implement a similar scheme for all the "gateways" into government networks? As for each citizen's own access, I don't need the government to unplug my computer for me -- I can do that by myself, and am capable of making the decision to do so myself.
The timing is so dumb that one has to wonder.
To bring that up now suggest the recent election turn around has scared Both Democrats and Republicans into believing Egypt could happen here, and rather fix the problem they react with police state measures.
Or was this on track all along, with hopes of sneaking it through, and the mainstream press just finally took notice?
In which case it may well be DOA already.
Sig Battery depleted. Reverting to safe mode.
"An example, the aide said, would require infrastructure connected to “the system that controls the floodgates to the Hoover dam” to cut its connection to the net if the government detected an imminent cyber attack."
Am I the only one who wonders what that kind of system is doing connected to the internet in the first place? Seems to me that if you want to protect infrastructure, the easiest and most sensible thing to do would be to unplug the ethernet cable.
You cannot hurt anyone with data. There is no such thing as a threat via the internet.
Ya, nevermind that whole, 'pen is mightier than the sword' thing. It's exactly because data is so powerful that unsavory characters want to stop it. I don't know what is motivating these Homeland Security creatures, but it isn't a sane concern for their fellow men.
"First they came for the slanderers and i said nothing."
We should start developing contingency plans to thwart a potential internet blackout.
International dial-up, data feeds over the airways, carrier pigeon...whatever.
Why are they asking for this if they don't have some kind of plan in store. Terrorism 2.0 perhaps, as the fear of conventional terrorism has faded quite a bit since 2001.
^^vv<><>BA
No but we are at a disadvantage since we depend on private sector infrastructure which isn't coordinated enough to fend off a coordinated attack.
A government agency working with the ISPs could however respond to a systematic attack on our infrastructure and kill routes which are origins of the attack.
If a bank is receiving a denial of service attack to all of its servers it doesn't have the authority to order an ISP to start shutting down the source of the attacks. If however there is an attack under way they can notify a central agency whose job is to make an organized response to an organized attack.
Yes individual organizations need good cyber security response plans--but as we realized during the last economic crisis, just because an organization is critical to society doesn't mean it is acting in such a manner. Nor should they necessarily have to bare the cost of behaving as such.
Name one thing you know firsthand is connected to the Internet and could result in casualties if attacked. Sure banks computers could crash, sure amazon could go down, but ICBMs are not going to launch and the power grid wont go down. If anything that could actually cause casualties is connected to the Internet then it shouldn't be.
http://www.devicesworld.net/
This kind of stuff is getting deployed more and more.
Amazing how the really bad shit always has bi-partisan support. More and more it becomes obvious that we really need a viable third party.
Actually, you can hurt people with data. Mainly, people in power. And that's what they're afraid of.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
I suspect this is a lot like Bush's warrentless wiretapping: it has been there for a long time now -- the legislation in question is merely a formality attempting to legitimize it. Consider it "retroactive immunity" for the possession of an Internet kill-switch.
It is a miracle that curiosity survives formal education. - Einstein
In case of emergency, it would let us cut off all government computers and communication. Seems fair to me.
By far, the most common use of the internet is speech protected by the first amendment. The commerce clause does not override the first amendment.
...not that the first amendment will stop congress from passing the law, the President from invoking it, or the courts from arguing over the terms strict scrutiny, intermediate scrutiny, content-specific, compelling state interest, etc.
No offence, but I think that for the most part, you Americans have lost the freedoms that you all tout - you just aren't aware of it properly yet.
You get fondled to get onto a plane, you can't protest the President anywhere near where anyone can see it and so many other things. Sure, you might still have the right to carry guns for the most part, but you have lost the freedoms that really matter.
For the most part, actually, so has the rest of the world. Such are the times we live in heh.
Moved to http://soylentnews.org/. You are invited to join us too!
So there are hundreds of comments already posted here, but none of them that have been modded up that I can see points out that this isn't actually an "Internet Kill Switch" in any way shape or form. That's just a sensationalist title used to get people riled up and interested. This is, in fact, a much less interesting and less threatening piece of legislation. It just says the president can order companies running critical infrastructure for the functioning of our society to take action to protect them from a network attack in an emergency. No where does it grant the authority to shut down the internet or large swaths of it or censor any content.
Now this legislation is not without problems and it certainly should more clearly define what is meant by critical infrastructure, but seriously, there is a reason this bill is supported from both sides of the aisle and it had fuck all to do with people's conspiracy theories about censorship and control of the media and communication. This is just an inadequately worded bill doing exactly what internet security experts have been asking for right along; precautions put in place to quickly isolate critical systems that likely shouldn't be accessible in the first place but often are in one way or another. This is about Stuxnet and the possibility of network based attacks on real hardware and resources from foreign powers. No politicians in the US have any interest in shutting down the internet because we still have robust means of communication otherwise and it would be political suicide.
Yes individual organizations need good cyber security response plans--but as we realized during the last economic crisis, just because an organization is critical to society doesn't mean it is acting in such a manner. Nor should they necessarily have to bare the cost of behaving as such.
Then we should be taking the opposite approach. Instead of increasing centralisation because parts of the system are "too big to fail" we should be encouraging decentralisation - encouraging more players to get involved and build up redundancy so that if some are compromised we can still maintain functionality in the face of damage.
When information is power, privacy is freedom.
Do the words "Throwing the baby out with the bathwater", "The cure is worse than the disease", and "Congress shall make no law ... abridging the freedom of speech..." mean anything to you? Viruses, denial of service attacks, botnets, and hacking require tighter security of the target, not a wholesale shutdown of a communication grid. You don't shut down the phone system because of junk faxes and threatening phone calls. Why would you shut down the internet?
When our name is on the back of your car, we're behind you all the way!