Slashdot Mirror
McCain Asks For Committee On Wikileaks, Anonymous
Trailrunner7 writes "In the face of continued attacks on federal agencies and contractors such as Booz Allen Hamilton and IRC Federal that do highly sensitive security work for the U.S. government, Sen. John McCain has asked Senate leaders to appoint a select committee to look into the attacks and data leaks that have plagued Washington throughout 2011. In a letter to Democrat leader Harry Reid and Senate minority leader Mitch McConnell, McCain (R-Ariz.) said that a temporary Senate committee is necessary in order to get a handle on all of the disparate cybersecurity legislation proposals and to address the threat posed by groups such as Anonymous, LulzSec and Wikileaks."
That oughta solve the problem, by garsh!
He clearly knows the most about the internet out of all the senators, so unless he's part of the commitiee it will be a total farse!
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
"In a letter to Republican leader Harry Reid"
lol wat
"Oh my gawds these terrorist groups! The little children can't play on the internets - uh wait, there are no children in either of those groups, only Juvenile Terrorists, which are not children anymore!"
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
McCain asked that a target be mounted on his campaign servers so Anonymous, LutzSec, and Wikileaks would find it easier for their upcoming attacks...
Harry Reid is a Democrat, not a Republican
If he's going to associate WikiLeaks with anonymous & LulzSec, then why not throw the United Nations into that mix as well. Damn pesky international bodies probing around in other peoples business... *wave fist*
In America, you have a choice between the party that works for one set of corporations, or the party that works for another set of corporations.
Palm trees and 8
I think he would've had better luck just coming here and asking them kindly to stop rather than ticking them off. (I'm assuming some of those guys read /..) Not that that would stop them either, but they might put a positive spin on the data they release.
From the guy who thought Sarah Palin would make a good vice president. Why do people even bother to listen to him anymore. The country is bankrupt, but he thinks it can afford yet another committee.
Seven puppies were harmed during the making of this post.
The summary does hit on one thing that is a systemic problem in Washington, a myriad of separate bills to address an issue. Each of these bills probably only focuses on a few things (if you remove the pork and vote buying crap) but when all are taken together you end up with one giant confusing mess.
Time to offend someone
a temporary Senate committee...
Somebody's looking for some cheap laughs
For justice, we must go to Don Corleone
Looking into why we are paying so much money to security contractors that can't even secure their own servers.
I guess his "email girl" finally told him about it?
This should be entertaining.
What are teh lulz? Why would anybody do this just for them?
...to evaluate why a bunch of internet Yahoos often with basic security tools are able to cause so much havoc? ...Oh. Right. Because this would expose the fact that it isn't that Anonymous and those other groups are Uberhackers, it's that their targets are, if not incompetent, then given leadership that does a damn fine simulation.
After all, it's easier to blame the scaryevilsocialistanarchist hackers then to fess up to the fact that you've ignored computer security so badly, you've got the equivalent of a rusty gate that is so decrepit that even if you WANTED to close it, the hinges are rusted and stuck. Instead you're gonna have to pay significant money to rebuild things so they actually work. ...What's that giant sucking sound? Oh. Right. That's internet freedom, disappearing into a pit of "anti-terror" legislation.
The summary is 10% facts and 90% moronic rambling by the submitter. If you actually read the letter, you'll see that McCain was specifically referring to insider threats such as the Bradley Manning case. He doesn't mention Anonymous or LulzSec at all.
No soap, radio!
The more laws, the more bills, the more expenses, the bigger your budget. The bigger your budget, the better positioned you are to exploit that cash flow for personal gain.
Am I implying that the people at the top of the power pyramid are nothing but crooks working precisely for themselves, not "the people" as the age-old claim goes? You're god damn right I am.
The most important question to ask about LulzSec is which branch of the U.S. government is responsible for it. Is it the NSA, the CIA, or the military. The most important question about information security in regards to WikiLeaks is why doesn't the U.S. government secure it's information. Manning just downloaded everything. He didn't do anything special.
Democracy Now! - your daily, uncensored, corporate-free
I've been saying this since the very beginning.
All the hacks were a false flag operation by the government, PRECISELY TO ALLOW this kind of committee to be formed to pass more draconian laws about internet use, hacking, etc.
LulzSec and those other groups aren't real, in that the people running them are working for the government. They may have enticed real hackers to join so they'd have people to jail later. It's all fake though.
How is it that hackers that touch federal sites are typically in jail within a week, yet nobody has been taken down for the multiple federal site hacks that have happened? That's never happened in the history of hacking, yet somehow LulzSec does it along with 800 other hacks in a bizarrely short time frame.
It's fake. Be careful.
The democrats are a conservative party. The republicans are a regressive party. We don't really have a progressive party.
This.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
We keep seeing court cases and lively debate over "Freedom of the Press," usually with regards to whether this blogger or that product reviewer etc... have a right to say what they say without "press credentials" or a large corporate news organization backing them, etc... A lot of self-professed "patriotic" US citizens want Wikileaks destroyed.
So where does the phrase "Freedom of the Press" come from? First Amendement of the US Constitution:
At the time this was written, what was "the press?" What was the relationship between the authors and founders of this country and "the press?" The press was a nifty machine that several of these men owned... a printing press. They used these devices to take their speech and propogate it further than mere voice could. They used this kind of speech to foment revolution against an unjust government and the press was a vital tool in this effort. Upon establishing a new government, they sought to extend that protection to all citizens.
So, when someone issues communications through technology, that is the press protected by the 1st Amendement.
A committee means one thing -- more laws. We all know about the bad laws that can be passed (more DRM, tossing some guy who logs on as his ex on FB in prison for 50 years, etc.) However, maybe some good can come out of it:
1: Money spent to have on staff more blackhats/whitehats. Perhaps we need another branch of the Armed Services just dedicated to intrusion prevention and hardening?
2: Certifications for cloud providers. This would include the government stepping in and either erasing or physically destroying all the cloud storage media if the provider got shut down, went bankrupt, got sold to a foreign company, etc. This way, even if the company tanked, all client data would be destroyed, so unlike now, the client data can't just be handed to the next owner of the servers for them to do what they want. The certifications would also include physical inspection, network inspection, host inspection, process inspection, tiger team testing, etc. We do this with hardware and software (FIPS, Common Criteria, EAL), why not cloud computing?
3: Funding for US fab technology for sensitive components like TPMs, firewalls, and other items. This way, there is solid knowledge that an Elbonian backdoor isn't waiting for just the right time to shut down a router or allow intruders in.
4: Funding for a B2B backbone infrastructure where it is preplanned what machines communicate to each other. This way, a bank's computer can send info to a credit card processor, but can't send anything to a baseball card shop unless they have a prior relationship. Preferably have this on separate fiber than the regular Internet. This way, critical business items can be isolated from Internet escapades. Think NIPRNet or SIPRNet, but for businesses.
5: Funding to work on a standard like VNC/Citrix/MS Terminal Server, so that people traveling do not require physical access to data, just access to a terminal server. This way, a blackhat has to compromise a locked down terminal server before they can get to the juicy stuff like Exchange or the like.
6: Grants to universities for better OS and hardware security models. Some computers used to have two addresses for RAM, one just for data, one instructions, and never did they meet. Things like that would be transparent to the user, but would greatly increase security. Same with operating systems that could hand Web browsers privileges by window/tab, so that a compromised tab couldn't get to the tab right by it that the user is doing banking with. Designing machines from the ground up to treat all Web content as hostile would greatly reduce the amount of malware floating around, just like firewalls have reduced incoming attacks.
7: A hardened device for storing passwords similar to a HSM for public keys. This would be extremely useful in LDAP setups as well as websites that have user accounts. A hacked server does not mean wholesale user compromise.
8: A standard TPM that can be added to all computers, but may or not be present. This would allow computers to have a TPM card dropped in if someone wanted it, but it wouldn't present, so the DRM writers couldn't force gamers to use it for additional lockdown.
9: Funding to design a standardized filesystem/LVM similar to ZFS, except that it is not patent encumbered, and can be used by all and sundry, either with all features, or a subset. The only filesystem across platforms these days is either FAT/FAT32, or the CD-ROM format. The reason this would increase security is that tools that can be used on many platforms can identify issues and fix them, especially at the LUN level (pop a snapshot of a LUN, have the SAN scan for viruses to find rootkits that the infected machines can't detect.)
These may be expensive, but at least some of the stuff would at least help things in a substantial manner. Passing more laws with longer prison terms will do jack squat for security overall, except make the private prison owners richer. You have to fight technical battles with technology.
...Transparency...... We can all see right through this...
A committee to do -what- exactly? It sounds like a "group of Good 'Ol Boys to handle whoever we suspect of this, without proof, without judicial oversight, in any manner we choose"...
I would be outraged, but who didn't see this coming from the GOP boys?
Their tagline must be "We can't figure out how they're doing it, and we don't know who's doing it, but if we start locking up and executing folks who we THINK did it, maybe they'll get scared and stop."
McCain, et al: Perhaps if you weren't corrupt right-winger pieces of shit, people wouldn't feel the need to hack your stuff. End of line.
If the only way you can accept an assertion is by faith, then you are conceding that it can't be taken on its own merits
Anyone who is stupid enough to have chosen Sarah Palin as a running mate
is not qualified to make decisions which are any more important than which brand
of toilet paper to choose.
Can't wait to see what Anonymous or LulzSec finds out about these new committee members, McCain couldn't of painted a bigger, redder bulls-eye.
Most of Washington is pretty clueless when it comes to technology in general. Hell, that goes for most of the populous.
But congress specifically is atrociously bad. And I think it's mostly an age factor. They simply didn't grow up with this stuff. They're rooted in the old ways. McCain is a fine guy. I didn't vote for him, but he's a good guy to have in congress. I just wouldn't trust him with handling this sort of problem. In the least.
Ok, case in case in point, he doesn't understand network neutrality. The way he talks about it, NN is stricly regulatory legislature. He doesn't understand that NN is the defacto way that the internet has functioned since it's inception. The debate is whether we should enforce that performance in regulations, but he never made that distinction. And he probably has these misconception simply because lobbyist are the ones that explained it to him. Or explained it to the person who explained it to him.
I would just like to point out that Harry Reid is Senate Majority Leader of the Democratic Party.
Countries rotate being the chair of the various committees. Perhaps the AC believes that the UN should only let people chair committees if they agree with his politics.
He damn well better demand an investigation of News Corp. too. Only fair, O'Reilly.
is focusing on the problems of 6 months ago rather than the problems of today and next month. But I guess we ought to be happy he caught up to this century at least...
This is a great post; it was very informative. I look forward in reading more of your work. Also, I made sure to bookmark your website so I can come back later. I enjoyed every moment of reading it. internet marketing
testking
a party he knows nothing about other than what he reads on the DailKos and DemocratMoronsUnderground.com?
Does anyone know anything about the republicans anymore? It's like whack-a-mole except that they're busy whacking themselves. "What, bush's butt buddy created the TSA and installed his own company's scanners into all of the airports making himself millions of dollars? Well that's OK, because they're just RINOs so they don't count and they don't represent our party, except when Bush is the most awesomest Republican evar and his acts embiggen all of us and we should all strive to be like our hero Bush! You don't understand us! Nobody understands us!" (insert emo wailing and wrist slitting)
Tell you what, get your damn party in order, then tell us about how awesome you are.
I can't believe this got posted to the front page. I really can't. If you look at the Slashdot Guide to Trolling, it has many of the elements - intentionally false information, baseless claims, and states things the linked article says nothing about.
First, Harry Reid is a democrat, not republican, and the letter does not refer to Anonymous or any other organization. It talks only about inside threats such as the Bradley Manning case.
Jumpin' Jesus on a Pogo Stick, don't the editors even do a tiny bit of summary fact checking before posting this drivel?
Stop doing so many things that will be embarrassing if exposed to the light of day.
Comment removed based on user account deletion
You keep using this term, I do not think it means what you think it means.
Unless you're suggesting the US Government is behind wikileaks?
False flag (aka Black Flag) operations are covert operations designed to deceive the public in such a way that the operations appear as though they are being carried out by other entities.
Slashdot Monday: Anonymous/Wikileaks is going to expose and bring down the corrupt US government.
Slashdot Thursday: How dare the Senate consider whether Anon/WL is a threat to the US government?!
Are you now or have you ever been a hacker.
How about the United States Government NOT do things which cannot stand up under scrutiny and the light of day so that "leaks" are irrelevant? How about training your ambassadors to give you accurate representations of foreign dignitaries without the colorful asides and random bashing and hate mongering? Why don't we inject some actual ethics back into our government?
Let every other country degrade themselves and their citizens into a police state BUT let _this_ country remain a shining beacon for freedom and democracy. Let them envy us. Let them have one overarching wish - to be a citizen of the United States of America. Naive on my part, perhaps? Sure. The "right" thing to do, regardless? Also sure.
Dream as if you'll live forever.
Live as if you'll die tomorrow.
~Anonymous~
Is this what you have let this site become? 95% of the articles I read end up being complete bullshit because of either the inclusion of false information or things being twisted around. I know things have been going downhill on here for some time now, but it's to the point now where I almost don't want to read the title in my feeds so that I don't remember some false information. Where is the moderation? This site needs to return to the state it was several years ago instead of turning into a mainstream media clusterfuck, and that's the direction it looks like Slashdot is trying to take. Pity.
They named Harry Reid as a republican and Mitch McConnell as the Senate Majority Leader?
And who is going to fund the efforts of the new committee?
If someone is passing you on the right, you are an asshole for driving in the wrong lane.
The Anon/Wikileaks/Lulzsec stuff is so last Spring. It's Rupert's turn now. Wanna talk about that, Mr. McCain?
Eloi are stupid, throw morlocks at them!
I've been saying this since the very beginning.
All the hacks were a false flag operation by the government, PRECISELY TO ALLOW this kind of committee to be formed to pass more draconian laws about internet use, hacking, etc.
LulzSec and those other groups aren't real, in that the people running them are working for the government. They may have enticed real hackers to join so they'd have people to jail later. It's all fake though.
How is it that hackers that touch federal sites are typically in jail within a week, yet nobody has been taken down for the multiple federal site hacks that have happened? That's never happened in the history of hacking, yet somehow LulzSec does it along with 800 other hacks in a bizarrely short time frame.
It's fake. Be careful.
You be careful. You're ascribing competence to the US Government's 'cybersecurity' forces. That's never happened in the history of anything.
Faster! Faster! Faster would be better!
Not yet. Mitch won't be Senate majority leader till 2012.
Why don't we have the gov't stop collecting so much "sensitive" information? And, if they would stop breaking so many laws, a whole lot less info would need to be classified to protect those who would be embarrassed by the disclosure of such info. That would reduce the problem by a couple orders of magnitude. Then, maybe we could afford to pay people who actually understand something about security to keep the remaining information secure.
I know, that's far too logical for it to actually work in gov't. But, if you don't ask....
make imaginary.friends COUNT=100 VISIBLE=false
We cannot have private groups picking up the slack for our stenographer media. After burning Dan Rather and firing numerous other investigative journalists, and imprisoning more reporters in the Iraq invasion than were imprisoned in all other wars combined -- I thought we made it clear that we do not want investigative journalism.
Whistleblowers like Bradley Manning, are a threat to our incompetence and graft -- and we'd really appreciate being able to continue this "war on whatever" scam so that we can burden the middle class with lots of debt that will require austerity -- we cannot train your kids to be indentured servants if we continue this concept of "RIGHTS" and such, now can we?
The only way to win the war on Terror, is to allow your military, government and secret services, total access to everything, no responsibility or questions on failure or missing Billions, and to be able to say; "nothing to see hear, move along." With the lack of transparency, we reserve the right to humiliate and/or jail the people who speculate on Conspiracies. Not that they are a threat, we just don't like those geeky twerps and we enjoy crushing the nuts of someone -- so it might as well be them.
After that brain fart, McCain would go back to his soft spoken tones as if he were a reasonable adult, and use words like "concern", "responsibility" and "prudence." As if he gave a rats ass and wasn't thinking about the Poker and Prostitutes party at Boehner's house this Friday night.
>>"ad space available -- low rates!!!"
The OP is an idiot. When he can't get Harry Reid's party correct (Democrat), or Mitch McConnell's title (Minority Leader) I'm not even going to read past the summary.
Someone was having fun smoking something.
"In a letter to Republican leader Harry Reid and Senate majority leader Mitch McConnell"
Republican Leader Harry Reed? Try Senate Majority Leader.
(http://reid.senate.gov/)
Senate majority leader Mitch McConnell? Try Republican Leader.
(http://mcconnell.senate.gov/public/)
Nah, I'm sure there's lots of loose ends.
But all that big money paid for a few of the best political manipulators around. Those guys ARE competent. They're playing the US masses like an instrument.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Why is it that republicans are not called out when the try to increase the size of government?
the party of IP whores.
The problem with (some) politicians today is that they mistake self-interest as a synonym for sophistry. I used to think McCain was principled but the way he's always talking about "interests" makes him sound more like the Gestapo than someone that believes in freedom.
This is more of a cold-war mentality type thing.
Try to say one party is for more openness in government would be a stretch at best.
What are the two different paths you would take between how you think now and if you did become convinced of the worst case scenarios?
I have already begun the arduous process of whitelisting/certifying/etc almost every bit of data on my computer "in case" of "next year's law" of a computer search etc. By now we all know we're not in 1999's free-wheeling Napster world, which to my mind is almost the kickoff point of all this. I really believe it is at the point that citizens have to do enterprise grade content management on their PC's because the copyright on that LongCat is worth more than your house.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Gotta have those riders!
The United States WAS crawling with communists. The Venona intercepts generated leads. Of course, it was classified, so most did not get access to that information.
the venona decrypts were fascinating but there are several reasons i disagree with your interpretation (which has been repeated by many others)
1. the actual decryption took decades, and was not finished until the 70s or 80s, so during the actual mccarthy period of the late 40s early 50s, many of the contents of the crypts were not known.
2. alot of the decryption was of poor quality
3. alot of it used various code names
4. the biggest problem of all, is that you are decryption messages from KGB(NKVD)field agents back and forth to headquarters. the Soviet Union was built on a system of faking your reports and your production numbers, no matter what your field, in order to meet quotas and keep from getting executed. they couldnt even get a reliable census going in the 1930s because politics worked its way into every bureaucracy of the country. to believe the venona decryptions at face value, you have to believe KGB(NKVD) agents statements to moscow at face value, which to me seems like a horrible way to research history.
5. alot of them are 'proven' by cross referencing them with the statements of elizabeth bentley or others. what was her source? the same agents who were writing the cables back to moscow.
the venona has a lot of fascinating information in it and shows a lot of soviet inlfuence in ameirca, but alot of those 'leads' were fucking bullshit.
you can just look at the 'Silvermaster Files' for information, take Bela Gold for example. they put his wife under surveillance. what intelligence do they get? she went shopping. she met with other suspects for an hour here, an hour there. she went shopping. she got pregnant. case closed. Thats the 'damning evidence' somebody wanted to use in a courtroom.
since in America the courts are somewhat independent (unlike, say, the soviet union) the government dropped these cases. Venona couldnt be used in courtrooms not simply because it was 'classified', but because it was unreliable garbage.
then take alger his and whittaker chambers. they decided the laws were not good enough to prosecute him, so they broadened them. what did that leave us with? the Espionage Act subparagraph (e) , which is now being used against whistleblowers like Thomas Drake...
and of course the Emergency Detention Act, completely unconstitutional and cancelled by Nixon when he became president. Think about that. it was too draconian for Nixon.
To talk about it. I am sorry, but having a bunch of old guys talking about things they nothing about seems like a big waste of time and taxpayers money. If I asked Congress to describe a SQL injection or DDOS attack I am sure none of them would have any idea what I would be talking about. And these are simple attacks and the ones most commonly used by these two groups. Why doesn't Congress just go after Fox News for phone hacking at least they would be able to understand what the hell they were talking about.
Just because you are wrong and I called you out on it doesn't mean I am a Troll.
that film was so brilliant. if they had picked a more realistic issue than electrical power lines, maybe it would have been a bigger hit.
the unites states the exporter of terrorism and violator of internationa treatise trying again to hide the truth.
Somebody should assemble a committee to figure out why BOTH republicans AND democrats insist on stepping on the country's neck every time they see some personal benefit from it.
FTFY
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
ROTFL I was thinking the exact same thing. I eagerly await the expose of all of the sordid details of McCain's dealings. I hope for his sake he deleted his entire mail spool and all backups before he said that. Wait...no I don't... I can't wait to donload every email he has ever sent.
He has ineptly swatted at the hive that is Legion. He is going to get stung in his geriatric ass.
"I opened my eyes, and everything went dark again"
Committees for all! All of the World's problems can be solved by creating committees, woohoo!
~Syberz
the bloody lot of em
Did anyone notice how many lines pass through Guam? There are more there than there are on Hawaii... I'm guessing thats where the secret government program to control the internet is based.
also, whats with that lone line running to that island north of Norway?
Personally I'd rather have my idiots at home glued to the TV than out doing idiotic things
And these days it's easier than ever for it to get free.
Deal with it. The world is going to be a more open place overall. Everyone complains about privacy (I sure do), but this is the flip side of it. There is a legitimate place for security concerns, especially if it genuinely endangers people who are "out in the field", whether they be military or intelligence-related personnel. But when it comes to inter-embassy rumors about just how crazy the local dictator really is, that sort of stuff aught to be disclosed after a few years anyway. What's become apparent is that there is a HUGE boatload of crap that never should have been classified in the first place, or if it was, it should have a very prompt expiry date, after which it should become publicly available. As people in the security business have suggested for years, TOO MUCH is classified, making it tough to focus efforts on keeping the really important stuff secured. More "cybersecurity" laws are not the solution. At most, more diligence with security is required, and that's it. That's the whole prescription.
I respect McCain a lot more than the average legislator (at least he *tried* to speak up about torture done on behalf of his own government), but he's way off on what the real problem is or what (if anything) needs to be done about it. All this reaction is really showing is that the people in power are afraid of the prospect of information about what they are doing getting to the public.
Good.
Who needs security through obscurity, when you can have security through committee!
Fascism should more properly be called corporatism because it is the merger of state and corporate power. -- Mussolini
Nite Owl: "How long can we keep this up?"
The Comedian: "Congress is pushing thru some new bill that's gonna outlaw masks - our days are numbered - till then, it's like you always say: We're societies' only protection!"
Nite Owl: "From what?"
The Comedian: "What're you kiddin' me? From themselves!"
Nite Owl: "What happened to the 'American Dream'?"
The Comedian: "What happened to the 'American Dream'?? It came TRUE...! You're LOOKIN @ it!"
* I think that about says it ALL, for the "masked vigilantes" in groups like LulzSec, AntiSec, Anonymous, & others...
APK
P.S.=> They did do a few good things (like warn NHS about their admin passwords being exposed) & the ONLY good thing those guys did, was expose what is weak or needs a fix... but, looks like THAT is coming to an end if the "boys in political power" have anything to say about it...
... apk
It's become a world of committees...
They're better off figuring out how to fix the deficit cap, before spending more millions on useless itemizing and spending to arrest a few 16 y/o's
Harry Reid is an Independent who is on the Democratic Caucus. However, he's never worked to Democrat requests and has been a republican in actions.