Slashdot Mirror

← Back to Stories (view on slashdot.org)

White House Circulating Draft of Executive Order On Cybersecurity

Posted by Soulskill on from the do-things-if-you-want-or-not-we-don't-care dept.

New submitter InPursuitOfTruth writes with news that the Obama administration has been circulating a draft of an executive order focused on cybersecurity. This follows the recent collapse of an attempt at cybersecurity legislation in the Senate. According to people who have seen the draft, the order would codify standards and best practices for critical infrastructure. That said, it's questionable how effective it would be, since participation would be voluntary, and the standards would be set by "an inter-agency council that would be led by the Department of Homeland Security." The other agencies involved would include NIST, the DoD, and the Commerce Dept. "It would be left up to the companies to decide what steps they want to take to meet the standards, so the government would not dictate what type of technology or strategy they should adopt."

13 of 94 comments (clear)

  1. Well that means one thing... by 3seas · · Score: 4, Insightful

    ... proof positive of the existence of persistent fuck you overs.

    many might say that but in reality it more factual evidence of the degradation of the government of which the Declaration of Independence has instructions by the founders for the peoples as to what to do about the failing of government of which they foresaw the probability of...... Go ahead and read it for yourselves, the instructions really are ther with real life examples too, so to be clear of their intent to communicate to the people in such a time of need..

    1. Re:Well that means one thing... by ranpel · · Score: 4, Insightful

      So let's push a viable candidate from outside - way outside - online, right now. One of the currently eligible candidates that are not from the red or the blue. Screw the media, now. If it ends up being a completely wasted effort just what would the difference be? Exactly? Not much? I'd say so at this point. It's all bump and grind for someone, always. Throw down a vote in a conscious effort to steer hundreds of thousands of votes to the other party, the party of one person, - the one that is missing - a platform of trust. But you can't waffle, ever. And then we take better aim at Congress.

      Traditional media aims to be looking for a lock down and a wholesale information availability reset. The Justice Department seem to be helping that effort along and these appointed trade representatives, in secret no less, and not too mention a few other fronts of encroachment into what we, as citizens all of us, know as freedom.

      God damn to hell the backroom deals of governing this people, any people. There is a hideous stench in that. And that goes too for our relations with other countries, each and every one - we negotiate in public or we do not negotiate. If you're a leader with something to hide and are oppressive to your people then the natural course of things dictates that you should probably not negotiate but each and every corner of how you rule will become open for this country to see and hopefully others could follow as well. Looking for oil? Looking for water? Looking for rice, corn, weapons or weed? Then we should know. All of our people need to steer this nation, on this planet, in a direction that will enable us and not just guide us to some random (or well guided) fucking meat cleaver of an end point. Espionage? Lay it out. Is there something to fear in that? Are we going to allow a continued epic conflict between sciences that we've learned and discovered and the thing that created all of this vast thing we call the universe - all of creation? Really? The learn while you're alive VS the thing you may learn when you are dead? There's a good fucking con job in there baby. Are we going to find a room of super sophisticated heads of three companies, a handful of dictators and another of base religious driven drivel meant to blindly guide entire nations into some great and epic battle? Engage the people of the planet when and wherever you can right? This is one large conference call of potential these Internet lines. Mesh.

      So, how much longer are we going to do this? Just as long as it takes until we can no longer communicate this freely? I'm beginning to think Mr. Manning had intentions that were just. A cherry pick would have been a waste of his efforts if it is to mean anything - anything at all. People blow whistles and we allow ourselves to be blindly led into stopping the sound and not the reason. What the fuck is that? Who's scared and of what? The time to stop playing these ball twisting games that lead to things like Hitlers and Assads and any other family of horrors in charge, including the family of darkness that drives nails of control and oppression right here at home. Justice Dept., treaty makers, the court of corporate opinion and channeled funds of influence. It doesn't take money to elect our officials - it takes people. Vote for control. Collective voice, open forum, genuine good intentions for any breathing mother fucker on this planet. Stop. Not. Taking. Control. Vote. Now. Fuckin' a.

      Who's it going to be? WHO? (keep scrolling)

      --
      futility is never trying

      --
      \r
  2. How about some basic guidelines? by Xenkar · · Score: 5, Insightful

    Rule 1 of critical national infrastructure: Don't put it on the damned internet.
    Rule 2: See rule 1.
    Rule 3: Are you sure you saw rule 1? Quadruple check anyway.
    Rule 4: Manufacture everything pertaining to the critical national infrastructure in your own country (microchips, resistors, diodes, final assembly, etc)
    Rule 5: Keep it simple.

    Now for big business:
    Rule 1: Don't let anyone leave your office with a notebook or any form of portable media containing sensitive customer information unless it is encrypted and heading to your off-site tape storage facility.
    Rule 2: Don't let anyone hook their own computers and gadgets up to your network.
    Rule 3: If it needs to be on the internet, have a nice firewall between it and the internet.
    Rule 4: Have your web browsers running in sandboxes.

    There, now we don't need feel good, ineffective legislation.

    1. Re:How about some basic guidelines? by tetrahedrassface · · Score: 3, Insightful

      We lost 13,000 maufacturing jobs last month.. that's a drop in the bucket. Now, look where wealth is generated and it comes from manufacturing things. Here is just one article on our decline. When whomever is in charge wants to get serious about generating wealth again they'd do well to lift the burdens on U.S. manufacturers, get factories built and start building things again. Until then we are going backwards.

  3. No DHS by Penurious+Penguin · · Score: 4, Insightful

    led by the Department of Homeland Security

    Anything led by the DHS is bound to go from "voluntary" to mandatory (or hyper peculiar) too quickly. I can't imagine the same band of brigands doing such things as this, this , this, or that, and so on and so forth could offer anything constructive to the interweb or anything else.

    --
    Forward! -- Emperor Norton, 2012
  4. vs. Nothing by noobermin · · Score: 4, Insightful

    I shared it before, but this Congress has passed a pittance of actual legislation. The trade off is whether to have no work or at least something that works. The separation of powers was to avoid abuses, not to obstruct the government from running itself.

    1. Re:vs. Nothing by clarkkent09 · · Score: 4, Insightful

      Oh I see, so in your opinion if you can't get the people's elected representatives to agree with your law, the just pass it without them. That's what the executive orders are for, right? Have you ever considered a possibility that passing new legislation is not automatically a good thing. Government is not a law factory where the progress is measured by the number of new laws produced.

      --
      Negative moral value of force outweighs the positive value of good intentions.
  5. Obama is a LIBERAL?? by Oh+Gawwd+Peak+Oil · · Score: 4, Insightful

    Obama is a liberal? Are you nuts?

    Obama is the best Republican president we've had since . . . Bill Clinton.

  6. Voluntary - Mandatory by gavron · · Score: 4, Insightful

    First it's purely voluntary.

    Then it's voluntary... but if you want to be a supplier to the US Government, you must implement it.

    Then if you want to continue being a supplier, you MUST implement it AND your own suppliers must do it, or you can't be a supplier.

    By this point since "almost everyone is doing it anyway" and "those who aren't are clearly a threat to security" it will be mandatory.

    E

  7. Voluntary ? by Taco+Cowboy · · Score: 5, Insightful

    That said, it's questionable how effective it would be, since participation would be voluntary

    That "voluntary" part is inserted to throw off people so that they can't object to this executive order
     
    After a while, the word "voluntary" would disappear, and participation would no longer be "voluntary" and the whole thing would be run by the Homeland Security or one of the many 3-alphabet-agencies
     
    Count on it !
     
    Cyber-security or whatever -security it might be, they are all designed to do one thing - to take away the freedom of the ordinary people and to concentrate all the power at the top
     

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:Voluntary ? by benjamindees · · Score: 3, Insightful

      NSA's illegal wiretapping was "voluntary" when they approached all major telecom providers about it. And when Qwest opted out, they cut their government contracts, prosecuted their CEO on trumped-up charges, and ultimately bankrupted them.

      These people are criminal scum. They have an agenda. They are pushing it through, and eliminating anyone who gets in their way.

      --
      "I assumed blithely that there were no elves out there in the darkness"
  8. Re:Executive Orders vs. Checks & Balances by girlintraining · · Score: 5, Insightful

    On one hand, efficacy and direct, immediate action.

    No. There's been nothing efficient, fast, or direct about this. It's another power grab by the Department of Homeland Security, and pardon my french, but fuck them. They have incompetently managed every resource assigned to them, whether it's investigating domestic crime, securing airports, or anything else. They've created gulag prison camps within our borders to throw protesters in, encouraged the usurpation of local and state laws to further their interests, they irradiate their citizens and workers alike to the point that cancer clusters are now showing up in TSA screeners that are well-beyond being able to be dismissed as a statistical abnormality, and the list goes on.

    And now they want a master kill switch for the internet, to dictate terms about how all our communications infrastructure is organized, and they have deep connections with media organizations -- of which only a few need to be manipulated to suppress information at the national level. The Department of Homeland Security has become the Ministry of Truth, and thanks to clever and covert manipulation of the media and the occasional use of deadly force and questionable laws, has all but silenced dissent or even knowledge of what its activities are.

    No. It's gone too far. It no longer matters to me how well-intentioned or beneficial a proposal is; If it is administered or requested by Homeland Security, my advice is to resist it in any way you reasonably can... they're a dangerous and corrupt organization, unamerican and destructive of the very means it seeks to protect. I'd rather have a hundred Osama Bin Ladens out there plotting the downfall of my country than to turn over my personal safety and security to a bunch of incompetent bureaucrats -- at least in the former case, I know who my enemies are.

    --
    #fuckbeta #iamslashdot #dicemustdie
  9. The standards already exist by TVmisGuided · · Score: 3, Insightful

    ...in the NIST SP-800 series of publications. Federal (US) agencies are already expected to abide by the standards described in that series, as well as other NIST/FIPS publications, e.g.FIPS 140-2 for cryptographic modules,or FIPS 200 for establishing minimum security requirements for specific systems.

    Having had to study several of those publications for work-related tasks, I don't see where there should be any level of pushback from the corporate IT world, since a great many of them already have security measures in place that meet or exceed the requirements described in the NIST and FIPS publications. Individuals' systems, or SOHO systems and networks, would be a bit more problematic; a retailer throwing together an office network of four or five off-the-shelf boxes from (picking a name at random) Dell would likely have no idea where to start in trying to meet all the various technical specifications described just in NIST 800-59, if they even know that publication exists.

    Bottom line...there's a great deal of education that will be required, not only with individuals and small-shop operators, but with network designers and custom-system builders. The days of ordering up a laundry list of parts from (again, grabbing names out of midair) NewEgg, throwing them together and delivering a completed machine to a customer with a pat on the back and a "have fun" are gone. Especially if the customer falls into one of the more ticklish areas of electronic security, such as a doctor's office or a law firm.

    Just my 2p worth.

    --
    All the world's an analog stage, and digital circuits play only bit parts.