Obama Signs Cybersecurity Executive Order

← Back to Stories (view on slashdot.org)

Obama Signs Cybersecurity Executive Order

Posted by Soulskill on Wednesday February 13, 2013 @07:01AM from the no-more-flash-or-java-in-fighter-jets dept.

An anonymous reader writes "Last night before the State of the Union speech, President Obama signed an executive order for improving cybersecurity of critical infrastructure (PDF). The highlights of the order are: 'information sharing programs' for the government to provide threat reports to industry; an overarching cybersecurity framework developed by NIST to figure out best practices for securing critical infrastructure; and reviews of existing regulations to make sure they're effective. The ACLU supports the Order, as does the EFF. '"A lot of what this shows is that the president can do a lot without cybersecurity legislation," said Mark Jaycox, policy analyst and legislative assistant for the Electronic Frontier Foundation, who points out that the executive order satisfies the need for information sharing without the privacy problems that existed under legislative proposals where loopholes would have allowed companies to dump large amounts of data on the government in an effort to obtain legal immunities. Without those immunities, companies will by nature be more circumspect about what they provide the government, thus limiting what they hand over, Jaycox said.'"

46 of 74 comments (clear)

Min score:

Reason:

Sort:

Here's a start... by ackthpt · 2013-02-13 07:03 · Score: 3, Insightful

Stop putting every computer on the same network. Stop using Windows for everything.

--

A feeling of having made the same mistake before: Deja Foobar
1. Re:Here's a start... by Anonymous Coward · 2013-02-13 07:14 · Score: 2, Insightful
  
  The US government already has several separate secure networks, and utilizes non-Windows OSes where appropriate.
  Do you want the gubbermint telling you how to run *your* networks and computers? I'm sure that NSA patch is really just a clever way to let them spy on you.
  Seriously, that's not a start, that's just a silly aside with no meaning.
2. Re:Here's a start... by egamma · 2013-02-13 08:11 · Score: 1
  
  Stop putting every computer on the same network. Stop using Windows for everything.
  Excellent idea! Why don't you disconnect from the Internet and then...oh. You don't want to follow your own advice?
  
  --
  Battlemaster--Game with friends in medival realms
3. Re:Here's a start... by ackthpt · 2013-02-13 11:34 · Score: 1
  
  The US government already has several separate secure networks, and utilizes non-Windows OSes where appropriate.
  Do you want the gubbermint telling you how to run *your* networks and computers? I'm sure that NSA patch is really just a clever way to let them spy on you.
  Seriously, that's not a start, that's just a silly aside with no meaning.
  People overestimate the planning and intelligence of government technology infrastructured. So much of it is left up to contracters who know how to write a MOU which sounds good, but then they execute the implementation with a load of cheap tech monkeys. Believe me, I work with this stuff constantly. Fragile systems, systems with competing heads, ignorance run amok. I have talked with some people in positions in the government and they are very frustrated, but every contract goes to the bidder who knows how to win, but may totally be inept at implmentation.
  It's fun to see government talk about cleaning this up, but without actually hiring experts and technical staff into government to do the job on government payroll, don't expect much for your money.
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
4. Re:Here's a start... by hairyfeet · 2013-02-13 11:43 · Score: 1
  
  Ahh yes, security by obscurity works so well, doesn't it? Meanwhile Android which so many here proudly proclaim is Linux is on its way to the one millionth infected system by summer, macs have had multiple bugs in the past year and a half, hell nearly every repo on the planet served up a malware infected Quake 3 for months!
  Magical thinking DOES NOT WORK, and any OS short of one that is air gapped is gonna have weaknesses. A modern OS is one of the most complex creations man has ever written and since man is fallible it WILL have bugs. In the end it comes down to common sense, using best security practices like least privilege and as you say not sticking the whole place on one big network, but saying that "Use Distro X!" will magically do jack shit about malware is just magical thinking. Android proved without a shadow of a doubt that Linux is just as weak as any other OS and all it takes is it becoming popular for it to have as many bugs as a Bangkok whore after coupon day.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
Goodbye Free Internet by ButchDeLoria · 2013-02-13 07:09 · Score: 1, Insightful

Now that the corporate puppet has put his masters' signature on this document, The Powers That Be can continue to shove shit media down the throats of the masses.
1. Re:Goodbye Free Internet by interkin3tic · 2013-02-13 07:18 · Score: 1
  
  Did you read the summary or any of TFAs?
  
  Seriously. Unless I'm utterly failing at reading comprehension (considering I'm late for something, I might be) this is exactly the opposite of what you're saying. This sounds like a move to prevent CISPA/SOPA from rising from the grave. The ACLU and EFF are in favor of it and were opposed to CISPA/SOPA.
  
  COnsidering there were reports from "sources" that Obama would enact CISPA, I'm a little hesitant to jump for joy. And again, I was only skimming.
2. Re:Goodbye Free Internet by Jeremiah+Cornelius · 2013-02-13 07:26 · Score: 1
  
  http://www.dailymotion.com/video/xo5hqn_snl-banned-episode-media-controlled-conspiracy-theory-rock_fun
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
3. Re:Goodbye Free Internet by Anonymous Coward · 2013-02-13 07:30 · Score: 2, Funny
  
  Perhaps he's master of his own domain?
4. Re:Goodbye Free Internet by erroneus · 2013-02-13 08:14 · Score: 1
  
  Awesome. I can't believe it's there for anyone to see :) Where is it "banned" and by whose authority?
5. Re:Goodbye Free Internet by Jeremiah+Cornelius · 2013-02-13 11:53 · Score: 1
  
  From NBC, by NBC. I suppose.
  I just don't see why. With their hubris, you expect that they'd make it compulsory viewing - and then laugh at our squirming helplessness.
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
6. Re:Goodbye Free Internet by hairyfeet · 2013-02-13 12:51 · Score: 1
  
  It was originally a skit on SNL, yet you won't find it ever shown after the original air in reruns, nor is it in any box sets. The corporate masters really weren't too thrilled with a show having a piece pointing out how they get corporate welfare or use PACs and soft money to get away with crimes like dumping PCBs and making the state pick up the tab, hence they just cut it out. you go look for it on the corporate owned SNL site and its like it never existed, poof!
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
This has already started. with in the DoD. by RobertNotBob · 2013-02-13 07:09 · Score: 1

The DoD has been doing this with "Cleared Defense Contractors" for a while now. It's been growing significantly for the past year.
You can google DCISE for yourself, or take your chances following an embedded link on slashdot...
http://www.dc3.mil/dcise/dciseAbout.php

--
___ I don't respond to Anonymous Cowards, and I Never Mod them UP.
Cybersecurity Executive Order by K.+S.+Kyosuke · 2013-02-13 07:19 · Score: 2

That's too long, I propose to abbreviate it to CyberSEx Order, it's less of a mouthful.

--
Ezekiel 23:20
1. Re:Cybersecurity Executive Order by davester666 · 2013-02-13 08:04 · Score: 1
  
  That's what Bill Clinton signed...
  
  --
  Sleep your way to a whiter smile...date a dentist!
2. Re:Cybersecurity Executive Order by PolygamousRanchKid+ · 2013-02-13 08:12 · Score: 1
  
  That's what Bill Clinton signed...
  That's what Bill Clinton stained...
  
  --
  Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Checks and Balances My Ass by anagama · 2013-02-13 07:22 · Score: 5, Insightful

Welcome to the new American Paradigm.
President: Legislator, executive, judge, jury, and executioner.

--
What changed under Obama? Nothing Good
1. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 07:37 · Score: 5, Interesting
  
  Unlike the previous one who was only a jury and executioner thats actually a step up!
  Uhhh, no.
  Obama's gone above and beyond ANYTHING the most rabid BOOOSH IS TEH EVIL!!!! foaming-at-the-mouth twit ever dreamed up BOOOSH! might do.
  Seriously.
  Summary execution of US citizens.
  Can you IMAGINE the uproar from the /sheep had BOOOSH!!! done that?
  Yet, Obama's been doing it for YEARS.
2. Re:Checks and Balances My Ass by Mitreya · 2013-02-13 07:54 · Score: 1
  
  President: Legislator, executive, judge, jury, and executioner.
  Does this carry any (real) legal power? I can't image why would ACLU support that...
  Hypothetically, can Obama just write an executive order saying that Congress is to be disbanded immediately (or be handpicked by him instead of being elected) and that next presidential election happens in 2020?
  
  A lot of what this shows is that the president can do a lot without cybersecurity legislation," said Mark Jaycox, policy analyst and legislative assistant for the Electronic Frontier Foundation, who points out that the executive order satisfies the need for information sharing...
3. Re:Checks and Balances My Ass by sl4shd0rk · 2013-02-13 08:00 · Score: 1
  
  Meh.. the way I see it, if the EFF *and* ACLU isn't bitching about it, that's pretty rare. mod parent "-1 Resentful Conservative"
  
  --
  Join the Slashcott! Feb 10 thru Feb 17!
4. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 08:15 · Score: 3, Informative
  
  Welcome to the new American Paradigm.
  President: Legislator, executive, judge, jury, and executioner.
  You're confusing laws for administration policies. Reviewing existing infrastructure doesn't require legislation. Telling the various departments of the government to share information with each other doesn't require legislation. Learn the difference between a law and a policy.
5. Re:Checks and Balances My Ass by frank_adrian314159 · 2013-02-13 08:28 · Score: 4, Insightful
  
  President: Legislator, executive, judge, jury, and executioner.
  You know, he wouldn't need to be the first if the Republicans in the House wouldn't make their number one objective "non-cooperation". And, as for the last three (for which there seems to be relatively broad bipartisan support for in the corridors of power), I'm pretty sure that's limited to the occasional drone strike or declaration of someone as a terrorist. As far as executive orders concerning agencies other than DHS and other non-terrorist-related issues goes, I've seen many people drag this administration to court, so that rules out (again with caveats) the last three. So stop the hyperbole. It doesn't move discussion forward.
  
  --
  That is all.
6. Re:Checks and Balances My Ass by hierophanta · 2013-02-13 08:30 · Score: 1
  
  You mean Peoples' Champion? Because that is what it sounds like you are saying to me.
7. Re:Checks and Balances My Ass by FCAdcock · 2013-02-13 08:37 · Score: 1
  
  The house? They're the only ones with blame here? Then how come congress refuses to pass (or even discuss) any of the budgets passed by the house?
  It's BOTH side's fault, and it's not new. They've been doing it for years.
  
  --
  --Forest C. Adcock--
8. Re:Checks and Balances My Ass by anagama · 2013-02-13 09:14 · Score: 1
  
  A body of Federal laws so vast and vague that it is unknowable and any random person commits a federal crime unwittingly probably every day.
  President tells his minions to go after "X" group.
  Prosecutors find random law and prosecute the person.
  Result: unlimited presidential power.
  
  --
  What changed under Obama? Nothing Good
9. Re:Checks and Balances My Ass by anagama · 2013-02-13 09:15 · Score: 1
  
  No. I'm a liberal and I'm more than a little resentful about the New GOP (aka Democrats -- with the emphasis on "rats").
  
  --
  What changed under Obama? Nothing Good
10. Re:Checks and Balances My Ass by anagama · 2013-02-13 09:29 · Score: 4, Insightful
  
  The whole Bush Obama thing has made me wonder if the true danger to our country will be some kind of civil war between the GOP and the DNC. Their policies are essentially the same (aside from edge issues like abortion and gay marriage(*)). On critical issues like the right not to be randomly jailed or murdered, on war, on domestic surveillance -- they're completely identical.
  Yet GOPers loathe Obama and Democrats Loathe Bush. It's personal though -- it can't be about policies, it is only a personal hate based on the person's tribal identity (party). There is no logical basis for the two groups to hate each other because they do the identical shit. What you have is the pickup truck driving GOPer sneering at the iPad toting DNCer -- not because of an actual difference in policy, but merely because of mutual hatred. And that's dangerous because there is no reason or logic -- it's pure tribalism.
  (*) I'm not saying these are unimportant, I'm saying that they don't matter if you are dead or in a gulag. There is a hierarchy of importance and there are more fundamental issues at the top of it.
  
  --
  What changed under Obama? Nothing Good
11. Re:Checks and Balances My Ass by frosty_tsm · 2013-02-13 09:29 · Score: 1
  
  The house? They're the only ones with blame here? Then how come congress refuses to pass (or even discuss) any of the budgets passed by the house?
  It's BOTH side's fault, and it's not new. They've been doing it for years.
  Correct me of I'm wrong but I recall budgets and other spending bills need to originate from the House. Nothing from the House means nothing for anyone else to do.
12. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 09:35 · Score: 1
  
  Does this carry any (real) legal power? I can't image why would ACLU support that...
  An executive order is an order from the President to the Executive branch and has the force of legislation. The power behind the order is generally granted from existing legislation that grants the president specific powers. Other times the power behind the order comes from general hand waving, constitution rattling and the sincere belief that no one is going to have the stones and political skills to do anything serious against the order.
  So, in a nutshell, the president can order all kinds of crazy, but they need political backing to do it. Extreme crazy takes extreme political currency. Mild crazy is politics as usual.
  None of the above relates to my opinion of TFA, just a comment about executive orders....
13. Re:Checks and Balances My Ass by interkin3tic · 2013-02-13 11:00 · Score: 1
  
  New? Oh right. Only Obama has used his executive powers. I forgot.
14. Re:Checks and Balances My Ass by frank_adrian314159 · 2013-02-13 11:57 · Score: 1
  
  The house? They're the only ones with blame here?
  Oh yeah. Sorry. The Republicans in the Senate are just as bad (if not worse), using the filibuster to block anything worthwhile. Again, my apologies for not remembering them as well.
  
  --
  That is all.
15. Re:Checks and Balances My Ass by RocketRabbit · 2013-02-13 14:03 · Score: 1
  
  Non-cooperation, animosity, gridlock, whatever you wish to call it, is the ideal state for congress and the president to reside in. After all, there is literally nothing that a politician does these days that benefits the average Joe. Every bill and resolution is designed from the ground-up by lobbyists and foreign PACs in order to enrich the people sponsoring the bill (and sponsoring the people who introduce it).
  Just because Obama doesn't like being cock-blocked, this does not give him the right to assume dictatorial powers in order to push his agenda forward. Be careful what you wish for, for YOUR party (it's pretty clear you're a Democrat or well wisher / fellow traveler) because next time a Republican sits in the throne and issues these royal decrees, you'll be tasting bile.
16. Re:Checks and Balances My Ass by N0Man74 · 2013-02-14 04:50 · Score: 1
  
  Hypothetically, can Obama just write an executive order saying that Congress is to be disbanded immediately (or be handpicked by him instead of being elected) and that next presidential election happens in 2020?
  I don't know if the US President can, but the US Emperor tried it...
  http://en.wikipedia.org/wiki/Emperor_Norton#Declares_himself_.22Emperor.22
Drone warfare. by concealment · 2013-02-13 07:33 · Score: 2

Unlike the previous one who was only a jury and executioner thats actually a step up!
I think we're past the days of judges, juries and executioners.
Now after government bureaucrat #2,987,103 puts your name on a watch list, expect to suddenly explode at any time.
The age of judgment by drone has begun.
Have they apointed a Czar? by Capt.DrumkenBum · 2013-02-13 07:34 · Score: 1

Or declared war on cyber insecurity?
Because, if memory serves, those are the sure signs the US government have no more ideas and have given up.

--
If I were God, wouldn't I protect my churches from acts of me?
"Cyber" by nam37 · 2013-02-13 07:36 · Score: 1

It's 2013, can we please stop using "cyber" now?

--
The two rules for success are:
1) Never tell them everything you know.
1. Re:"Cyber" by lennier · 2013-02-13 08:20 · Score: 2
  
  It's 2013, can we please stop using "cyber" now?
  I always liked "information superhighway" myself.
  
  --
  You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
Oink Oink by sunking2 · 2013-02-13 07:43 · Score: 1

I smell bacon. Yet another way to increase the government payroll and supplier base.
Can we report without being sued or arrested?! by erroneus · 2013-02-13 08:06 · Score: 2

While there are lots of problems with the way things have been and are being handled, among these are the ridiculous reactions of business, education and even government has when someone says "hey, I found a problem." It's time "cyber" whistle-blowers get traditional whistle-blower protections.
I, for one by Anonymous Coward · 2013-02-13 08:08 · Score: 1

... welcome our new... oh hell.
Never mind.
CYBER by DarthVain · 2013-02-13 08:37 · Score: 1

Hopefully with this additional security this will keep all the "Cyber" out of Ahmerica!
I almost choked when.. by Paracelcus · 2013-02-13 09:01 · Score: 1

I almost chocked when that pusbag Panetta started the histrionically absurd oral flatulence, bleating about "cyber Pearl Harbors" and the "destruction of our infrastructure"!
It's all just one more example of this government trying desperately to frighten it's citizenry as it has found that a terrified population will accept ANY abrogation of basic liberty and constitutional rights to "keep them safe"!

--
I killed da wabbit -Elmer Fudd
You *think* Windows can't be secured? by Anonymous Coward · 2013-02-13 09:11 · Score: 1

See subject-line, & answer honestly... (doesn't matter IF you say it can't be - I know better -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=3AAcUbOuFPS90QH7poCoAg )
* :)
(Heck - I practically "wrote the book" on how it's done, via those links above, & yes, it really DOES work!)
APK
P.S.=> Anyhow/anyways - Bottom-Line: Any OS out there has 'security issues' or just weak initial setup (even Linux via SeLinux in its defaults as well as MacOS X too, guides & tools exist for both to make them better though)!
However as well, on the 'flipside': Any of them can be "security-hardened" & quite easily in minutes (IF You do it as I do in those guides, + I sped that process up (CIS Tool) for Windows 7 here, vs. how I used to do it for 2000/XP/Server 2003, by saving the necessary 'tweaks' into .reg &/or .inf files for instant merges after install (which I keep my system OFFLINE during it until that's done))...
... apk
Re:Hairyfeet's NOT wrong though... apk by hairyfeet · 2013-02-14 00:00 · Score: 1

You forgot the infected Quake 3 that was served from nearly every repo for a year and a half. i especially like that one, as it shows there is too much trust by downstream repos and if you get a bug into an upstream you can just kick back and let it spread.
But this is why I rail against magical thinking, I have seen guys who spent thousands of dollars on systems because "this product doesn't get bugs!" only to find that magical thinking doesn't work and they spent all that money for nothing.
That is what is really sad about these "just use Linux!" types as many are probably infected now and because they know so little about their OS they probably don't even know how to check. security isn't an OS, its not a button that can be pushed, its a process that takes time to learn and requires the user be vigilant to new threats. This is why i'll always call out magical thinking when i see it being used, because there are too many that don't know better that might actually believe it and end up losing big time. I have seen a vicious hacker completely wipe out 3 years worth of family pics and videos, just to be a douchebag. So better to nip magical thinking in the bud before somebody gets hurt.

--
ACs don't waste your time replying, your posts are never seen by me.
Instead of asking the right question by ThatsNotPudding · 2013-02-14 00:27 · Score: 1

Why are critical infrastructre, military, and non-consumer facing financials ON A FUCKING PUBLIC NETWORK AT ALL?
Re:Hey Hairyfeet (LTNS)... apk by hairyfeet · 2013-02-14 18:32 · Score: 1

Well at the time it sounded like you were betting it all on the HOSTS which sounded like magical thinking and as you know that is something I'm VERY strongly against but now I know its just part of a larger security plan I can see it has its place. I still prefer to run it at the DNS level since I have a low power Sempron at the shop that is perfect for the task and don't have to rely on MSFT's as you know increasingly badly done networking choices but not everybody has the luxury of a building handyman that hands piles of laptops and desktops for free so you use what you have. I really need to find somebody around here that does ebay as the laptops that need work are really starting to pile up and it'd probably be better to part most of 'em out anyway,gotta say i'm tickled pink though he brought me a barely 3 year old C2D loaded with RAM and a 500GB HDD that just needed a keyboard, looks like daddy is gonna have a netbook AND a full size.
And as you know I'm mainly a windows guy (If you know what you are doing frankly all OSes are equal) but I found the Quake 3 bug especially telling as it showed how much blind trust downstream repos have and how little "many eyes" is useful for catching actual bugs, if I can come across the link again I'll post it.
Finally as for Linus I get plenty of hate for saying it but he is a douchebag, he really is. If his little asshole rant wasn't proof enough the simple fact that every. other. OS. on. the. planet. has a stable ABI but jerkwad Torvalds won't allow it because of religious reasons? Sorry but that is douchebaggery. and yes its religious because ALL of their arguments break down to "ZOMFG somebody might release...gasp...non free drivers ZOMFG!" and then in the next breath they say "Use nvidia"..Well WTF do you think Nvidia drivers are? The only damned graphics drivers that work consistently are the NON FREE DRIVERS!
But I learned a long time ago you'll never get a FOSSie to admit Linux is an OS with bugs like everybody else anymore than getting a young earther to admit the world is billions of years old so I don't bother. I have all Linux articles filtered now so i don't even see them, the posts end up a FOSSie circle jerk anyway, why waste time. Now I only chime in when obvious magical thinking is being spewed because I've seen first hand that people that have recently gotten a virus will try anything if it promises them a magical virus free life and it often leads to disaster because instead of learning how not to get viruses they change to a system they know less than nothing about and end up in worse shape, like the guy i know who went out and spent nearly 20k replacing every system in his office for Macs only to get DNSChanger and MacDefener infections.
at the end of the day all we can do is show them the first steps while making it clear that using any one tool won't magically make you immune, be it DNS or HOSTS or AVs (which I saw an article recently that said on average AVs only catch around 6% of bugs) but that its a process they have to learn and will have to stay on top of. Sadly those that aren't geeks will be happy to take a quick fix even if it sounds too good to be true so we must be vigilant and point out when such falsehoods are spewed...peace.

--
ACs don't waste your time replying, your posts are never seen by me.