Slashdot Mirror
Government Backs Down On Network Monitoring Plan?
GNUCyberKat writes "This article relates how the US government is now approaching their plan to monitor private sector networks. It presents both sides (mostly through links) but is otherwise a good article. "
What business does the government have with what kind of drugs are out there? So it can create lucrative black market terrorists organizations that thrive? Seems like the government is creating all these problems in the first place.
So the government monitors traffic on the net. It learns new ways of getting in trouble after some government employees take a kickback by leaking some inside information gained by email exchange by engineers at a tech startup. Patents are issued and the government has a company paying billions in taxes on a new product on its soil.
Monitoring can create some unhappy people. Let's play fair and everyone will get along better.
Just imagine the profile they could have on your name. What are your interests? What hours of the business day did you post to slashdot? Did you ever make any posts to alt.sex? Do you ever intend to run for political office?
The American government as all the right in the world to watch and record and analyze and study the dataflows on the Internet, just like anyone else has. If the FBI wants to act as an online security consultant, then that is completly fine with me.
The problem is the lack of cryptography to protect yourself (which of course is their fault), and the fact that online crime is prosecuted by an authoritian state in meatspace. Information crimes should be fought with information methods.
Given that the these two huge holes in our human rights go away, I will gladly assume that every information generated by me on Internet (be it a random Telnet package or a slashdot post) falls into everybody's hands (including the American, Iraqee, and Chinese governments).
They're basically saying, "Oh, we were NEVER going to do anything more than monitor critical networks for anomalous activity..." That's still a little too much for me. Any banking concern or other enterprise that forms part of the "critical infrastructure" should already be paranoid about security, and doesn't need the feds to tell them when they're under attack or help them dig out of the situation. It's like Social Security: you must do your own retirement planning; if you rely on the government to do it, you're going to be poverty-stricken a year after you retire.
As usual, we're seeing the FBI (and most likely the NSA especially) trrying to stick its collective nose where it doesn't belong. Let us protect our own networks -- it's nobody else's business what traffic is on there. And I would tend to think it would be a lot easier for a foreign government to compromise one of these "trained, experienced analysts" once the system is in place than to actually crack all those thousands of systems and networks that such an analyst would be able to monitor.
Call me paranoid, but any security professional knows that paranoia doesn't go far enough.
"You can never have too many elephants on your team."
Semtex, cocaine, Ireland, Cuba, Colombia, plutonium, 128 bit encyption, Mafia.
I bet big brother is definieley watching now...
Why does anything the government do have to be done in such a wasteful manner? I would imagine most people that have a server on the net that experience a problem can deal with it just by looking at the logs, find the identity, make a phone call and see if the person needs help. You don't need a multibillion dollar spying center to replace everyone's job.
Do morons run servers? They will if the government has its way and insists on playing big brother on everything. Its like we would be so helpless without laws and regulations covering everything. The internet was doing so good until we started getting laws about encryption it seems like its going downhill from there...
And I just saw an article reporting that Reno, I believe in a letter to the German government, stated her desire to see all cryptographic products banned from the Internet. Despite the technical and legal impossibilities involved, that was one more indication that the JustUs Department is solidly anti-privacy.
Interestingly, this seems to be a non-partisan issue, so I can't fall back on my traditional response of complaining about the Democrats. I've yet to see either party integrate a cohesive position on privacy and technology.
Which brings me to wonder. Currently, we have email systems such as hotmail going over to a cookie rich environment, where if you don't have the pass cookie on your machine, the system chokes up on your entry.
Is this merely the progress of modern internet tracking systems, or is this a govt. movement toward cookie usage so that it won't be as suprising to have said security cookies in use, and thus easier for the govt. to track things? Talking out of my nether orfice here, but...possibility?
Listen to me Peter, I want this bench. You go sit on that bench over there, and if you're good I'll tell you the rest of
Believe it or not, the government is trying to act on the behalf of its citizens with most of these initiatives. If you read the actual text of the plan (available at http://www.cdt.org/policy/terrorism/fidnet/ )you will see that the plan calls for monitoring of mostly .gov site traffic. It calls for a plan to help certain critical infrastructure sections of the private sector in monitoring (ie, banking, utilities, perhaps stock market, etc). An outage in any of these areas of the private sector would have very detrimental long term effects on the Citizens of the US. THAT is why they want to do this.
Plus, if you believe everything you hear, the we must already be monitored, right?
The same rule that existed before still applies...if you want it to be secure, encrypt it; quit bitching about how THE MAN is going to screw your life and take some individual action.
The above is only my opinion.
As long as cryptography is legal, the disclosure that governments are monitoring communications will serve the public interest in encouraging additional use of cryptography.
Seriously, you shouldn't expect anything sent over an open channel to be private. Now the US government is helping people to realize that. Now if only we can get lucky on some cryptography export rule relaxation, we'll be all set.