http://www.gpgauth.com/ is a good technology. It's open and it's based around GPG. The main thing holding us back is the lack of hardware standards and lack of hardware in general. We should have the hardware in place otherwise a lot of the software will be useless.
We need better smartcards, better e-tokens. The idea of putting identity on our cellphones is stupid. Put it on a card so it can be put in your wallet or hidden if necessary. By putting it in your cellphone it's a huge target for hackers.
We do need a mechanism of trusted identities. The identity should be verified biologically through some hardware. No software can replicate the authentication capability of a retina or facial scan. This biological information should be stored on the smartcard along with the password.
My question is what took them so long to switch to smartcards? Passwords have been notoriously insecure and everybody in the information security industry considers passwords to be a joke.
I am an Australian on Exetel. I have had the quarantine kick in twice due to my house mates getting infected. Both times it was a spam relay, so it was presumably easy to detect the massive jump in port 25 traffic. Once you are quarantined all ports but 80 are blocked and port 80 only serves up a page telling you that you are quarantined, what you need to do to remove the quarantine (clean your system then click a link to tell the automated system to check your outgoing traffic), and links to ISP mirrors of malware removal tools. Both times it took about 15-30 minutes to clean the infections and get the quarantine removed.
I think schemes like this are best practice and the only way the Internet is going to be usable with the rise in online crime. Even if you have a secure local OS nothing stops users downloading trojans.
I like most of what you said but then you use an incredibly broad general statement like it lowers online "crime." Which crimes? Be specific.
That being said trojans, viruses and child pornography are a problem.
Is it just me, or is the first onslaught of posts unusually full of people who seem to want to judge government first and read/think later? I mean, beyond the usual level here.
I mean, something has to be done. We are well over 50% of the internet's capacity being used to send people junk mail, most of it both offensive and fraudulent, far too much of it containing executable payloads that harm the internet itself, etc.
If the ISPs don't take voluntary action at a level of minimum intrusion, some excited parents' group is going to hold a referendum and hand their government the right to intrude in every living room.
So we have to accept a stupid law else a group of ignorant parents will want to cram an even more stupid law down our throats? I don't accept those options. Maybe instead we should just choose the smartest least exploitable law possible and not have to deal with either situation.
Sure, this proposal goes too far in places, misses the boat technically in others. It's not perfect. But it's better than legalizing deep inspection to be adminitered and performed by the agency of the UN/international courts.
If we want better than this, we need to come up with counter-proposals of our own, get out, educate people. (And get ourselves off the OS that is the primary medium of abuse.)
Not only does it go too far but it wont stop worms or DDOS attacks. The programmers will just find a way to make their malware undetectable. Then the ISP's will have to analyze everything we do online. Also how is it a bad thing if the UN handles it? That might actually be a better solution. That being said that option is not on the table either and is just a strawman.
In fact Obama claimed to be for network neutrality so if hes changing his mind on an issue as critical is this, it's a shame he wont be re-elected because hes going to lose virtually all of the youth vote if he messes up on the internet.
You're assuming that most of the youth will actually realize that their rights are being taken away, or be in any way aware of how serious the situation is. It is unfortunate that many of the younger voters who flocked to Obama did so because of his celebrity status, because people want to be part of something big (first black president), etc. The youth vote went to Obama for many of the wrong reasons, and most of them won't notice the danger of losing network neutrality until it's too late. I'm a youth voter in a city that votes strongly dem.
Not all of the youth are completely ignorant on political issues. A majority of college educated youth know how important the internet is and they know or at least have heard of network neutrality.
President Bush stopped private and commercial air transport over the US for two days after September 11, 2001. They had evidence of terrorist attacks under way so they used a kill switch on air transport, which was being used as a weapon by terrorists.
The internet could be used as an attack vector in the same way, so the idea of a kill switch specific to the US, in the manner of air transport, seems reasonable to me.
Because I live outside the US I believe other countries should consider this situation and look for ways to keep internet traffic outside the US flowing if such a kill switch is used.
No it cannot. You cannot DDos a web server and have it result in a loss of life. There are no casualties.
When 3000 people die via hackers then we can take this idea seriously.
It's not reasonable for the government to do anything more than monitor the internet. To start telling people how to run their nodes
In a competitive world, businesses WILL NOT prepare for disaster unless the executives see that it affects the stock price. Preparing for disaster is expensive, and it seldom pays off. (see also: car industry, banking industry, airlines, BP, failure to protect against natural disasters...)
If we want the internet to keep running, without collapsing during a cyberwar, then we do need to insist on some things. It's like requiring that banks keep some reserve, requiring that oil companies have a means to stop a leak, or requiring that an airline not skimp on maintenance when the competition gets fierce.
The internet is never going to collapse. That is a strawman. Industries could lose profits however and this is a legit argument. If American industries lose profit this endangers national security. Endangering national security reduces US military might and overall power. This endangers US superpower status. So all policies are designed to maintain government power and superpower status.
The problem with these policies is they make the civilian population miserable. We can't find a job. The laws all seem to be telling us what we can't do so we can't pursue happiness. This creates collateral damage on the civilian side as many civilian lives are ruined in some cases beyond repair to "win."
Why can't the military establishment find a way to win without making the entire world miserable? After a certain point the people fighting to protect these laws and Constitution wont have morale. We claim the USA is worth fighting for because it has liberty and freedom, and people can get rich and be happy. But that perception is rapidly fading and lying to the public is not going to change the fact that the American dream is harder to reach for individuals. Individuals primarily feel we are winning or losing the war based on situations they see in their own lives and sphere of influence. We might be winning the war on paper but for most people in practice it feels like we are losing.
It was designed for the military. You don't get much more authoritarian than that.
http://en.wikipedia.org/wiki/ARPANET Arpanet was designed for the military. The Internet/World Wide Web was designed for civilians. The Arpanet even though it was designed for the military it was not designed to be an authoritarian tool or an information weapon. I also disagree with your opinion of the military being authoritarian. The military is only as authoritarian as the Constitution says it is. If the military fights to defend the Constitution, even if the ends justify the means the ends (the Constitution) are still just. We only have a problem when we have civilian leadership that subjectively interprets the Constitution so that free speech doesn't really mean completely free and that there are exceptions here and there. This muddles the waters and authoritarianism can rise up during the confusion but the Constitution itself is not an authoritarian document.
It was also designed on the assumption that those using it would know what they were doing.
The military's role is to protect and defend the Constitution with their lives if necessary. They all swear to protect that. So the soldiers actually use authoritarian means to protect the anti authoritarian interpretation of the Constitution. The problems arise when the Constitution is interpreted as authoritarian. Now gun control is acceptable, and now the Constitution can even be suspended. This is the source of the confusion, individuals no longer have a clear answer as to what they are fighting for or what the laws are, only the lawyers and judges know, only the President knows.
I'd like it to be a technical situation but it's as political as it is technical. When you have one group who says gun control is Constitutional and another group saying they can spy on everybody, and another group saying gay marriage should be banned as a Constitutional amendment, and another group saying free speech isn't free, you have a fundamental disconnect between factions.
You have the faction that believes the way to win the war is to control and micromanage every living thing on the planet. They believe that power is the most important principle because absolute power wins all wars. This point of view makes perfect sense when fighting for your existence such as during World War 3 or something like that. The enemy is going to exterminate you if you lose so you fight to win, I get it.
I also understand that if we have to give up all liberty to win the war then after the war is won it's very unlikely that we'd ever get liberty back. Quality of life will be diminished and most people aren't living to protect the Constitution or living to defeat an enemy, most people are living to achieve quality of life/the American dream/pursuit of happiness. So this basically is a situation where the American populace has to sacrifice happiness for security. After a certain point it becomes a prison without walls, what is the point?
So you have the consequentalist warrior argument from the far right military industrial complex. They want to win the war even if they have to sacrifice themselves to do it. Then you have the majority of civilians (especially the young) who haven't lived life yet and don't like the idea of sacrificing happiness and the American dream to achieve victory in a war they have nothing to do with.
To the youth having liberty/happiness is more important than anything else. The reason is the youth will have to live in this miserable society for the next 40-50 years with no rights and no liberty, living in a prison without walls to fight wars to maintain US superpower status.
I understand both sides. It requires sacrifice to maintain US national security and US superpower status. What I don't like is the misinformation about the US fighting to spread freedom and democracy, or pretending to care about human rights. The youth don't know an
This "voluntary" icode just happens to discussed under the backdrop of the government trying to build an internet kill switch. I'm supposed to believe it's going to remain "voluntary" when the US Government is involved?
When it's voluntary then all the government influenced ISP's or ISP's with big government contracts will be pressured behind the scenes to adopt it. I'm not convinced that it will be voluntary if its not in the ISP's economic best interest.
If corporations want to do this they already can. So to make it "voluntary" when it already is an option, it looks more like an agenda.
The President is not competent enough in this area to form any sort of cyber policy. The President just signs off on what his advisers and so called experts are telling him. The idea to create an internet kill switch is utterly ridiculous and if Bush had come up with this idea all the media would be trashing the idea. Why cut Obama any slack on this?
On the other hand this idea is just as ridiculous but for different reasons. If Obama wants to win the support of the American people he has to come clean and stop with the hope/change/faith talk. The government is not a religion and the President is not God. Obama has to be honest about it and claim all it's policies are decided by whether or not it helps or hurts the war effort.
To act like these policies are for the security of anything other than the national interest is to be dishonest. This isn't about protecting civilian computer networks. This is about winning the war on terrorism and the President has to admit to the American people that we are in a total war and that the ethics of military conquest are consequentalist/ends justify the means. This way at least the intellectuals will understand whats going on, because to speak and do two completely different things makes the President look dishonest to the individuals smart enough to understand and makes the President look dishonest to the individuals who are naive, and at least if he looks honest to the intellectuals he has a chance of being re-elected.
When your President lies to you and your government lies to you, how is that a good thing? Ignorance is good if we win the war? Really? We win the war by promoting ignorance? We have to find a way to win the war while at the same time documenting the truth even if just for history sake. We cannot remain naive and ignorant as a country forever.
I'm talking the under 35 vote. And yes they do vote. Not only do they vote but they donated a massive amount of money to the election of the first Black President because he was promising change and promising that he wouldn't follow along with the old ways of doing things. If the youth had expected the government to be run like this they'd have voted for McCain.
Obama promised transparency. Obama promised open government. Obama promised an end to corruption. Obama promised network neutrality. Obama promised to take a harm reduction policy on drugs. Obama promised to fight to protect the environment. Obama promised to help fix the economy and help young people get jobs.
Now hes President and all we see are the criminalization of virtually everything that young people do. Whether it's smoking marijuana or using file sharing clients. The economy is in a terrible state and all the government can think to do is put us young people in prison? I guess thats one way to pay off the national debt.
And if it's not putting people in prison through bad laws, it's putting people in debt where they have to work for 10+ years working it off. So once again Obama owes younger generations something. If everything we do is to benefit the babyboomers why expect young people to vote in the next election? The young people demanded network neutrality and for many this is the only reason they voted for Obama. They believed Obama would promote freedom of speech, promote the internet.
But so far how has Obama's policies differed from the policies of Bush? The only difference is Bush said what he wanted to do and did it while Obama said the exact opposite and hasn't changed anything in regard to the internet. And when things have changed it's clearly for the worst.
Obama has nothing to do with this idea. Read the article where it says cyber-security coordinator Howard Schmidt came up with this idea. If you think it's a bad idea you should direct your anger to the person who thought of it. Obama is not in charge of cyber security and we don't even know if Obama is the one behind the cyber policy to begin with. So to blame Obama is pointless. In fact Obama claimed to be for network neutrality so if hes changing his mind on an issue as critical is this, it's a shame he wont be re-elected because hes going to lose virtually all of the youth vote if he messes up on the internet.
So if you run bit torrent and they decide it's malware, now they can throttle your internet speed and quarantine you. Or if you download legal but tasteless pornography this could be determined to be malware and your speed can be throttled.
In contrasting this with the president's ability to declare a cyber attack and disable internet access in the United States, I'd say this seems like a reasoned approach that would hopefully be considered an alternative to the former where applicable.
My only real concern is that of privacy. How exactly do they go about telling you're a zombie? Well written malware isn't exactly going to advertise infection, and even hosts which may be participating in a denial of service attack can't definitively be proven to be infected unless they're obvious (like sending a TCP packet with an invalid combination of flags, for instance). Scarier would be using the 'zombie' excuse to monitor net traffic on a connection for 'investigative' purposes. So it may just turn out pointless or it may be a ruse for a different kind of control. Anyone have any articles as to the effects of this or some cases where it was actually used in AU?
It's not reasonable for the government to do anything more than monitor the internet. To start telling people how to run their nodes, what websites they can and can't visit, how they can or can't surf the web and at what speeds, is authoritarianism on the web. The internet was not designed for authoritarianism, it was designed to be an anti-authoritarian technology, it was designed to be decentralized, it was designed in this way because authoritarian centralized systems usually have a single point of failure. These overly centralized systems are more likely to fall or collapse.
The internet as it is designed now is already more advanced than the design of most other systems. To centralize and control it down to the byte flowing through each wire, inspecting every package, analyzing every bit, and controlling which bits to quarantine and which bits not, is just a stealth mechanism which can be used either to destroy the internet or weaponize it. This along with the new behavioral advertising schemes allows for specific centralized entities to feed specific information to specific computers, and now they want to be able to quarantine specific computers to block them from receiving specific information from other computers.
How can this be good for the internet as a whole? How can this be good for the flow of information from a mathematics/physics point of view? How can it be ethical if the objective is to reduce ignorance and preserve freedom of speech? It can only be ethical if the objective is to control, weaponize, and win at any cost.
I'm guessing that the new paradigm the government is following in regard to the internet is total information control. It started with total information awareness. The original goal was to monitor all the information on the internet to see and prevent terrorism. Most of us agreed with that idea, and now that the internet is fully monitored the next step is to gain complete control over it. This way if a powerful person doesn't like what is being said on a specific website or by a specific computer, they can quarantine it. This word "quarantine" gives an indication about how the government sees unfavorable information. They see it as a "virus", or "mind virus", which is otherwise known as a meme. The only way to stop the spread of a meme is by quarantining it.
Once again this is about information control, not security. If it's about stopping zombie infectious malware as the article claims they could use many technical solutions to do this and put the control in the hands of the user. The user could set up their system to handle it and the government has no reason to get involved. Or the government could promote corporations such as Google to develop an improved version of Linux or the Linux kernel to have a feature to allow this much in the same way the NSA developed SELinux. To make it a political issue and to use Australia of all places as the example is exactly the wrong way to go about it. We all know that Australia has a completely censored internet with a list of sites people cannot go to because the government does not like the information on these sites.
This might fool individuals who don't understand technology. Saying it's to secure the internet while you throttle their broadband speed might make sense to the 16 year old kid downloading mp3s or using bit torrent. It might make sense to the adult who works in an unrelated industry with little to no knowledge about network neutrality or what is at stake when internet speeds and information is regulated in a centralized manner. To individuals who understand the technology and how to use the internet the idea of controlling the information flowing through the pipes defeats the purpose of the internet itself. I cannot imagine any programmer, hacker, script kiddie, gamer, or serious user supporting this idea. Most of us would rather risk being infected by malware than have our broadband speed throttled.
And let's be honest, child pornography is probably the worst kind of virus you can be infected with. And the only reason it's so horrible is because the laws related to possession of it are unreasonable. So before we go and fundamentally try to alter the code of the internet and create millions of unintended consequences we should debate what we want the internet to be and what it's purpose is. Does the internet exist as a weapon of war or is it something more fundamental? Should the government control the internet or should the market control the internet?
If the government wants to have this much control over it, maybe they should make it free. That's my opinion. But to bait and switch like this is unfair to individuals who have paid for internet access for over a decade, who have created most of the content on the WWW, who have made the internet what it is.
If you give me physical access to a machine, there is absolutely nothing that's going to prevent me from having absolute control of all data on the machine if I want it.
So you have physical access to the machine. You want to execute a command but the machine does not give you the authority to execute that command without proof of identity. So you bypass the retina scan, fingerprint, or other biological verification mechanism and you still can't execute the command without bypassing a bunch of other security features which might require a hardware based security token or ID card. It's not impossible but just getting physical access to the machine doesn't guarantee that you'll have the privileges to do anything.
Period. All I need is about 15 minutes and that time is only based on needing to get through the padlock on the case/rack. I'm guessing you didn't intend to suggest actually gaining physical access though.
And when you open the case it self destructs or shuts off. Now you can't execute any command. Physical access does not mean physical control. You can have physical access to a device and still not be able to control the device due to how the device is constructed. A device can be constructed in such a way that the device itself knows when it's being tampered with.
Securing a system properly just means you've used security best practices, and you've defended against all known forms of attack. That doesn't mean attackers stop developing new intrusions. If an attacker is able to breach the system and gain root, then they have full access.
So you make it physically or technically impossible to gain root without biological verification. You have a password which changes every 60 seconds so it's uncrackable, and you put the timing device in the ID card. The ID card along with biological identity verification is extremely difficult to crack. It's not impossible but you won't be able to do it with any kind of ease.
If you've done things right they still don't have access to the network, and are limited to just that one machine. But there are no gaurantees. That's why there are thousands upon thousands of people whose whole job is watching monitoring tools to detect intrusion attempts.
If you've done things right the commands they can execute on that machine will be limited and password protected. You want to write to the machine? Now you have to enter in your key and identity and if someone writes under your name, you'll be the one going to jail.
That being said, consider this: Lets pretend that 100% security at NASDAQ is possible. Now consider the millions of computers all around the globe that are connecting to NASDAQ all day every day from podunk little investment offices in places like Sterling Nebraska. Places that have uneducated or lazy IT staff, or the IT staff is also the accountants and financial advisors. It's not a stretch to build a botnet from those poorly secured machines and coordinate a massive influx of bad transactions all at once. Billions of dollars could change hands in micro-seconds and it wouldn't have a damn thing to do with NASDAQ's security. You'd also have any banking/transaction information from that branch at your disposal.
Possible but unlikely. It's possible to hack anything if you have military level precision in your operation. But if you need the precision of a military operation to achieve the hack then it limits the kind of adversaries. Al Qaeda would not have that level of precision but a foreign government like China might. Once again if something like this were to happen it would require first that the random number generator or password generator which syncs all the security tokens be hacked. You hack that and you might be able to figure out what the randomly generated string of numbers will be on each token every 60 seconds. But this is mission impossible type of operation and most
Individuals always got information from each other. They would go to church and discuss the current events at church each week. They would do it through music. They would write papers and mail it to peoples doorsteps by mailing list. There were radio stations and all sorts of other systems.
So it was NEVER easily controlled or managed. That world never existed. It might have existed under Stalin and Hitler but it never existed before in the USA.
If you know how to use the internet properly you learn how to filter the BS out. By now most people have a list of sites they go to (like slashdot) discuss complicated issues with other intellectuals and reach a decision. If you have no forum, no place to debate, no websites at all, it's much more difficult to make wise decisions.
Yes there will always be websites and individuals who promote ignorance. But we cannot counter the ignorance without an open forum on the internet to compare the dumb ideas to the smart ideas.
Slashdot Mirror
who is "they"? And how would they force you to log into 4chan?
Anybody can log in as you and nobody knows any better.
http://www.gpgauth.com/ is a good technology. It's open and it's based around GPG. The main thing holding us back is the lack of hardware standards and lack of hardware in general. We should have the hardware in place otherwise a lot of the software will be useless.
We need better smartcards, better e-tokens. The idea of putting identity on our cellphones is stupid. Put it on a card so it can be put in your wallet or hidden if necessary. By putting it in your cellphone it's a huge target for hackers.
We do need a mechanism of trusted identities. The identity should be verified biologically through some hardware. No software can replicate the authentication capability of a retina or facial scan. This biological information should be stored on the smartcard along with the password.
My question is what took them so long to switch to smartcards? Passwords have been notoriously insecure and everybody in the information security industry considers passwords to be a joke.
I am an Australian on Exetel. I have had the quarantine kick in twice due to my house mates getting infected. Both times it was a spam relay, so it was presumably easy to detect the massive jump in port 25 traffic. Once you are quarantined all ports but 80 are blocked and port 80 only serves up a page telling you that you are quarantined, what you need to do to remove the quarantine (clean your system then click a link to tell the automated system to check your outgoing traffic), and links to ISP mirrors of malware removal tools. Both times it took about 15-30 minutes to clean the infections and get the quarantine removed.
I think schemes like this are best practice and the only way the Internet is going to be usable with the rise in online crime. Even if you have a secure local OS nothing stops users downloading trojans.
I like most of what you said but then you use an incredibly broad general statement like it lowers online "crime." Which crimes? Be specific.
That being said trojans, viruses and child pornography are a problem.
When 3000 people die via hackers then we can take this idea seriously.
It will happen eventually and we should take it seriously now.
We will discover life on other planets eventually, why don't we take it seriously now?
Is it just me, or is the first onslaught of posts unusually full of people who seem to want to judge government first and read/think later? I mean, beyond the usual level here.
I mean, something has to be done. We are well over 50% of the internet's capacity being used to send people junk mail, most of it both offensive and fraudulent, far too much of it containing executable payloads that harm the internet itself, etc.
If the ISPs don't take voluntary action at a level of minimum intrusion, some excited parents' group is going to hold a referendum and hand their government the right to intrude in every living room.
So we have to accept a stupid law else a group of ignorant parents will want to cram an even more stupid law down our throats? I don't accept those options. Maybe instead we should just choose the smartest least exploitable law possible and not have to deal with either situation.
Sure, this proposal goes too far in places, misses the boat technically in others. It's not perfect. But it's better than legalizing deep inspection to be adminitered and performed by the agency of the UN/international courts.
If we want better than this, we need to come up with counter-proposals of our own, get out, educate people. (And get ourselves off the OS that is the primary medium of abuse.)
Not only does it go too far but it wont stop worms or DDOS attacks. The programmers will just find a way to make their malware undetectable. Then the ISP's will have to analyze everything we do online. Also how is it a bad thing if the UN handles it? That might actually be a better solution. That being said that option is not on the table either and is just a strawman.
In fact Obama claimed to be for network neutrality so if hes changing his mind on an issue as critical is this, it's a shame he wont be re-elected because hes going to lose virtually all of the youth vote if he messes up on the internet.
You're assuming that most of the youth will actually realize that their rights are being taken away, or be in any way aware of how serious the situation is. It is unfortunate that many of the younger voters who flocked to Obama did so because of his celebrity status, because people want to be part of something big (first black president), etc. The youth vote went to Obama for many of the wrong reasons, and most of them won't notice the danger of losing network neutrality until it's too late. I'm a youth voter in a city that votes strongly dem.
Not all of the youth are completely ignorant on political issues. A majority of college educated youth know how important the internet is and they know or at least have heard of network neutrality.
President Bush stopped private and commercial air transport over the US for two days after September 11, 2001. They had evidence of terrorist attacks under way so they used a kill switch on air transport, which was being used as a weapon by terrorists.
The internet could be used as an attack vector in the same way, so the idea of a kill switch specific to the US, in the manner of air transport, seems reasonable to me.
Because I live outside the US I believe other countries should consider this situation and look for ways to keep internet traffic outside the US flowing if such a kill switch is used.
No it cannot. You cannot DDos a web server and have it result in a loss of life. There are no casualties.
When 3000 people die via hackers then we can take this idea seriously.
It's not reasonable for the government to do anything more than monitor the internet. To start telling people how to run their nodes
In a competitive world, businesses WILL NOT prepare for disaster unless the executives see that it affects the stock price. Preparing for disaster is expensive, and it seldom pays off. (see also: car industry, banking industry, airlines, BP, failure to protect against natural disasters...)
If we want the internet to keep running, without collapsing during a cyberwar, then we do need to insist on some things. It's like requiring that banks keep some reserve, requiring that oil companies have a means to stop a leak, or requiring that an airline not skimp on maintenance when the competition gets fierce.
The internet is never going to collapse. That is a strawman. Industries could lose profits however and this is a legit argument. If American industries lose profit this endangers national security. Endangering national security reduces US military might and overall power. This endangers US superpower status. So all policies are designed to maintain government power and superpower status.
The problem with these policies is they make the civilian population miserable. We can't find a job. The laws all seem to be telling us what we can't do so we can't pursue happiness. This creates collateral damage on the civilian side as many civilian lives are ruined in some cases beyond repair to "win."
Why can't the military establishment find a way to win without making the entire world miserable? After a certain point the people fighting to protect these laws and Constitution wont have morale. We claim the USA is worth fighting for because it has liberty and freedom, and people can get rich and be happy. But that perception is rapidly fading and lying to the public is not going to change the fact that the American dream is harder to reach for individuals. Individuals primarily feel we are winning or losing the war based on situations they see in their own lives and sphere of influence. We might be winning the war on paper but for most people in practice it feels like we are losing.
This is the primary disconnect.
It was designed for the military. You don't get much more authoritarian than that.
http://en.wikipedia.org/wiki/ARPANET Arpanet was designed for the military. The Internet/World Wide Web was designed for civilians. The Arpanet even though it was designed for the military it was not designed to be an authoritarian tool or an information weapon. I also disagree with your opinion of the military being authoritarian. The military is only as authoritarian as the Constitution says it is. If the military fights to defend the Constitution, even if the ends justify the means the ends (the Constitution) are still just. We only have a problem when we have civilian leadership that subjectively interprets the Constitution so that free speech doesn't really mean completely free and that there are exceptions here and there. This muddles the waters and authoritarianism can rise up during the confusion but the Constitution itself is not an authoritarian document.
It was also designed on the assumption that those using it would know what they were doing.
The military's role is to protect and defend the Constitution with their lives if necessary. They all swear to protect that. So the soldiers actually use authoritarian means to protect the anti authoritarian interpretation of the Constitution. The problems arise when the Constitution is interpreted as authoritarian. Now gun control is acceptable, and now the Constitution can even be suspended. This is the source of the confusion, individuals no longer have a clear answer as to what they are fighting for or what the laws are, only the lawyers and judges know, only the President knows.
I'd like it to be a technical situation but it's as political as it is technical. When you have one group who says gun control is Constitutional and another group saying they can spy on everybody, and another group saying gay marriage should be banned as a Constitutional amendment, and another group saying free speech isn't free, you have a fundamental disconnect between factions.
You have the faction that believes the way to win the war is to control and micromanage every living thing on the planet. They believe that power is the most important principle because absolute power wins all wars. This point of view makes perfect sense when fighting for your existence such as during World War 3 or something like that. The enemy is going to exterminate you if you lose so you fight to win, I get it.
I also understand that if we have to give up all liberty to win the war then after the war is won it's very unlikely that we'd ever get liberty back. Quality of life will be diminished and most people aren't living to protect the Constitution or living to defeat an enemy, most people are living to achieve quality of life/the American dream/pursuit of happiness. So this basically is a situation where the American populace has to sacrifice happiness for security. After a certain point it becomes a prison without walls, what is the point?
So you have the consequentalist warrior argument from the far right military industrial complex. They want to win the war even if they have to sacrifice themselves to do it. Then you have the majority of civilians (especially the young) who haven't lived life yet and don't like the idea of sacrificing happiness and the American dream to achieve victory in a war they have nothing to do with.
To the youth having liberty/happiness is more important than anything else. The reason is the youth will have to live in this miserable society for the next 40-50 years with no rights and no liberty, living in a prison without walls to fight wars to maintain US superpower status.
I understand both sides. It requires sacrifice to maintain US national security and US superpower status. What I don't like is the misinformation about the US fighting to spread freedom and democracy, or pretending to care about human rights. The youth don't know an
This "voluntary" icode just happens to discussed under the backdrop of the government trying to build an internet kill switch. I'm supposed to believe it's going to remain "voluntary" when the US Government is involved?
When it's voluntary then all the government influenced ISP's or ISP's with big government contracts will be pressured behind the scenes to adopt it. I'm not convinced that it will be voluntary if its not in the ISP's economic best interest.
If corporations want to do this they already can. So to make it "voluntary" when it already is an option, it looks more like an agenda.
The President is not competent enough in this area to form any sort of cyber policy. The President just signs off on what his advisers and so called experts are telling him. The idea to create an internet kill switch is utterly ridiculous and if Bush had come up with this idea all the media would be trashing the idea. Why cut Obama any slack on this?
On the other hand this idea is just as ridiculous but for different reasons. If Obama wants to win the support of the American people he has to come clean and stop with the hope/change/faith talk. The government is not a religion and the President is not God. Obama has to be honest about it and claim all it's policies are decided by whether or not it helps or hurts the war effort.
To act like these policies are for the security of anything other than the national interest is to be dishonest. This isn't about protecting civilian computer networks. This is about winning the war on terrorism and the President has to admit to the American people that we are in a total war and that the ethics of military conquest are consequentalist/ends justify the means. This way at least the intellectuals will understand whats going on, because to speak and do two completely different things makes the President look dishonest to the individuals smart enough to understand and makes the President look dishonest to the individuals who are naive, and at least if he looks honest to the intellectuals he has a chance of being re-elected.
When your President lies to you and your government lies to you, how is that a good thing? Ignorance is good if we win the war? Really? We win the war by promoting ignorance? We have to find a way to win the war while at the same time documenting the truth even if just for history sake. We cannot remain naive and ignorant as a country forever.
I'm talking the under 35 vote. And yes they do vote. Not only do they vote but they donated a massive amount of money to the election of the first Black President because he was promising change and promising that he wouldn't follow along with the old ways of doing things. If the youth had expected the government to be run like this they'd have voted for McCain.
Obama promised transparency. Obama promised open government. Obama promised an end to corruption. Obama promised network neutrality. Obama promised to take a harm reduction policy on drugs. Obama promised to fight to protect the environment. Obama promised to help fix the economy and help young people get jobs.
Now hes President and all we see are the criminalization of virtually everything that young people do. Whether it's smoking marijuana or using file sharing clients. The economy is in a terrible state and all the government can think to do is put us young people in prison? I guess thats one way to pay off the national debt.
And if it's not putting people in prison through bad laws, it's putting people in debt where they have to work for 10+ years working it off. So once again Obama owes younger generations something. If everything we do is to benefit the babyboomers why expect young people to vote in the next election? The young people demanded network neutrality and for many this is the only reason they voted for Obama. They believed Obama would promote freedom of speech, promote the internet.
But so far how has Obama's policies differed from the policies of Bush? The only difference is Bush said what he wanted to do and did it while Obama said the exact opposite and hasn't changed anything in regard to the internet. And when things have changed it's clearly for the worst.
Obama has nothing to do with this idea. Read the article where it says cyber-security coordinator Howard Schmidt came up with this idea. If you think it's a bad idea you should direct your anger to the person who thought of it. Obama is not in charge of cyber security and we don't even know if Obama is the one behind the cyber policy to begin with. So to blame Obama is pointless. In fact Obama claimed to be for network neutrality so if hes changing his mind on an issue as critical is this, it's a shame he wont be re-elected because hes going to lose virtually all of the youth vote if he messes up on the internet.
So if you run bit torrent and they decide it's malware, now they can throttle your internet speed and quarantine you. Or if you download legal but tasteless pornography this could be determined to be malware and your speed can be throttled.
This idea is as bad as the kill switch idea.
In contrasting this with the president's ability to declare a cyber attack and disable internet access in the United States, I'd say this seems like a reasoned approach that would hopefully be considered an alternative to the former where applicable.
My only real concern is that of privacy. How exactly do they go about telling you're a zombie? Well written malware isn't exactly going to advertise infection, and even hosts which may be participating in a denial of service attack can't definitively be proven to be infected unless they're obvious (like sending a TCP packet with an invalid combination of flags, for instance). Scarier would be using the 'zombie' excuse to monitor net traffic on a connection for 'investigative' purposes. So it may just turn out pointless or it may be a ruse for a different kind of control. Anyone have any articles as to the effects of this or some cases where it was actually used in AU?
It's not reasonable for the government to do anything more than monitor the internet. To start telling people how to run their nodes, what websites they can and can't visit, how they can or can't surf the web and at what speeds, is authoritarianism on the web. The internet was not designed for authoritarianism, it was designed to be an anti-authoritarian technology, it was designed to be decentralized, it was designed in this way because authoritarian centralized systems usually have a single point of failure. These overly centralized systems are more likely to fall or collapse.
The internet as it is designed now is already more advanced than the design of most other systems. To centralize and control it down to the byte flowing through each wire, inspecting every package, analyzing every bit, and controlling which bits to quarantine and which bits not, is just a stealth mechanism which can be used either to destroy the internet or weaponize it. This along with the new behavioral advertising schemes allows for specific centralized entities to feed specific information to specific computers, and now they want to be able to quarantine specific computers to block them from receiving specific information from other computers.
How can this be good for the internet as a whole? How can this be good for the flow of information from a mathematics/physics point of view? How can it be ethical if the objective is to reduce ignorance and preserve freedom of speech? It can only be ethical if the objective is to control, weaponize, and win at any cost.
I'm guessing that the new paradigm the government is following in regard to the internet is total information control. It started with total information awareness. The original goal was to monitor all the information on the internet to see and prevent terrorism. Most of us agreed with that idea, and now that the internet is fully monitored the next step is to gain complete control over it. This way if a powerful person doesn't like what is being said on a specific website or by a specific computer, they can quarantine it. This word "quarantine" gives an indication about how the government sees unfavorable information. They see it as a "virus", or "mind virus", which is otherwise known as a meme. The only way to stop the spread of a meme is by quarantining it.
Once again this is about information control, not security. If it's about stopping zombie infectious malware as the article claims they could use many technical solutions to do this and put the control in the hands of the user. The user could set up their system to handle it and the government has no reason to get involved. Or the government could promote corporations such as Google to develop an improved version of Linux or the Linux kernel to have a feature to allow this much in the same way the NSA developed SELinux. To make it a political issue and to use Australia of all places as the example is exactly the wrong way to go about it. We all know that Australia has a completely censored internet with a list of sites people cannot go to because the government does not like the information on these sites.
This might fool individuals who don't understand technology. Saying it's to secure the internet while you throttle their broadband speed might make sense to the 16 year old kid downloading mp3s or using bit torrent. It might make sense to the adult who works in an unrelated industry with little to no knowledge about network neutrality or what is at stake when internet speeds and information is regulated in a centralized manner. To individuals who understand the technology and how to use the internet the idea of controlling the information flowing through the pipes defeats the purpose of the internet itself. I cannot imagine any programmer, hacker, script kiddie, gamer, or serious user supporting this idea. Most of us would rather risk being infected by malware than have our broadband speed throttled.
And let's be honest, child pornography is probably the worst kind of virus you can be infected with. And the only reason it's so horrible is because the laws related to possession of it are unreasonable. So before we go and fundamentally try to alter the code of the internet and create millions of unintended consequences we should debate what we want the internet to be and what it's purpose is. Does the internet exist as a weapon of war or is it something more fundamental? Should the government control the internet or should the market control the internet?
If the government wants to have this much control over it, maybe they should make it free. That's my opinion. But to bait and switch like this is unfair to individuals who have paid for internet access for over a decade, who have created most of the content on the WWW, who have made the internet what it is.
I didnt know Obama controlled the money.
If you give me physical access to a machine, there is absolutely nothing that's going to prevent me from having absolute control of all data on the machine if I want it.
So you have physical access to the machine. You want to execute a command but the machine does not give you the authority to execute that command without proof of identity. So you bypass the retina scan, fingerprint, or other biological verification mechanism and you still can't execute the command without bypassing a bunch of other security features which might require a hardware based security token or ID card. It's not impossible but just getting physical access to the machine doesn't guarantee that you'll have the privileges to do anything.
Period. All I need is about 15 minutes and that time is only based on needing to get through the padlock on the case/rack. I'm guessing you didn't intend to suggest actually gaining physical access though.
And when you open the case it self destructs or shuts off. Now you can't execute any command. Physical access does not mean physical control. You can have physical access to a device and still not be able to control the device due to how the device is constructed. A device can be constructed in such a way that the device itself knows when it's being tampered with.
Securing a system properly just means you've used security best practices, and you've defended against all known forms of attack. That doesn't mean attackers stop developing new intrusions. If an attacker is able to breach the system and gain root, then they have full access.
So you make it physically or technically impossible to gain root without biological verification. You have a password which changes every 60 seconds so it's uncrackable, and you put the timing device in the ID card. The ID card along with biological identity verification is extremely difficult to crack. It's not impossible but you won't be able to do it with any kind of ease.
If you've done things right they still don't have access to the network, and are limited to just that one machine. But there are no gaurantees. That's why there are thousands upon thousands of people whose whole job is watching monitoring tools to detect intrusion attempts.
If you've done things right the commands they can execute on that machine will be limited and password protected. You want to write to the machine? Now you have to enter in your key and identity and if someone writes under your name, you'll be the one going to jail.
That being said, consider this: Lets pretend that 100% security at NASDAQ is possible. Now consider the millions of computers all around the globe that are connecting to NASDAQ all day every day from podunk little investment offices in places like Sterling Nebraska. Places that have uneducated or lazy IT staff, or the IT staff is also the accountants and financial advisors.
It's not a stretch to build a botnet from those poorly secured machines and coordinate a massive influx of bad transactions all at once. Billions of dollars could change hands in micro-seconds and it wouldn't have a damn thing to do with NASDAQ's security. You'd also have any banking/transaction information from that branch at your disposal.
Possible but unlikely. It's possible to hack anything if you have military level precision in your operation. But if you need the precision of a military operation to achieve the hack then it limits the kind of adversaries. Al Qaeda would not have that level of precision but a foreign government like China might. Once again if something like this were to happen it would require first that the random number generator or password generator which syncs all the security tokens be hacked. You hack that and you might be able to figure out what the randomly generated string of numbers will be on each token every 60 seconds. But this is mission impossible type of operation and most
Individuals always got information from each other. They would go to church and discuss the current events at church each week. They would do it through music. They would write papers and mail it to peoples doorsteps by mailing list. There were radio stations and all sorts of other systems.
So it was NEVER easily controlled or managed. That world never existed. It might have existed under Stalin and Hitler but it never existed before in the USA.
So imagine what would happen to the debate when the internet is shut off? We'll have to go back to church to get our discussion on.
If you know how to use the internet properly you learn how to filter the BS out. By now most people have a list of sites they go to (like slashdot) discuss complicated issues with other intellectuals and reach a decision. If you have no forum, no place to debate, no websites at all, it's much more difficult to make wise decisions.
Yes there will always be websites and individuals who promote ignorance. But we cannot counter the ignorance without an open forum on the internet to compare the dumb ideas to the smart ideas.
Yes they are.
You can communicate via laser, via microwave, and theres probably other ways I don't know about.
If the internet goes down a spontaneous network will replace it probably overnight.