Bu$h plan for Internet Censorship
KentDB741
location: Buffalo, New York USA
listening to: The sweet music of YES
registered: 2001.11.12
posts: 1355
[view all posts]
[view all posts]
Greetings!I saw the following article in one of the computer publications that I read on a regular basis. This one is called E-WEEK, a newsweekly for computer network specialists. The following article discusses the Bu$h plan to invoke widespread censorship on the Internet.This is being done in the name of fighting terrorism. This is the complete removal of YOUR RIGHTS, and the net effect of this will be to crush political dissent, and not fight terrorism. As I am sure you already realize, if you are planning on terrorist acts, you will not be discussing it in an e-mail that goes out over the Internet in an unprotected manner.Read on . . . developing story . . . . "The privacy aspects, however, concern me greatly this sounds
like a dramatic and evil expansion of ECHELON and CARNIVORE."
- Karl Keller, Thousand Oaks, Calif.
"This goes beyond just the corporate world," - George Samenuk,
CEO of NETWORK ASSOCIATES INC. in Santa Clara, Calif., E-WEEK (Computer Industry Newsweekly)
Monday - August 26, 2002BU$H TO CALL FOR FED N.O.C.
by Caron Carlson and Dennis FisherPRESIDENTIAL PANEL WOULE CREATE SITE FOR COLLECTING, ANALYZING NETWORK TRAFFIC
The Bu$h administration has plans to create a centralized facility for collecting and examining security related e-mail and data traffic and will push to expand their data gathering initiatives, according to an unreleased draft of the plan.The proposed cyber-security NETWORK OPERATIONS CENTER is included in a draft of the NATIONAL STRATEGY TO SECURE CYBERSPACE, which was developed by the President's Critical Infrastructure Protection Board, and is due for release September 18, 2002. The call for expanded data collection and analysis results from administration concerns that efforts to secure cyberspace are hampered by the lack of a single data collection point to detect cyber security incidents and issue warnings, according to a draft of the plan, which was obtained by E-WEEK. Critics, however worry that such a system would be expensive, difficult to manage, and allow government agencies to expand their surveilance powers.Other recommendations include requiring corporations to disclose their IT (Information Technology) security practices, establishing a test bed for multivendor patches, creating a certification program for security personnel and mandating certifications for all federal IT purchases.According to the draft, the government's "forward looking analysis" capabilities are considered sparse becase of a shortage of information. The proposed center would improve capabilities for predicting cyber security incidents as well as responding to hacker or terrorist threats.Howard Schmidt, Vice Chairman of the CIPB (Critical Infrastructure Protection Board), said the center would consolidate threat data from the country's collection end points, such as the FBI's National Infrastructure Protection Center, the Critical Infrastructure Assurance Office, the Department of Energy, and commercial networks.Private companies would also be encouraged to increase the amount of data collected and share it with the government. "Major companies generally report this information internally," Schmidt told E-WEEK. "We're looking for that to come back to a central location."According to the draft strategy, the public and private initiative would involve the major ISP's, hardware and software vendors, and IT security companies, according to law enforcement agencies.Some say they believe the government's interdepartmental rivalries and information sharing rules will hamstring any attempt at centralized collection and analysis. "There are such high barriers in government to being able to disseminate information and react to threats, I don't think it will have much impact," said William Harrod, director of investigative response at TRUSECURE CORP. in Herndon, Va., and a former FBI computer forensics specialist. "They;ll have different information coming in from different analysts, and they'll have to weed through it."The proposed strategy recommends that the center be partially federally funded, but critics charge it would inevitably impose new costs on the private sector without commensurate benefit in addition to duplicating similar efforts. "Government doesn't have a good track record when it comes to collecting and disseminating massive volumes of data," said Kevin Baradet, network systems director at Cornell University's Johnson Graduate School of Management in Ithaca, NY., and an E-WEEK corporate partner. "We could be drowning in data, most of it noise."Above all, users said, there are the privacy concerns."Whatever the federal government wants to do with its own data is OK with me, as long as it doesn't waste my personal and corporate tax dollars," said Karl Keller, president of custom software developer IS POWER INC. in Thousand Oaks, Calif. "The privacy aspects, however, concern me greatly this sounds like a dramatic and evil expansion of ECHELON and CARNIVORE." The strategy calls on the FBI, Secret Service and Federal Trade Commission to establish a single system for corporations to report Internet fraud and extortion, illegal hacking, and unauthorized network intrusions. It recommends that the federal government systemically collect data on cybercrime victims and intrusions from businesses.However, most CIO's (Chief Information Officer) are loath to report any network breach, even in confidence. The Bu$h administration is seeking to assuage industry fears by recommending legislative changes, including exemptions from the FREEDOM OF INFORMATION ACT requirements and exemption from antitrust laws, that would reduce liability for turning over data to law enforcement. Of the more than eighty proposals in the draft of THE NATIONAL STRATEGY TO SECURE CYBERSPACE, among the most worrisome to corporations is a recommendation that they pubicly disclose the identy of the IT security audit companies and the scope of their activities annually. The draft strategy recommends that businesses report incident and tracking data, the effectiveness of remediation measures, and the steps they take to secure their systems. In addition, they should reveal corporate and governance systems for IT security in a standardized form."I don't see us turning over any logs to the government," said a security administrator at a major East Coast financial company, who asked not to be named. "It's too risky."Proponets say that as they number of attacks continues to increase, more communication and information exchange between government and the private sector can only help. "There's no doubt in my mind that sharing information will help. This goes beyond just the corporate world," said George Samenuk, CEO of NETWORK ASSOCIATES INC. in Santa Clara, Calif., who consulted with CIPB Chairman Richard Clarke on the national strategy. "We've accelerated our efforts in providing information to the government and giving them early indication of problems. I see all the barriers broken down."(c) 2002 E-WEEK - The PC Enterprise Newsweeklyhttp://www.eweek.com
K
KentDB741
(view)
Greetings!I saw the following article in one of the computer publications that I read on a regular basis. This one is called E-WEEK, a newsweekly for computer network specialists. The following article discusses the Bu$h plan to invoke widespread censorship on the Internet.This is being done in the name of fighting terrorism. This is the complete removal of YOUR RIGHTS, and the net effect of this will be to crush political dissent, and not fight terrorism. As I am sure you already realize, if you are planning on terrorist acts, you will not be discussing it in an e-mail that goes out over the Internet in an unprotected manner.Read on . . . developing story . . . . "The privacy aspects, however, concern me greatly this sounds
like a dramatic and evil expansion of ECHELON and CARNIVORE."
- Karl Keller, Thousand Oaks, Calif.
"This goes beyond just the corporate world," - George Samenuk,
CEO of NETWORK ASSOCIATES INC. in Santa Clara, Calif., E-WEEK (Computer Industry Newsweekly)
Monday - August 26, 2002BU$H TO CALL FOR FED N.O.C.
by Caron Carlson and Dennis FisherPRESIDENTIAL PANEL WOULE CREATE SITE FOR COLLECTING, ANALYZING NETWORK TRAFFIC
The Bu$h administration has plans to create a centralized facility for collecting and examining security related e-mail and data traffic and will push to expand their data gathering initiatives, according to an unreleased draft of the plan.The proposed cyber-security NETWORK OPERATIONS CENTER is included in a draft of the NATIONAL STRATEGY TO SECURE CYBERSPACE, which was developed by the President's Critical Infrastructure Protection Board, and is due for release September 18, 2002. The call for expanded data collection and analysis results from administration concerns that efforts to secure cyberspace are hampered by the lack of a single data collection point to detect cyber security incidents and issue warnings, according to a draft of the plan, which was obtained by E-WEEK. Critics, however worry that such a system would be expensive, difficult to manage, and allow government agencies to expand their surveilance powers.Other recommendations include requiring corporations to disclose their IT (Information Technology) security practices, establishing a test bed for multivendor patches, creating a certification program for security personnel and mandating certifications for all federal IT purchases.According to the draft, the government's "forward looking analysis" capabilities are considered sparse becase of a shortage of information. The proposed center would improve capabilities for predicting cyber security incidents as well as responding to hacker or terrorist threats.Howard Schmidt, Vice Chairman of the CIPB (Critical Infrastructure Protection Board), said the center would consolidate threat data from the country's collection end points, such as the FBI's National Infrastructure Protection Center, the Critical Infrastructure Assurance Office, the Department of Energy, and commercial networks.Private companies would also be encouraged to increase the amount of data collected and share it with the government. "Major companies generally report this information internally," Schmidt told E-WEEK. "We're looking for that to come back to a central location."According to the draft strategy, the public and private initiative would involve the major ISP's, hardware and software vendors, and IT security companies, according to law enforcement agencies.Some say they believe the government's interdepartmental rivalries and information sharing rules will hamstring any attempt at centralized collection and analysis. "There are such high barriers in government to being able to disseminate information and react to threats, I don't think it will have much impact," said William Harrod, director of investigative response at TRUSECURE CORP. in Herndon, Va., and a former FBI computer forensics specialist. "They;ll have different information coming in from different analysts, and they'll have to weed through it."The proposed strategy recommends that the center be partially federally funded, but critics charge it would inevitably impose new costs on the private sector without commensurate benefit in addition to duplicating similar efforts. "Government doesn't have a good track record when it comes to collecting and disseminating massive volumes of data," said Kevin Baradet, network systems director at Cornell University's Johnson Graduate School of Management in Ithaca, NY., and an E-WEEK corporate partner. "We could be drowning in data, most of it noise."Above all, users said, there are the privacy concerns."Whatever the federal government wants to do with its own data is OK with me, as long as it doesn't waste my personal and corporate tax dollars," said Karl Keller, president of custom software developer IS POWER INC. in Thousand Oaks, Calif. "The privacy aspects, however, concern me greatly this sounds like a dramatic and evil expansion of ECHELON and CARNIVORE." The strategy calls on the FBI, Secret Service and Federal Trade Commission to establish a single system for corporations to report Internet fraud and extortion, illegal hacking, and unauthorized network intrusions. It recommends that the federal government systemically collect data on cybercrime victims and intrusions from businesses.However, most CIO's (Chief Information Officer) are loath to report any network breach, even in confidence. The Bu$h administration is seeking to assuage industry fears by recommending legislative changes, including exemptions from the FREEDOM OF INFORMATION ACT requirements and exemption from antitrust laws, that would reduce liability for turning over data to law enforcement. Of the more than eighty proposals in the draft of THE NATIONAL STRATEGY TO SECURE CYBERSPACE, among the most worrisome to corporations is a recommendation that they pubicly disclose the identy of the IT security audit companies and the scope of their activities annually. The draft strategy recommends that businesses report incident and tracking data, the effectiveness of remediation measures, and the steps they take to secure their systems. In addition, they should reveal corporate and governance systems for IT security in a standardized form."I don't see us turning over any logs to the government," said a security administrator at a major East Coast financial company, who asked not to be named. "It's too risky."Proponets say that as they number of attacks continues to increase, more communication and information exchange between government and the private sector can only help. "There's no doubt in my mind that sharing information will help. This goes beyond just the corporate world," said George Samenuk, CEO of NETWORK ASSOCIATES INC. in Santa Clara, Calif., who consulted with CIPB Chairman Richard Clarke on the national strategy. "We've accelerated our efforts in providing information to the government and giving them early indication of problems. I see all the barriers broken down."(c) 2002 E-WEEK - The PC Enterprise Newsweeklyhttp://www.eweek.com
