proposed Cybersecurity Act

Posted by: LED

proposed Cybersecurity Act - 04/14/09 09:31 AM

Just read about this proposed senate bill. Knowing we have some resident experts on hand I thought I'd ask, is it even possible to shut down the internet? If so, wouldn't that cause even more problems?


Quote:

A recently proposed but little-noticed Senate bill would allow the federal government to shut down the Internet in times of declared emergency, and enables unprecedented federal oversight of private network administration.

The bill's draft states that "the president may order a cybersecurity emergency and order the limitation or shutdown of Internet traffic" and would give the government ongoing access to "all relevant data concerning (critical infrastructure) networks without regard to any provision of law, regulation, rule, or policy restricting such access."


http://rawstory.com/news/2008/Cybersecurity_Act_seeks_broad_powers_0413.html
Posted by: JBMat

Re: proposed Cybersecurity Act - 04/14/09 11:07 AM

Scary huh?

Not only does it give broad sweeping unlimited powers to the President, you can be sure he will pass those powers down to an
"Internet Czar".

This is a law that is plain stupid. Shut the internet down instead of shutting down access to sites that are being attacked, yeah ok that makes sense to someone. Just not me.

How much did the taxpayers spend last year to guard against "internet attacks" ?

Hey, Al Gore invented the Internet, let him figure out how to secure it.
Posted by: Am_Fear_Liath_Mor

Re: proposed Cybersecurity Act - 04/14/09 01:55 PM

Quote:
Cybersecurity Act would give president power to 'shut down' Internet


Er, the Internet is a whole lot bigger than the little bit of the super information highway ring road based in North America. Closing down that small part of the information highway only really serves just to keep the drivers using that little bit of the super information highway ill informed about what would be going on in the rest of the highway. But then again maybe thats the idea behind that proposed piece of legislation. whistle

They already have major traffic light operations on the super information superhighway on the borders with China only allowing compliant information to pass through those traffic lights.

Quote:
is it even possible to shut down the internet?


From the perspective of the average user using the internet then the answer is Yes. A US Government official would just tell the compliant ISPs (under threat of being prosecuted under the new law) to drop their customers connections and then refuse those reconnections at the ISPs Remote Access Servers.



Posted by: benjammin

Re: proposed Cybersecurity Act - 04/14/09 02:09 PM

Yep, basically hold the legitimate ISP owners/operators hostage with legal threats, then any traffic left on the net gets hunted down and the servers get slammed by the feds.
Posted by: oldsoldier

Re: proposed Cybersecurity Act - 04/14/09 03:52 PM

so, PHRASECENSOREDPOSTERSHOULDKNOWBETTER.; control of information. Ah, I have SERIOUS issues with this...
Posted by: GarlyDog

Re: proposed Cybersecurity Act - 04/14/09 05:22 PM

Maybe I am lacking in imagination, but could someone describe a scenario where shutting down the Internet would be a benefit?

Posted by: jdavidboyd

Re: proposed Cybersecurity Act - 04/14/09 05:37 PM

Originally Posted By: GarlyDog
Maybe I am lacking in imagination, but could someone describe a scenario where shutting down the Internet would be a benefit?



Nope. No such scenario exists. Shutting down the Internet would just be wrong. Wrong!
Posted by: benjammin

Re: proposed Cybersecurity Act - 04/14/09 05:43 PM

Only if we are truly afraid of "Skynet" Then shutting it down might be for the greater good. See T3
Posted by: Chris Kavanaugh

Re: proposed Cybersecurity Act - 04/14/09 06:27 PM

Garleydog,

Your nephew has been online 12 hours straight.
the once pristine keyboard is full of peanut butter and strawberry jam, m&m shrapnel only an afternoon over an anthill can clean and he's talking in gibberish about blogs and other words you at first take to be Anglo Saxon.
His eyesite has been irrevocably damaged and carpel tunnel syndrome in his wrists.All this and he can't even vote or drink yet.

You discover hidden files popping up with some Delilah dancing
for him, your own security protocals overridden and some ukrainian hacker is probably poised to take control of what is left.

And THAT is when the internet needs to be shut down and sling shots sent as a cultural stimulus plan to every household across America.
Posted by: GarlyDog

Re: proposed Cybersecurity Act - 04/14/09 06:28 PM

Of course. I forgot about Cyberdyne Systems.
Posted by: oldsoldier

Re: proposed Cybersecurity Act - 04/14/09 06:50 PM

Originally Posted By: Chris Kavanaugh
Garleydog,

Your nephew has been online 12 hours straight.
the once pristine keyboard is full of peanut butter and strawberry jam, m&m shrapnel only an afternoon over an anthill can clean and he's talking in gibberish about blogs and other words you at first take to be Anglo Saxon.
His eyesite has been irrevocably damaged and carpel tunnel syndrome in his wrists.All this and he can't even vote or drink yet.

You discover hidden files popping up with some Delilah dancing
for him, your own security protocals overridden and some ukrainian hacker is probably poised to take control of what is left.

And THAT is when the internet needs to be shut down and sling shots sent as a cultural stimulus plan to every household across America.


This is failure of the parent, not the system. If your child is online for 12 hours, he/she CLEARLY needs something else to do.
I know that this was tongue in cheek, but it kind of illustrates a major issue in America;its always someone else's fault, or issue. NEVER our own. Responsiblity starts at home people!!!
If Skynet takes over my neenernetz, I am out!
Posted by: MartinFocazio

Re: proposed Cybersecurity Act - 04/14/09 08:16 PM

Ah...the perennial "shut down the internet" meme.

Comes around, like a case of Herpes, when you least expect it. I'd expect the "email postage" meme to come along soon.

So, how do you shut down the Internet, exactly? Do you go to a building on "i" street and Washington DC and throw a switch? Nope.

Do you cut a cable that connect the USA to the rest of the world? Nope.

Do you force every mobile phone system to shut off 3G and Edge data services? Nope.

This is the kind of a bill that comes from technologically illiterate thinking by old farts like Ted "Series of Tubes" Stevens and his aged ilk. They think the internet is a mainframe somewhere. It's not, it never was, it can't be that, it does not work that way..

They simple can't conceptualize what a decentralized, open system is like - and how with a laptop and a wifi base stations and a few cables and gizmos, I could re-enable limited internet within an urban area in a matter of minutes. Let's not even go into how mesh networks & P2P simply bypass ALL central systems (look at the One Laptop Per Child program for more on Meshed systems).

There's much bigger things to fear than some dumb-butt bill that is as rational as a bill outlawing hamburgers.

At the moment, I think we might have some folks in Iraq who get no attention from our media, right now we have people hungry and homeless in America, right now we have millions unemployed, right now we have a barely functional national rail system, right now we have a nation that is about to lose one, and possibly two of the big car makers. All of these are real issues, and this bs about "shutting down the internet" is nonsensical.

That said, if I have a particular data center that's a problem or a particular fiber optic cable that's a problem, of course I want that offline.
Posted by: JBMat

Re: proposed Cybersecurity Act - 04/14/09 08:28 PM

Actually, if you think about it, the "Internet" can be shut down, at least within a region.

How does this miracle of information get into your house? Either over phone lines, through a satellite or through a cable modem. And someone must own the lines/cables/satellites or else I wouldn't have to pay for it every month.

So yes, while it may be "difficult" to shut down the internet, it's probably not impossible. All Uncle has to do is force the ISPs to cease supplying service. And yes, this may be as simple as throwing a switch or a breaker. Once the servers are down, no connection, no internet. Sure, it's still out there, but you can't get there from here.

Can "they" do it, dunno. Could it be done - sure. Could it be enforced - possibly, but what a nightmare. It could entail stationing guards at every server farm of every internet provider in the US, and some in Canada and Mexico I would imagine.

Just another reason to love your government. They think things through so well before implementing them.
Posted by: Am_Fear_Liath_Mor

Re: proposed Cybersecurity Act - 04/14/09 09:09 PM

Quote:
So, how do you shut down the Internet, exactly? Do you go to a building on "i" street and Washington DC and throw a switch? Nope.


Just pull the power cables and disable the UPSs from a couple of hundred RAS's and Gateway Servers throughout the USA (even easier with Super User access to the ISPs RAS and Gateway Server databases) and pull the fibre router cards that service the submarine cables in and out of the US. No Internet services for the subscription clients for internet service providers whether this is 3G, Edge, DSL, Fibre etc and no fat pipes into and out of the USA. You might be able to get a dial up connection to an ISP in Canada or Mexico, but most likely in this scenario ordinary telecoms would be blacked out as well. A well planned exercise in shutting down the appropriate fat pipe fibre nodes, rerouting government and military TCP/IP traffic on a shadow network and terminated all the ISPs customers PPP sessions and not allowing them back on to the ISPs networks (lack of PPP authentication access) could probably be achieved within 24hrs

What is even more amazing is this;

Quote:
and would give the government ongoing access to "all relevant data concerning (critical infrastructure) networks without regard to any provision of law, regulation, rule, or policy restricting such access."


Posted by: LED

Re: proposed Cybersecurity Act - 04/15/09 03:15 AM

Originally Posted By: Am_Fear_Liath_Mor
Quote:
What is even more amazing is this;

[quote]and would give the government ongoing access to "all relevant data concerning (critical infrastructure) networks without regard to any provision of law, regulation, rule, or policy restricting such access."




So if the idea of shutting down the interenet is a farce, I assume this must be the primary goal. Seems a bit redundant though. I though they already had unrestricted access due to the total compliance of the ISP's.
Posted by: sodak

Re: proposed Cybersecurity Act - 04/15/09 06:25 PM

The Internet, not just the World Wide Web, was designed by DARPA to survive a nuclear strike. That's why it is so redundant with regards to paths. The govt certainly could shut down some ISP's, I would be willing to bet that a black market would pop up pretty quick. Even if you had to dial in to a server in Switzerland.
Posted by: benjammin

Re: proposed Cybersecurity Act - 04/15/09 09:52 PM

I'm afraid that it is not so simple to circumvent a purposeful shutdown. Consider a government mandated plug-pull would be essentially a multi-faceted attack, consisting of both hardware and software. You might have a chance at keeping a few independent local nodes up, but the majority of the system would be hacked down via software or the hardline backbone would just be turned off or the rf spectrum would saturate. I really don't want to sound like a conspiracy nut, but I have put my hands in the government network once already, and from my experience, if they really want to pull the plug, I have no doubt they can pull it off.

It might not really be skynet, but NSA ain't too far off the mark.
Posted by: ki4buc

Re: proposed Cybersecurity Act - 04/17/09 11:45 AM

To take out a majority of the internet along the east coast, my understanding is you just have to take out MAE-EAST in Resont, VA. It's been a number of years, but when I was doing network stuff, I remember doing traceroutes and nearly every one of them went through MAE-EAST.

http://en.wikipedia.org/wiki/MAE-East
Posted by: Erik_B

Re: proposed Cybersecurity Act - 04/18/09 02:13 AM

Originally Posted By: martinfocazio

There's much bigger things to fear than some dumb-butt bill that is as rational as a bill outlawing hamburgers.


well, in that vein, the focus of Why We're Pissed just shifts from losing access to netflix to the fact that they're wasting time and money on such absurd legislation when there are so many better things to deal with.

irrationality is the mother of tyranny, and the fact that "shutting down the internet" would supposedly be impractical or even impossible doesn't mean irrational people wont try.