Posts Tagged Computer security

Fearmongering About Cyberwar And Cybersecurity Is Working: American Public Very, Very Afraid | Techdirt


Fearmongering About Cyberwar And Cybersecurity Is Working: American Public Very, Very Afraid

from the for-no-clear-reason dept

 

Well, it looks like all the fearmongering about hackers shutting down electrical grids and making planes fall from the sky is working. No matter that there’s no evidence of any actual risk, or that the only real issue is if anyone is stupid enough to actually connect such critical infrastructure to the internet (the proper response to which is: take it off the internet), fear is spreading. Of course, this is mostly due to the work of a neat combination of ex-politicians/now lobbyists working for defense contractors who stand to make a ton of money from the panic — enabled by politicians who seem to have no shame in telling scary bedtime stories that have no basis in reality.

But it’s all working. And, by working, I mean scaring the public unnecessarily. As reported by Wired, a new survey from Unisys finds that Americans are more worried about cybersecurity threats than terrorism, and they seem pretty worried about those threats. When asked about which security issues were the highest priority, survey respondents noted:

  1. Protecting government computer systems against hackers and criminals (74 percent)
  2. Protecting our electric power grid, water utilities and transportation systems against computer or terrorist attacks (73 percent)
  3. Homeland security issues such as terrorism (68 percent)

Of course, it’s likely that the vast majority of the American public has absolutely no idea what the actual risk is of any of these things happening. But they are familiar with computers, and there’s been a lot of talk about cybersecurity lately, so “ooooooh, scary!” Now, here’s where the mainstream press could come in and point out the lack of evidence for any real or significant cybersecurity threat and help people realize that they might be best off focusing their attention elsewhere. But talking about planes falling from the sky is much more fun.

Fearmongering About Cyberwar And Cybersecurity Is Working: American Public Very, Very Afraid | Techdirt.

, , , , , , ,

Leave a comment

EFF Says Cyber Security Bills Open Door To Government, Corporate Abuse | threatpost


March 24, 2012, 7:30AM

EFF Says Cyber Security Bills Open Door To Government, Corporate Abuse

 

by Brian Donohue

EFF logo with text

The Electronic Frontier Foundation (EFF) is sounding alarms about a collection of overly vague cyber-security bills making their way through Congress.

EFF looked at two bills making their way through Congress: The Cybersecurity Act of 2012 (S. 2105), sponsored by Senator Joseph Lieberman (I-CT) of Connecticut and the Secure IT Act (S. 2151), sponsored by Senator John McCain (R-AZ) . The digital rights group claims that the quality of both bills ranges from “downright terrible” to “appropriately intentioned.” Each, however, is conceptually similar and flawed, EFF said. 

With public awareness about cyber legislation high after the dramatic failure of Stop Online Privacy Act (SOPA), interest in- and skepticism of new cybersecurity legislation is on the rise.

Editor’s Pick

·         Weak RSA Keys Plague Embedded Devices, But Experts Caution Against Panic

·         Wired: Courts Back Government After Tech Company Challenges National Security Letter Gag Rule

·         Hacker Group Breaches Library of Congress Site, Publishes Passwords

Threatpost Newsletter Sign-up

All three bills seek to facilitate cooperation among branches of the U.S. government and between the government and the private sector. Their failing, according to a blog post written by EFF Staff Technologist, Dan Auerbach and EFF Senior Staff Attorney, Lee Tien is in failing to define “the threats which are being defended against and the countermeasures that can be taken against those threats.”

A lack of concrete definitions and transparency could give way to expansive interpretations of any bill that passes, leading to government and corporate abuses, which, in turn, could impinge upon civil liberties, EFF warned.

As an example, Auerbach and Tien note that the Lieberman bill defines a “cyber security threat indicator” as any action that might be construed as “a method of defeating a technical [or operational] control.” That overly broad definition, EFF notes, could apply to anything from a DDoS attack to a port scan to the use of encryption or an anonymization service like ToR to protect the privacy of online activity and communications. Everything would depend on how the government and law enforcement chose to interpret it.

In an e-mail conversation with Threatpost, Auerbach of EFF characterized the bills as “alarming.” Of particular concern: a section in both the Lieberman bill and the McCain bills that authorizes monitoring by private firms of any traffic that transits their networks. Ostensibly intended to facilitate private-public information sharing, the passage would grant complete private sector immunity for data monitoring and sharing practices. Private entities would be unbound from the Wiretap Act and other legal limits and immunized against a swath of questionable monitoring practices, EFF claims.

Furthermore, Auerbach and Tien worry that the bills’ definition of a “cyber security threat” is too broad, and could cover everything from stealing passwords from a secure government server to scanning a network for software vulnerabilities. Similarly, the bills calls for more ISP traffic analysis and monitoring could bring about more civil liberties violations. For example, ISPs could simply block Tor, cryptographic protocols, or traffic on certain ports under the guise of defensive countermeasures, the EFF speculated.

The two online privacy experts also worry that the bills do too little to balance the public interest against the government’s need to secure the Internet.

“The cyber security bills completely skirt the issue of the intelligence community stockpiling so-called “zero-days” — new and unknown software vulnerabilities — for offensive cyber attack purposes,” Auerbach said via email. “Allowing the intelligence community to hold on to these vulnerabilities without patching them makes all of us less safe, and a good cyber security bill would explicitly disallow this practice.”

That’s a potent concern these days, after the security firm Vupen raised the ire of a number of security experts for their controversial business model which allegedly involves the buying and selling of these zero-days to the highest bidder, malicious or otherwise.

Rather than scrap the bills altogether, the EFF is calling on Senators to open up the conversation about the pending bills as they refine them. To create a better bill, the EFF believes specificity is key. Detractors will say that specificity limits the life-span of such bills, but the EFF sees this as an advantage. A short-living bill would force legislators to revisit it and make modifications necessary to address a rapidly changing and dynamic security ecosystem.

 EFF Says Cyber Security Bills Open Door To Government, Corporate Abuse | threatpost.

, , , , , , ,

1 Comment

SATIRE NATION

Off the charts...

Thoughtfully Prepping

My Scribblings about Prepping and Survivalism

Derek's Blog

Personal Blog about nothing

The Better Man Project

A man in progress. One day at a time.

Don Charisma

because anything is possible with Charisma

∙ tenderheartmusings ∙

we were born naked onto the page of existence; with nothing but the pen of our soul to write ourselves into eternal ecstasy ~ DreamingBear Baraka Kanaan

The Wine Wankers

Smile :) You’re at the best wine blog ever! Scroll down to read our fun stories, and join our journey as we fight through the wine jargon in search of a good glass of wine. Wine blogs; the best place to read about wine online! We're rated as one of the most influential wine people on the net by Klout and Kred. Contact: winewankers@hotmail.com

Good Time Stories

Inspiring and Heartwarming Stories

musings from a musical mind

60's flowerchild,herbalist,dreamer, seeker of truth

retireediary

The Diary of a Retiree

AirportsMadeSimple

Your Interactive Travel Magazine~Showcasing a Variety of Authors

oasisbidari

A fine WordPress.com site

NoWorksSalvationApocalypseNow

Finishing Lifes Race Strong

Deep Shit Media

Alternative Sovereign Communications

38 Years

Perspective from the middle ages of life

Bookgirl

A great WordPress.com site

Chastisement 2014

He is ready to separate the chaff from the wheat with his winnowing fork

Direct From The Street - Stuff We And People Share

Photos, Videos, Articles - Business, Social Media, Marketing, Entertainment, Fashion, Sports, Life

Follow

Get every new post delivered to your Inbox.

Join 365 other followers

%d bloggers like this: