Forum Post: Cyber Security, Capitalism, and the Police State.
Posted 12 years ago on Sept. 26, 2012, 5:14 p.m. EST by richardkentgates
(3269)
This content is user submitted and not an official statement
I bet the title brings to mind current events like the 1%ers and corporations sponsoring Police State legislation like CISPA and SOPA. This is of course because most of us know about them. Most of us found out that entities like the Motion Picture Association of America are the behind-the-senses supporters of such legislation under the guise of copyright protections. And we know the Gov loves any excuse to further the Police State.
But! In reality, most companies have an interest in security not because they want to turn the web into a cyber-mall, but because lack of security cost them time and money.
The media however does not want to talk about the latter because politicians don't want to talk about the latter. If the motivation to secure the web is already there, then we could all isolate the Gov and Hollywood in their crooked goals and call them on it. But the Gov needs you scared and feeling like "We're all in this together" so you feel like their interest and your interest are one in the same. Well thats bullshit.
Here is a profit bearing community that is working on your behalf, without Orwellian legislation, and they aren't sending you a bill for it either. It's a socialist act to work in cooperation toward a goal with no prospect of gaining dollars and what they are working to protect is your money, your data, your stuff. But it's being done by capitalist institutions.
Is there something to be gleaned from this that could be exported to other industries?
What are the pros/cons of this alignment?
http://www.wired.com/politics/security/magazine/15-09/ff_estonia
http://www.nytimes.com/2008/08/13/technology/13cyber.html
http://www.time.com/time/magazine/article/0,9171,1098961,00.html
http://abcnews.go.com/news/t/blogEntry?id=16680284
http://hackmageddon.com/2012-cyber-attacks-timeline-master-index/
Any context? or just sharing?
I'm trying to illustrate the cyber security problem that needs to be addressed. CISPA is definitely imperfect but we have a very serious national security problem that must be addressed.
So you haven't moved passed trying to label me anti-security to make the case for DHS over reach.
Infrastructure and national security systems should be placed on their own intranet separate from the internet. Banks could easily piggyback on the governments intranet and help pay for it or create their own. This could be done under the direction of the FCC instead of DHS, which would be more in line with our checks and balances. Problem solved.
Solved? Because government computer networks are somehow magically secure? Like SIPRNet and JWICS?
I understand that you're not "anti-security" but you do seem to be opposed to federal cyber security regulations in general. Obviously control systems for critical infrastructure should not be connected to company intranets, much less the Internet, but how are you going to make sure that happens? It's standard practice to just hook everything up to the Internet. This is far too important to just hope that everybody does the right thing, because we know for sure that standard practices at the moment are not the most secure. We don't just hope that people drive at safe speeds and leave it up to them, and we also shouldn't leave this up to private companies and hope that they do the right thing. Companies need to be required by law to take appropriate precautions or else they'll cut corners to increase their own profits at the expense of greater risk for all of us.
Hundreds of square miles of Japan are now uninhabitable for at least the next 30 years. We shouldn't have to simply hope that a state-backed (or non-state) attacker doesn't figure out how to spoof radio control commands for nuclear fuel rod insertion, or find a way to plant some kind of Stuxnet in the control room through a power company's web site.
One second, allow me to clear up your confusion. Step 1....
More monitoring will lead to better techniques by multinationals in their advertising. That could be an export.
These companies aren't interested in monitoring. Monitoring costs a LOT of money. See facebook's stock plummet on the value of monitoring for advertisement purposes. That is why I oppose the recently proposed cyber security Executive Order, CISPA, and SOPA. Because they would require by law for companies to spend the money for monitoring, among other fees and bullshite.
Hmm. Even if they can eventually lobby the gov to do it for them, in the name of security?
Lobby for a law that forces them to spend money on something that will yield no profit? Would be Odd. This group doesn't have any potential for the big brother third eye, that spot is taken by TrapWire and a few other security specific companies that hide in the shadows.
I really think that you're misunderstanding the proposed cyber security regulations. The intent is not to "secure the web". It's to secure critical national infrastructure. The goal is not to create more red tape in addition to Apple's red tape for you to publish an iOS app to the App Store, or to require you to get your web application certified before you deploy it to Heroku. The goal is to stop the common practice of having the control systems at nuclear power plants connected to the Internet. To reduce the possibility of a cascading power failure caused by somebody attacking a couple of power distribution stations. To prevent somebody from reconfiguring flood gates and flooding out neighborhoods. In terms of national cyber security, nobody cares about some small business selling a blogging system. Including DHS. "Police state" in this context is really over the top.
For a counter example, take a look a the Clipper Chip. That truly was alarming. I'm not dismissing all concerns about creeping authority. I'm just saying that your concerns in this example are overblown.
The Executive Oder you are talking about and that is not part of this thread, gives full authority over any future internet regulation to DHS. Try as you may, that is not up for debate.
There is no language in the proposed EO that limits DHS in it's power or reach with regard to internet regulation.
Giving such authority to make law rather than simply enforce it is a complete bypassing of the checks and balances that are part of our democracy. Further, it would remove political liability from elected officials so there would be no way to hold government accountable by the vote with regard to internet regulation.
Article containing the proposed EO
Initial breakdown on the EO
I agree that a more transparent and specific process would be better. I don't agree that there is no need for federal cyber security regulations on critical infrastructure, including some private communication networks.
In 2007, Russia intentionally crippled the entire country of Estonia's phone and banking networks for days. The United States is far more vulnerable than Estonia. Obviously, the security of a network like AT&Ts is a national security issue.
My opposition to the EO, CISPA, SOPA, cannot be dismissed by simply calling me "anti- security". My concerns have been made clear with zero ambiguity. At this point you're again trying to spin, the same reason I ended this conversation with you earlier.
Did I not just agree with your objection to the vagaries? I still really think that the fears that you're describing are way overblown. I do agree that the regulation targets should be more clearly defined, but you seem to be arguing against cyber security regulations in general. You're apparently not? I'm not trying to start a flame war by saying that, I'm trying to engage in conversation with somebody who used to seem to me like one of the more rational participants in this community.
You rejected a potential business networking connection when you ignored that LinkedIn profile that I sent you. You'd rather engage in entrapment to try to lure me into a flame war, accusing me of calling you a nut job and dismissing me from this conversation? You didn't get the hint when I sent you that link that I didn't think (at the time) that you were a nut job? Your response to that has been disappointing.
Sure thing buddy.
My opposition to the EO, CISPA, SOPA, cannot be dismissed by simply calling me "anti- security". My concerns have been made clear with zero ambiguity. At this point you're again trying to spin, the same reason I ended this conversation with you earlier.
Okay, well, I guess you're one of those people who firmly believes in going at it alone and you're not interested in any of the opportunities created by the technology boom that's in progress. If you don't want to be linked into the network of people who are hungry for developer talent then I'll never convince you. So good luck with your CMS and your SEO services. I'm pretty certain that you'll never need to worry about federal security certification for any of it.
I am offering managed services in my area to service based companies with the CMS as the platform of my offering. Managed services start at $500 annually with 10 email accounts. You must live in my county or a bordering county to qualify. If you meet the criteria, feel free to contact me.
Kind of late for that at this point, isn't it? You would have to sign three or four new clients a week at those rates to beat the kind of opportunities that are plentiful right now due to the technology boom, if you have connections to opportunities. But you don't need that, apparently. It's much harder to go it alone but I guess I can understand the mentality of being determined to do that since I've been guilty of that myself, so I truly do wish you well.
(IMHO you might want to at least develop a relationship with a graphic designer. Just a suggestion.)
You showed me a linkden account that I cannot verify as being you. Not real convinced of where your suggestions come from. This is a dead end conversation.
Wow. Good luck with your mom & pop web design shop, Richard. You're going to need it.
venuedriver.com a meta tag will do.
Too bland? Should I add something in about Republicans, or Democrats?
[Removed]
No idea what you're talking about.
Is there something to be gleaned from this that could be exported to other industries?
What are the pros/cons of this alignment?
[Removed]
Not enough information, I concur. You have provided no information to back the two assumption based statements you made so far. Yes, I know this thread seeks comment, obviously. But it's a serious topic and if you aren't going to provide substantive debate and/or information, there really is no point in responding to this particular thread. The forum has plenty of easy targets.