Monday, January 31, 2011

Revamped 'Internet Kill Switch' Bill Back In The News

Here we go again, yet another new version of the 'Obama Internet kill switch' is back in the news. This newest revision of the same old bill which was initially introduced last year was re-introduced today backed by the original author senator Joseph Lieberman and a new co-author senator Susan Collins, the Republican ranking member on the Homeland Security and Governmental Affairs Committee.

Senator Collins is spouting the some old rhetoric used by senator Lieberman last time around claiming the bill is designed to protect against “significant” cyber threats before they cause damage.

“My legislation would provide a mechanism for the government to work with the private sector in the event of a true cyber emergency,” Collins told in an e-mail Friday. “It would give our nation the best tools available to swiftly respond to a significant threat.”

You really have to question the logic behind this bill. For instance every major network in the country is already protected and monitored by people that have far greater understanding of potential threats than any politician out there. Then you have to question what amounts to a “significant” cyber threat? Worms and botnets certainly can be threats to some networks however in most cases once they are elevated to the point of being a significant threat it will usually be to late.

You really have to ask yourself if the internet is so much of a backbone to today's society then what can be gained by shutting it down. Doesn't the shear act of killing the networks seem counterproductive? If there is a major threat from say a virus or worm terminating connections to the web certainly isn't going to help as the majority of internet users get their security updates, hotfixes and information about said attacks via that very same disconnected web. How would users then get the updates to alleviate the issues on their own PCs?
Simple answer, we wouldn't! Millions of computers could sit there infected waiting for the web to be re-established. Then we'd be right back where we started from.

A report commissioned by the Organization for Economic Cooperation and Development (OECD), actually backs my position suggesting that taking out the Internet would disrupt citizens and the private sector when they might need the infrastructure the most - during times of cyber- or even military attack, or natural disaster.

It would be entirely counterproductive to terminate connections to the web or major networks. You'd be killing the stream of information to millions of people and hampering security companies from trying to collaborate and potentially issue fixes. Sure in some remote cases there might be some government entities and some private networks that should be disconnected. But the government shouldn't have total control over those networks. Network admins, system admin, security engineers you know people in the know that actually know how to handle these situations should decide.

Secondly you really have to question the timing on the resurrection of this bill especially given recent events in Egypt. You really have to ask ‘why now’? Of all times to re-introduce a bill with the broad power this has you do so at a time that the world is focused on a government that has done just what this bill sets forth. Our own government has spoke out against the "great firewall of China" yet they want to enact something that could be even more sinister?

Then lastly you really have to question the feasibility of all this. Certainly it would not live up to a challenge in the Supreme Court. But lets say it does what are we looking at here. Are we talking about a number of 'kill switches' stationed around the country that can be activated to actually shut down networks? Or would we be talking about the President being informed of a potential threat, calling network owners, them calling the IT dept. and then the switch being flipped. If its the later the logistics alone would make this near impossible. If it were to be the former then you have to ask the question, "If our networks aren't safe how safe are these switches going to be"?

Clearly this legislation is ill-conceived!

Want more information read the bills for yourself

Reviewing the US Senate website it looks as though there are actually a few new bills on the table all of which contain similar language. HR 174 appears to be the new Collins Lieberman bill

  1. Homeland Security Cyber and Physical Infrastructure Protection Act of 2011 (Introduced in House - IH)[H.R.174.IH][PDF]
  2. Tough and Smart National Security Act (Introduced in Senate - IS)[S.8.IS][PDF]   
  3. Cyber Security and American Cyber Competitiveness Act of 2011 (Introduced in Senate - IS)[S.21.IS][PDF]
According to the bill is still undergoing review before it is formally re-introduced so the language of the bill may still change however the general scope of the bill will not. At the time of its initial introduction, it was opposed in an open letter by about 24 organizations concerned that it might lead to broader authority, including Internet censorship.

About two dozen groups, including the American Civil Liberties Union, the American Library Association, Electronic Frontier Foundation and Center for Democracy & Technology, were skeptical enough to file an open letter opposing the idea. They are concerned that the measure, if it became law, might be used to censor the internet.

I suggest and urge anyone, and everyone write their senators and government officials opposing this legislation. It leads us down a very slippery slope that trust me no one wants

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you