Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
United States Your Rights Online

Watch For A New Set Of CyberSecurity Laws 135

Posted by timothy from the watch-for-falling-metaphors dept.
SuperDuG writes "According to a story on PCWorld.com the Congressional subcommittee dealing with cybersecurity will be researching and legislating new cybersecurity laws. The Chair, Adam Putnam says 'We want to put something out there that makes sense, that's balanced, that accomplishes the same goals, without it being this headlong rush to prove that we're doing something for our constituents because we were asleep at the switch when there was this digital Pearl Harbor.' Perhaps it wouldn't hurt if we all took a part and Contacted Representative Putnam about how well thought out other cybersecurity laws like the DMCA have 'helped out' and were 'thought out.' At least they're actually thinking before they legislate, and it seems they're open for suggestions."
This discussion has been archived. No new comments can be posted.

Watch For A New Set Of CyberSecurity Laws More

Watch For A New Set Of CyberSecurity Laws

Comments Filter:

  • Kneejerk away (Score:1, Interesting)

    by Anonymous Coward
    Outside of a few cases, where has the DMCA not been ultimately beneficial (the 'safe harbor' provision for ISPs, for one.) How many DMCA cases have actually been run through the system?

    • Re:Kneejerk away (Score:5, Interesting)

      by Motherfucking Shit ( 636021 ) on Sunday July 13, 2003 @02:23PM (#6429004) Journal
      How many DMCA cases have actually been run through the system?
      Very few that I'm aware of, and that's the whole problem.

      The DMCA essentially presupposes guilt, so ABC Corp doesn't even have to bother going to court... They just fire off a DMCA takedown notice. ISPs or other third parties little choice but to shutdown the target site - even if there's nothing illegal going on - lest they be found a party to any infringement that might be taking place.

    • Re:Kneejerk away (Score:3, Interesting)

      by ihatesco ( 682485 )
      Outside of a few cases, where has the DMCA not been ultimately beneficial (the 'safe harbor' provision for ISPs, for one.) How many DMCA cases have actually been run through the system?

      Just too many.
      If you think about it DMCA, EUCD are ill-conceived, partisan laws.

      Some order must be done in order for the society to stay healthy AND alive, and some clarifications must as well be done for laws (like, for example, extending the notion of transmission channels to the internet, so that you could prosecute C

  • Ha! (Score:2, Funny)

    by EdMack ( 626543 )
    The poster says "At least they're actually thinking before they legislate, and it seems they're open for suggestions.", failed to notice they consider the DMCA 'thought out'..

    hmmm... shit.
    • That's why they call em 'bad guys' : they're outlaws. 'Cybersecurity' legislation will only be yet another nuisance for the honest person - like most laws.

      It reminds me of junior high school ( long tyme ago in a galaxy far away ) the school would have ridiculous rules - rules that you would expect in a prison because someone might do something 'bad'. No walking in the halls with out a pass because someone *might* be cutting class. No going outside between classes because someone *might* smoke, get in a

  • Doh! One thing I forgot ... (Score:4, Insightful)

    by SuperDuG ( 134989 ) <be@@@eclec...tk> on Sunday July 13, 2003 @02:23PM (#6429003) Homepage Journal
    Hey what can I say, I forget these things sometimes ...

    It might als be benificial to mention to Representative Putnam that it possible to protect individual rights as well as corperate rights, seems that capitol hill forgets that sometimes.

    I tell ya what, if we all make our voices heard by hitting that contact button the intern that reads those messages is going to start to get the hint and might actually let putnam know, I mean it takes 30 seconds ...

    • The funny thing is, I just tried to use that page to give him some words addressing my position and experiences, thoughts, what not. The "submit information" link didn't wokr in Safari. :) So, since I'm not using Windo$e, my voice is not herad without going through some effort. All I wanted was an email address to email him at...

      Best,

  • OS vendor liability (Score:5, Informative)

    by Animats ( 122034 ) on Sunday July 13, 2003 @02:26PM (#6429021) Homepage
    Suppose it worked like this:
    • Operating system vendors who sell, for money, systems which connect to a network are liable for damages to third parties caused by security flaws in their products.
    • This liability applies to all new product sold one year after the enactment of the act.
    • Class actions are allowed.
    • The buyer of the product cannot be required to have the product updated or serviced after the original sale.

    This would make Microsoft (and Red Hat, etc.) liable for security holes which allow virus redistribution, distributed denial of service attacks, and similar situations where the victim and the customer are different.

    The "no servicing" requirement means that a patch-based or signature-based approach to security doesn't relieve the vendor of liability. The system has to be secure as delivered.

    • Re:OS vendor liability (Score:5, Insightful)

      by jovian_ ( 107393 ) on Sunday July 13, 2003 @02:32PM (#6429052)
      An interesting idea in theory, but delivering *100%* secure software -- at least on the grand scale of operating systems -- is a practical impossibility. Even OpenBSD, arguably the most secure operating system out there, has had at least one large remote hole in the last few years. A law like this would have the effect of practically halting software advances in this country, unfortunately.
      • If you are talking about a secure version of UNIX or Windows, sure, it would be very difficult. It's like trying to modify an automobile into an airplane. It can be done, but the result is going to suck.

        Security has to be designed in from day one, not retrofitted on to an insecure system.

        What's needed is the financial and legal motivation to design, build and deploy secure systems.

    • Re:OS vendor liability (Score:3, Interesting)

      by giel ( 554962 )
      Operating system vendors who sell, for money, systems which connect to a network are liable for damages to third parties caused by security flaws in their products.

      I like this idea. It would mean that when I write a piece of software that takes advantage of security leaks in product X, the vendor of X should be liable for the damage I do to third parties.

    • So as long as no money is involved its ok? Sounds kind of like something that Microsoft did with IE.
      • not to mention, Microsoft is about the only player out there that can afford to give away stuff practically for free. A law like your proposing would give Microsoft a major advantage.
    • Sounds like a good start, but what about OS's that are not obtained through a company (think FreeBSD, Linux From Scratch, etc)? Perhaps there should be an exemption - if the source code is avalible to the purchaser, then the responsibility should shift to those actually running the server.

      It would also make sense to force closed-source OS vendors to allow those who purchase their OS free access to the code, or suffer an additional penalty for security flaws. For an example, MS could choose to not disclose
    • I doubt that we will ever see vendor liability of harmful systems come thru legislation, but instead I believe that operator liability will come instead. If you run an un-networthy system on the public internet, and if it gets hijacked or infected and thus used to propagate harm to other parties' systems, then you'll be the one who'll get blamed and not the vendor who supplied it. Just a hunch....
    • So, your proposal should be called the US Trial Attorney Full Employment Act.

    • Re:OS vendor liability (Score:3, Insightful)

      by Sabalon ( 1684 )
      So, I write code for my redhat system, or ms system that is basically the equiv of netcat - listen on a port and run whatever commands come in as root (hell...use netcat or somehow use what comes with the system to do the same thing). Or find . -type f -exec 'chown root:root {};chmod +S {}' \;

      Then who is to blame? I've just used the OS but not in a way it was intended.

      Reminds me too much of suing gun makers for misuse by someone else.

    • Re:OS vendor liability (Score:4, Interesting)

      by hankaholic ( 32239 ) on Sunday July 13, 2003 @10:40PM (#6431371)
      The flaw with this shiny-looking argument is in the definition of "security flaw".

      Keep in mind that lawyers like very specific language. Laws and regulations must be worded in such a way that one can compare an example against the language of the law and determine whether something qualifies as a violation of that law.

      Now, many, MANY strains of viruses have been nothing more than (barely!) masked Trojans.

      In other words, if you can get the user to run something, it's a security risk, and one for which the OS vendor cannot necessarily be held responsible, short of disallowing programs to run other programs.

      In any environment in which data and code are not separated by CPU-level protection mechanisms, a buffer overflow can happen. Even with such protection in place, any time the user is allowed to launch an arbitrary program, there is a risk involved.

      Keep in mind that requiring a vendor to label something which is potentially dangerous with "This is a program, which will execute!" or other such flags is insufficient -- the user cannot be trusted to know what such things mean.

      What you're saying makes about as much sense, when it comes down to it, as suggesting that mail server vendors be held responsible for flaws in their software which allows spam to be received. In either case, it's a matter of the system not knowing whether the user is doing something legitimate (running a game, or an eCard from Granny) or something with bad results (running a trojan or receiving UCE).

      If you can come up with a system which can distinguish between the two cases without burdening the user excessively (read: "at all"), then stop posting your overrated drivel and get ye to the patent office, before someone else does!

  • Well thought out like Vietnam (Score:1, Funny)

    by Anonymous Coward

    Representative Putnam about how well thought out other cybersecurity laws like the DMCA have 'helped out' and were 'thought out.'

    How about somebody send this Brainchild a link to /. and a few hyperlinks to stories regarding the wonderful and well thought out DMCA. (I would not recommend including a picture of your bare ass when contacting your Representitive or Senator.)

  • please explain to me (Score:5, Interesting)

    by the_2nd_coming ( 444906 ) on Sunday July 13, 2003 @02:27PM (#6429028) Homepage
    how can we have a "digital pearl harbor"

    I mean the nature of the internet is decentralised so at most, there would be anoyances rather than devistation.

    also, every critical system is on a closed network so our infrastructure will not fall apart.

    the only thing I am left with, is that they want to protect corprate profits from script kiddies.

    • Re:please explain to me (Score:4, Interesting)

      by bj8rn ( 583532 ) on Sunday July 13, 2003 @03:10PM (#6429220)
      The article mentioned an incident with Mississipi flood gate control system as 'digital Pearl Harbor'.

      I think the stress of this metaphor is not so much on devastation, but rather on surprise attack, so it has at least some point - the real Japanese attack wasn't as devastaing as they wanted it to be, but it was rather the surprise of the attack on USA that had a bigger effect. Just as the attacks of Sept. 11 2001 did relatively little direct material damage, but the psychological effect was enormous. A digital Pearl Harbor would also cause relatively little direct damage, but cause a deep feeling of insecurity.

    • Re:please explain to me (Score:5, Insightful)

      by jeffy124 ( 453342 ) on Sunday July 13, 2003 @03:16PM (#6429240) Homepage Journal
      I've put some thought into that statement "digital pearl harbor". Most people equate "cyberterror" with the idea that a terrorist might shut down a power grid, phone system, etc.

      But we've had examples in the past of the power grid going down on a large scale (most of the northeastern US, including NYC, something like 30 years ago) and significant problems with the phone system (AT&T Long Distance outage). Both were thought to be malicious acts (the Russians and "the bomb" were initially accused of the power problems, hackers the AT&T outage) at first. But both were actually caused by bugs/glitches in the systems themselves, and were resolved shortly thereafter.

      These two examples seem consistent with Bruce Schneir's explanation of how such outages are only temporary, and how its much easier for a terrorist to bomb a power plant or phone switching station rather than hack into it.

    • We want to put something out there that makes sense, that's balanced, that accomplishes the same goals, without it being this headlong rush to prove that we're doing something for our constituents because we were asleep at the switch when there was this digital Pearl Harbor.'

      Most of this Putnam quote is quite sensible - shame that sentiment does not seem more common in the corridors of power. But, as far as I know, there hasn't been a 'digital Pearl Harbor'... when/where was it?

    • also, every critical system is on a closed network so our infrastructure will not fall apart.

      You wish.

      Closed networks on leased lines are damn expensive. It is much cheaper to connect systems over the Internet, and pray that the firewall and/or VPN will keep out the bad guys.

  • and it seems they're open for suggestions.

    When are the next eletions again? [hint][hint]

  • Hey wait! That sounds like Canadian lawmakers! (Score:5, Interesting)

    by edunbar93 ( 141167 ) on Sunday July 13, 2003 @02:33PM (#6429054)
    We want to put something out there that makes sense, that's balanced, that accomplishes the same goals, without it being this headlong rush to prove that we're doing something

    Our government has this weird tendency towards actually thinking before it acts. And doing it the first time, rather than blundering around with large blunt instruments RIGHT AWAY because people are screaming for the government to protect them RIGHT AWAY.

    But I guess someone has to blunder around stupidly to serve as an example to the rest of the world for What Not To Do. :)

    • Canadian lawmakers screw up (Score:1, Interesting)

      by Anonymous Coward
      "Our government has this weird tendency towards actually thinking before it acts"

      They failed to give the proper thought to the matter before they foisted the inferior socialist hell-care system on the Canadians.

      It would have been better off if they had stayed home that day instead of voting on this monstrosity, which is embarassment to the hemisphere.

    • Gun Registry (Score:2, Insightful)

      by rruvin ( 583160 )
      Oh yeah, you mean like the gun registry that has ended up costing at least over 5 times the original estimate and that likes to "crash" and lose a few days' worth of applications when it's overloaded? Or maybe like the government's promise to eliminate child poverty by the year 2000, with the result being that child poverty is higher now than in 1993?
      • Hey, noone's *perfect.* Especially the government.

        But you'll notice that debates for and against, studies, polls, and think tanks have gone on for years before this action was taken.

        So yes, they did think this through before taking action. An American reaction would be swift (at least, once they actually *notice* there's a problem, which is usually well after it has gotten out of hand), ham-handed, overreaching, blundering, ignorant of the real issue at hand, and more often than not, pandering exclusively
    • Goodness knows that they thought out the gun registry ahead of time...
  • "Frankly, I'm finding a lack of attention and a lack of understanding by the Congress and the (Bush) administration as to the serious nature of the threat," he said. "It's not nearly as sexy, or as engaging, or as interesting as the threats that are posed by terrorists boarding aircraft, or terrorists threats to the Brooklyn Bridge

    Issues that affect us all, but... Forthcoming cybersecurity legislation will be "meaningful regulatory approach to securing private-sector critical infrastructure" says Representative Adam Putnam

    Shame it's only for the private sector. Ordinary decent home users would benefit greatly from a similary committee. Currently there is little or no useful media attention, which is a problem
    Put it this way: if you were to hold a random sampling of U.S. citizens on cybersecurity, you would likely get a lot of semi- or un-informed views on it. The reason is simple: it's not considered important enough by society at large to have anything more than a knee-jerk reaction to it. If/when the details of cybersecurity (not just the fallout from high-profile cases) becomes a big thing in the media and in government, only then will the population at large (who are being spoonfed by popular media, remember) feel that it is important enough to become an issue.

    Congress shouldn't take a "knee-jerk, let's legislate" approach to cybersecurity, Putnam answered. He noted that many people in Congress and in the public don't realize how many pieces of the U.S. critical infrastructure are controlled through networked technology. He used the example of flood-control gates on the Mississippi River or the power grids that serve stock markets.

    No mention of the myriad other effects of problematic cybersecurity, such as that mentioned here [pbs.org], and presumably many similar more highly controlled privacy issues wrapped around the TIA and other institutional privacy violations.
    Until then, it remains an issue for the interested parties and the various lobby groups, and now for the "private sector" affected by this committee. The average internet user doesn't understand the implementations, the "downsides" discussed ad nauseam on Slashdot, or the current infringements on privacy laws by the Bush administration and their agents, so there will be no popular upswing, no attempt to popularise privacy and security for Mr. Average Midwestern Suburbian, who currently doesn't spend as much time as we do reading up on "niche" issues such as this.
    Ultimately, the population is only as interested in an issue such as cybersecurity as they are directly affected by it. Otherwise, it depends how the media portrays it. Think DMCA, think The Geneva Convention, think The Universal Convention on Human Rights. The US media targetted the DMCA issue at the public by suggesting that "hackers" would benefit if it wasn't in place. The Patriot Act was introduced to wide public acclaim because the media suggested "Terrorists" would benefit if it wasn't in place. The Geneva convention is flaunted in Guantanamo Bay, and the US public lets it past because the media doesn't highlight it.
    If the general public - the majority of voters - are not negatively affected by the multivarious issues in cybersecurity - including things currently covered by wiretapping laws, TIA etc., and erosion of personal privacy - then it takes too much effort for them to take interest, and too much effort on the media's part to educate them.
    Until it becomes an issue of general relevance, the voting public won't care, input will be limited to private sector industries, and their liberties will be further eroded until they have a mode of thought equivalent to "newspeak", with only the single state department/media line to go along with.

    • Here's my take on why it's only the private sector. I apologize if it is misinformed, this is how I believe "the system" to work:

      Lawmakers are painfully unaware of how the digital world works. To quote the article:

      "Frankly, I'm finding a lack of attention and a lack of understanding by the Congress and the (Bush) administration as to the serious nature of the threat"

      How do lawmakers then legislate over such issues? They create special investigative subcommittees, comprised of individuals of the same bo

    • Agreed! The most important effect of securing the computers of the public at large will be that DDoS drone networks will cease to exist. I have no problem with people harming themselves through their ignorance, but when their computers are hacked and made to contribute to DDoS attacks, it's a BIG DEAL and should be everybody's problem.

      Sadly, the public still doesn't care, and I fear this will never happen.

  • "digital Pearl Harbor." (Score:5, Insightful)

    by Glowing Fish ( 155236 ) on Sunday July 13, 2003 @02:48PM (#6429127) Homepage

    Politicans already overuse Pearl Harbor in situations where it is actually relevant, such as national defence. It's used for a catch phrase to mean if we let down our guard, we will be overwhelmed at any moment. It's a way to not explain exactly what they mean, which serves them well because the situation in intelligence gathering and warfare now is so different than it was in 1941.


    So even using it in that context is a bit of a "Bavarian Fire Drill" [everything2.com]. Using the threat of a hacking attack and associating it with Pearl Harbor is even sillier. If this country faces a bad hacking attack, or major attempt on our internet infrastructure, what will it mean? I'll have to sklp read people's Live Journals for a few days? Some web pages will get defaces? Some banks records will get broken into? e-Mail will get choked with wormed messages? None of these things are very pleasent, but I don't think we will see a cyber attack that leaves thousands dead and billions of property smoking and burnt. In fact, I think comparing the effects of some "lost productivity" to an event like Pearl Harbor is somewhat tasteless.

    • The U.S. Military knew about the pending attack on Pearl Harbor a full day before it happened. They *could* have stopped it militarily, but it was decided to LET the attack happen, because those in charge felt that otherwise the U.S. would never get off its isolationist ass and start helping its allies repell various invaders. And -- it worked.

      (One of the tidbits learned in my 11th grade U.S. history class -- the teacher was big on digging up ancient dirt, which at least kept us interested.)

  • Pearl Harbor? (Score:5, Insightful)

    by iCEBaLM ( 34905 ) on Sunday July 13, 2003 @02:49PM (#6429132)
    we were asleep at the switch when there was this digital Pearl Harbor

    Riiight, and passing a law through congress that made it illegal for Japan to attack the US would have stopped Japan how exactly?

    New laws are not required, everything that should be illegal is under current law. Laws do not stop terrorists or foreign governments from attacking. It won't even stop ordinary people from attacking.

    -- iCEBaLM

  • Oh baby (Score:2, Funny)

    by Anonymous Coward
    The security cert. card in my wallet just went off like a vibrator. Can you say job security? :D

  • "Digital Pearl Harbour"? (Score:5, Insightful)

    by Nexzus ( 673421 ) on Sunday July 13, 2003 @02:54PM (#6429150)
    How can they compare the attacking of some computer systems to an attack that left 2,300 people dead?

  • Rocket Powered Roller Skates (Score:5, Insightful)

    by serutan ( 259622 ) <snoopdoug@geekaz ... minus physicist> on Sunday July 13, 2003 @03:04PM (#6429188) Homepage
    Once upon a time a messenger service discovered that by having all their messengers wear rocket powered roller skates they could deliver things in record time, beating their competitors into the dust. Soon every messenger service relied on rocket powered roller skates, the original company went broke and a few larger companies dominated the delivery business. People hardly shopped or went to the bank any more. Everything was handled by messengers wearing rocket powered roller skates. Commerce doubled and the economy briefly soared.

    Then some asshole discovered that by dropping pencils on the sidewalk you could cause spectacular crashes. Packages were lost, messengers and pedstrians were killed, and commerce was interrupted. All manner of security precautions were invented. Radar-equipped skates appeared. The sidewalk hackers used hair-fine tripwires. Police and private guards patrolled the streets. The hackers went through the sewer system.

    Congress passed some laws making it a crime to possess anything that could be placed on a sidewalk to trip up a rocket powered roller skater. Civil libertarians were outraged, but what else could be done?

    Doing away with rocket powered roller skates was unthinkable, because everything would go back to being unbearably slow. Banning non-messengers from the sidewalk was similarly unthinkable. Building special secure sidewalks just for rocket powered roller skaters would be too expensive. The whole beauty of rocket powered roller skates was that they could use existing sidewalks.

    The real problem was that the messenger companies had all jumped into relying on rocket powered roller skates without anticipating their weaknesses. They never really came up with a solution, just ways to stay one step behind the problem. But who could blame them? They had to stay competetive. It was always the hackers' fault. Maybe if enough of them got thrown into prison they would learn their lesson. If ordinary people had to live their lives differently, well... they were the ones who insisted on fast deliveries weren't they? The industry was just responding to demand.

    Eventually ordinary people just didn't use the sidewalk anymore. It would expose them to too much danger and litigation. For all their communications and physical needs they relied exclusively on messengers on rocket powered roller skates, never leaving their homes. And they lived happily ever after.

    • Is that hackers are just a small portion of the people responsible.

      What if there were power-mad lunatics in office who dreamed of a world where civil rights no longer existed; had even drafted proposals and suggestions as to how this could be achieved by, (this is true!), manufacturing Pearl Harbour type events so that they could ride the back-lash into a position where the public was ready to accept draconian re-writes to the laws?

      Think I'm joking? Many of Bush's current cronies have written plans and p
  • "we were asleep at the switch when there was this digital Pearl Harbor."

    Not a Battlefield 1942 fan, eh?

    But seriously folks, what does a guy have to do to get a Pearl Harbor map in this game? Screw political correctness, it's a game. Screw political correctness right in it's ass.

  • We don't need laws, we need enforcement. (Score:1, Insightful)

    by Anonymous Coward
    What's the threshhold before the FBI will even get involved? $10000 in material damages? Even if you do all the legwork, and all they have to do is walk down the street and present the papers, they won't.

    If the current laws were enforced, it would act as a deterrant, and give us some idea of the efficiency of current laws, and what sort of changes should be made to them. Any new laws would simply be theoretical in their benefit to society - we haven't done any "applied research" - ie, finding out what c
  • I hope they do as good a job with this as the department of homeland security did with the "terror alert". Maybe we could all have little color-coded icons on our desk tops that let us know how likely we are to come under terrorist attack.

  • From my experience with politicians I wouldn't assume that saying something is "thought out" and actually thinking are the same thing.

  • the only benefical politican (Score:3, Interesting)

    by linuxislandsucks ( 461335 ) on Sunday July 13, 2003 @04:33PM (#6429586) Homepage Journal
    My Dad use to say the only bebenfical politican is a dead one..

    why not repeal the DCMA and start over?

  • Shaken, not stirred (Score:5, Funny)

    by BorgCopyeditor ( 590345 ) on Sunday July 13, 2003 @04:58PM (#6429682)
    asleep at the switch when there was this digital Pearl Harbor

    That's going straight into the Mixed Metaphor file. A triple!

  • Termites ( or why I hate closed source ). (Score:5, Interesting)

    by anubi ( 640541 ) on Sunday July 13, 2003 @05:08PM (#6429722) Journal
    I hate proprietary interfaces and laws protecting them. This is a bit offtopic but I think it illustrates the concept.

    I just had my "annual treatment" for termites. The termite guy made a big showing going around my house with a hose connected to his truck which was supposedly dispensing termiticide. Yes, lots and lots of fluid came from the hose, soaking it in pretty good. He told me the termiticide was a pyrethrin based material. Ok. I asked for a jug of it while he had hose in hand for spot treatment should I find a spot missed. No way. He could not, by "law", dispense the material other than as directed. So, it all went onto the ground in front of me.

    Ok, now he presents me with the form to sign regarding completion of the treatment. There is a spot on the form where the chemicals used and quantity are supposed to be filled in. But he leaves it blank, because there wasn't an active infestation that was specifically treated. Apparently, under "law", I do not need to be informed as to what chemical he sprayed all over my property.

    Now, here's the part that infuriates me, the next day, I go out to feed my cats and there's ANTS all over my cat food bowl. Now I figured that strong fresh dose of termiticide would have done away with all those ants.

    Had I been able to recover a sample of whatever he sprayed on my property, I could send it off to a chemist friend who has a gas chromatograph in his garage and ask him to run a spectra on it and look for pyrethrins. I strongly suspect the termite man just made a show of spraying water on my property. To add insult to injury, I destroyed much of my vegetable garden on his advice that the poisons would be absorbed into my edibles.

    Its all this closed-source ( not the price, but the reassurance that I know what I am getting ) that concerns me so. I am *personally* responsible for the expenses of maintaining my house, it does me no good to try to blame someone else, so having some termite company to blame it on does not help me. I feel I have a right to know what chemicals and in which strength is placed on my property, and I feel I have a right to verify this.

    I am getting really fed up with all these laws prohibiting the understanding ( possibly reverse engineering if the vendor is uncooperative ) of what I am receiving in return for money. This seems so unfair to me because the quality of the money can be so easily verified, but I am supposed to accept, by laws passed by Congress, the word of the vendor on what it is I am buying.

    I know I am being a little hot-headed on this issue, but the problem is I am personally responsible. In a large business, it wouldn't make that much difference on whether or not lots of damage resulted from some delegate's failure to perform, as I could delegate the problem and wash my hands of it, while still retaining my employment status and retirement plans. ( This is the main reason in my mind why business executives would choose to go with some system that keeps them ignorant of its inner workings. ) On my level, when I am personally responsible, I want the ability to verify anything. It really cripes me to have my rights to verification annuled by law.

  • Digital Pearl Harbor (Score:4, Funny)

    by ceswiedler ( 165311 ) * <chris@swiedler.org> on Sunday July 13, 2003 @05:26PM (#6429805)
    There already was a digital Pearl Harbor...it starred Ben Affleck and it really sucked. Let's not let it happen again, OK?

  • Didigtal Pearl Harbor (Score:3, Interesting)

    by 1of0 ( 597417 ) on Sunday July 13, 2003 @05:29PM (#6429823)
    Am I the only one who is annoyed by people throwing around phrases like "Digital Pearl Harbor"?

    What in the world would that be? Do they expect every computer to burst aflame and melt into a puddle?

    Or maybe more sensibly they mean wide scale security breach, oh like Code Red 1 through Code Red n.

    The first is just stupid, the later has been happenning on monthly bases for the last 3 years. And yet it doesn't seem to count as "Digital Pearl Harbor".

    So perhaps somebody would like to enlighten me as to what in hell they're expecting?
    • So perhaps somebody would like to enlighten me as to what in hell they're expecting?

      Haven't you been receiving a PILE of extra spam in your inbox of late? Haven't you been reading about all the viruses which have been causing 'havoc'? Heck, didn't you watch the propaganda-saturated Terminator 3?

      Damnit, man! You're clearly not taking your pills or tuning into enough CNN! There's a war on, mister! And so what if it's a make-believe war?! The Great Muppet-President has a schedule to keep, you ungratef
  • I see a lot of anti-law posts here, but we need some good laws (I agree the DMCA is a bad law and should be removed). Any society that exists will need laws to keep the peace, and since the internet is not breaking down international barras it will need laws of some sort. Is the US government the group to pass them, NO. What we need for the internet is a group like the IARU (The International Amateur Radio Union). And the use of the internet can fall under a international treaty and then there could be
    • since the internet is not breaking down international barras it will need laws of some sort.

      Why do you think the internet needs special laws?

      If someone comits fraud on the internet, is it not fraud?

      If someone publishes unchecked and untrue slander about someone on the internet, is it not slander?

      Someone stealing credit card info is breaking the law whether or not they use a computer to do it.

      Invasion of privacy is invasion of privacy whether it is an illegal wiretap, an x10 camera, or a peeping tom.
  • are two different topics, but both have a complex fused relationship.

    Cyber-Security (I think) has three major facets:
    (1) Static Defense, mission to maintain all necessary daily business processes for the users, LAN, Enterprise, and external relationships - by doing all the right things to create (to the most professional extent possible) an impregnable IT/IS/IM/CT (collaborative technologies [AKA: Synergy Tech]) network/environment .... No one (or few) attacks, because failure is highly probable, the
  • A lot of Congressman Putnam's phraseology in the beginning of the article sounds comforting, but this bit bothers me:

    "[The threat is] not nearly as sexy, or as engaging, or as interesting as the threats that are posed by terrorists boarding aircraft, or terrorists threats to the Brooklyn Bridge ... or to Disney World, and so the cyber threat has taken a back seat to the physical threat. I think that is a dangerously lopsided approach to homeland security."

    I'm not usually given to hyperbole (and in th
    • Good catch on Mr. Putnam's lack of ever having a "real job." In lieu of keeping an eye on him, as suggested, perhaps he should go to work among his peers at Microsoft because he may to share -- in many respects -- a world view familiar on that campus.
  • Digital Perl Harbour on Information Superhighway!

Slashdot Top Deals

If you have a procedure with 10 parameters, you probably missed some.

Close