Bush Cyber Initiative Aims To Monitor, Restrict Access To Federal Network 120
dstates writes "Details of George Bush's Cyber Initiative are beginning to trickle out. The Cyber Initiative was created in January to secure government against electronic attacks. Newsweek says that over the next seven years, Bush's Cyber Initiative will spend as much as $30 billion to create a new monitoring system for all federal networks, a combined project of the DHS, the NSA and the Office of the Director of National Intelligence. The U.S. government has launched a classified operation called Byzantine Foothold to detect, track, and disarm intrusions on the government's most critical networks. ComputerWorld reports that all data traffic flowing through agency networks will be checked, and that it will be inspected at a deeper level than the current system is capable of. BusinessWeek, meanwhile, reports that one requirement is to reduce the number of internet access points in the Federal Government from the thousands now in use to only 100 sites by June 2008. How this will impact public information resources such as the Library of Congress, National Library of Medicine or even the US Congress remains to be seen."
$30 billion? (Score:2, Insightful)
Are they really itemizing hammers for $300, toilet seats for $1000? Are government contractors just taking us to the cleaners?
Why does the public not have any say in where this money goes?
Re:$30 billion? (Score:5, Insightful)
The public does have a say. Stop voting jackasses to power.
Re:$30 billion? (Score:5, Insightful)
Re: (Score:1)
...but if we didn't vote for our jackasses, the wrong jackasses might get in!
The problem is that we are only offered jackasses to vote for because only jackasses want to endure the headache that is public office.
Your normal, everyday, right-thinking person would rather not deal with the bullshit that minority* and special interest groups think the government should support/regulate/subjugate.
(* minority as in minority opinion, not race)
Re: (Score:2, Interesting)
The public does have a say. Stop voting jackasses to power.
Re: (Score:1, Insightful)
I have a better idea -- let's stop funding them.
Whenever a Democrat tells me we need to raise taxes -- in whatever code words they are using at the time, be it increasing business taxes or "rolling back the Bush tax cuts" -- I love pointing out where all the money is currently wasted. (Almost everywhere it's spent.)
Why on Earth would I want to give them more? On the contrary, if we give them less money, they will have less power.
Re:$30 billion? (Score:4, Insightful)
If you give them less money, they won't spend any less, they'll just go further into debt. The national debt is now so large that it is completely incomprehensible even to those in power.
The debt currently stands at almost 9.5 trillion dollars, and is increasing at around 1.67 billion dollars per day. This level of spending would make even a drunken sailor blush, and it's being done despite the fact that we are giving them less money through the various tax cuts that have been implemented over the past 7 years.
The government spends money as if it were monopoly money, and accumulates expenditures with little or no regard to the disparity between revenue coming in and expenditures going out.
Re: (Score:2)
I recently heard a nice way to help put these large numbers in perspective.
The following time is the time it would take to pay of the following amounts at a rate of 1 dollar per second:
1 million = 11.57 days
1 billion = 31.71 years
1 trillion = 31,710 years
So at 1 dollar per second, it would take 301,243 years to pay back that 9.5 trillion dollar debt.
Re: (Score:1)
This is why we should vote for real fiscal conservatives, not tax-and-spend Republicans like Bush & friends.
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
If you want to base your currency on a particular type of metal, might I suggest lead. Because when the economic shit really hits the fan, that's going to be the only real medium of exchange.
Re:$30 billion? (Score:5, Insightful)
Wouldn't it be nice...
Why on Earth would I want to give them more? On the contrary, if we give them less money, they will have less power.
The problem with giving the federal government less money is, we made the mistake of telling them what 'credit' is and gave them the power to increase their own credit limit at will.
Whatever issues we have with 'tax and spend' Democrats, they have a more honest approach than 'borrow and spend' Republicans. But the bottom line is still, between the Democrats and Republicans, there is no right lizard.
Re: (Score:2)
My cat hunts lizards, brings them into the house, and plays with them until they are in small, bloody pieces.
Clearly, we need to invent a "growth ray", and point it at my cat, and we'll solve this Democrats and Republicans problem.
Re: (Score:1)
Re: (Score:3, Insightful)
They are already spending more than they take in right now...
I like how you blame it on democrats too - Bush lowers taxes, but spends more than any democrat. Essentially what he's doing is deferring any really hard financial decisions to the next guy/girl in power. Its like a stealth raise in taxes because the more deficit spending that occurs the more worthless our dollar is.
Ever hear of "deficit spending?" (Score:2)
Oh, yeah, sure. After all, the government can't spend money it doesn't have.
Re: (Score:1)
Given that choice, I guess I'm happier with the former since at least it is honest and I'm not paying interest.
Re: (Score:2)
and whenever a republican tells me that they're going to roll out new tax cuts, I point out the national debt and complete lack of funding for anything useful. republicans don't spend any less than democrats do on pork, they merely cut anyth
Re: (Score:2)
The idea that we can function without government -- well, good luck with that.
Which is better; a $2000 tax cut that results in a 40% decrease in the dollar or an increase in taxes of $2000 that results in a dollar that stays the same value or increases given a salary of about $60,000? If you do not get that the "Santa Clause" who brings you "free trade" and "free wars" is costing you more -- then you are probably someone who voted a Jackass
Re: (Score:3, Interesting)
Re: (Score:2)
Yeah, that'll work.
"Stop voting for jackasses....by the way here is the list of jackasses you can choose from".
Re: (Score:1)
Re:$30 billion? (Score:5, Insightful)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Re: (Score:3, Informative)
No, they are itemizing Cisco Pix firewalls at $500,000 a pop. Not including labor.
Re: (Score:1)
Re:$30 billion? (Score:5, Interesting)
Re: (Score:2)
Re: (Score:1)
It's just that $30 billion is still a lot of money
Quoted for posterity and perspective. $30Bn is roughly a month's budget overrun (IE Money spent beyond what is actually budgeted) for the entire US Government. Just thought I'd throw that out there.
And don't worry, I'm sure your earlier comment only seems trollish to those who have worked in purchasing/contracting for the government.
One further point I'd like to make, however. We the gub'mint'ers are bound by a certain set of laws, when making purchases.
If Company A, the fine upstanding manufactu
Re: (Score:1, Informative)
Re: (Score:1)
Re: (Score:2)
people with a skin color that is different than ours
And who would they be? We've got ever color in the world, including the only blue-skinned folk: ;)
http://www.foxnews.com/story/0,2933,317564,00.html [foxnews.com]
http://www.youtube.com/watch?v=3XV0I6Q70Yw [youtube.com]
http://www.blueman.com/ [blueman.com]
Yeah, I know, the Smurfs are French, but they're communist, so that's the only reason you don't see them in the U.S.
SlashBias (Score:5, Insightful)
Implying that simply because the departments arn't completely open to the internet in a thousand ways is a denial of freedom of information, is a huge leap.
Granted, nobody trusts bush, and they shouldn't, as this is likely what he plans to do, but this part in particular is a good idea.
Re: (Score:2, Insightful)
Re: (Score:2)
Hey, read the summary sometime. Thanks.
Re: (Score:1)
You are reading stuff that isn't there.
Re: (Score:2, Interesting)
I mostly agree - But wonder if another part of this will end out allowing Greater Penetration of the Internet public networks even as it limits access to the government ones. After all, if you have rights and abilities to break into networks in the public domain but never have to be concerned about the public breaking into yours, do as you wish. . . life is good! And no one will ever find out what you're doing.
If they really cared about doing it right, it wouldn't always be a one-sided standard protec
The Issue with the George Bush Cyber Initiative... (Score:1, Flamebait)
Seriously, try saying that with a straight face: "the George Bush Cyber Initiative". Me, I'm picturing an old arcade cabinet-style version of Galga stuffed into a corner of that idiot's office (right next to the "Missile Command" cabinet that stands in as SDI).
Anyhow, just my first reaction, but it was good for a laugh on a Tuesday morning. Please go back to your normally scheduled conversation.
Re:The Issue with the George Bush Cyber Initiative (Score:2)
You're right, we need a new name for this sort of thing....hmm....well, the government will be putting up a sort of metaphorical "wall"....and the people who intrude will get burned, so "fire" would be good...maybe "Wall-Fire"...or "Fire-Wall"? Naw, it'll never catch on. I'll keep thinking...
Re: (Score:2)
...there, fixed that for you =)
Re:The Issue with the George Bush Cyber Initiative (Score:1, Offtopic)
Re: (Score:2)
They spend tens of billions (it will probably go into the hundreds in a few years) of our money implementing the worst possible solution to a simple design problem,
Re:The Issue with the George Bush Cyber Initiative (Score:5, Insightful)
(whatever that is...I don't think I want to find out)
Re:The Issue with the George Bush Cyber Initiative (Score:4, Informative)
Re:The Issue with the George Bush Cyber Initiative (Score:5, Funny)
Dude, what corner? His office is oval. Who looks like the bigger idiot now?
Re:The Issue with the George Bush Cyber Initiative (Score:2)
And maybe if frogs has wings...
Re:The Issue with the George Bush Cyber Initiative (Score:2)
Re:The Issue with the George Bush Cyber Initiative (Score:1, Offtopic)
Re:The Issue with the George Bush Cyber Initiative (Score:2)
If government networks were secure by design . . . (Score:5, Insightful)
TCP/IP was never intended to be secure. It was intended to be flexible, robust and fault-tolerant. Security was not incorporated in the design of TCP/IP networks, save as a kludge attached after the fact. Fine for most of us; but if security is critical, I recommend using a different technology at the network level, one which incorporates security at the fundamental level. Since these networks should already be defined as "dark" networks, the potential for inter-network connectivity issues should not be a major consideration.
Yes, DarpaNet is a remarkable invention - but it's the Model-T of the computing industry. Y'know how many guys got their arms broken by that bloody starter crank, before Henry F. incorporated a lead-acid battery and electric starting moter? Sure, the hand-crank works well enough, but it's time to come up with the next advancement, not to mandate more foam padding and other safety features for the arm-breaker.
hand-crank autos (Score:1)
Re:If government networks were secure by design . (Score:2)
Sure, if you wanted to, you could create
Re: (Score:1)
What's that going to cost, in terms of software design and implementation, training to effectively use and maintain those security kludges, and - oh, yeah, the odd intrusion/data loss which are inevitible?
Re: (Score:2)
I don't see it as a l
Disarm?! (Score:2)
Disarm an intrusion?! Because the intrusion is armed?
Re: (Score:2)
Re: (Score:3, Informative)
I was involved in the Einstein program during its early days in a previous life, it is actually quite useful, for monitoring all the traffic coming and going, as well as a historical searching.
The current implementation as far as I know (its been almost a year since I was involved) only has heade
Re: (Score:2)
Could the article title have any more flamebait? (Score:5, Insightful)
This was obviously worded to stir the 'Left' trolling the comments.
The article speaks of data lost to China last year due to hackers on the Government network. If our tax dollars should pay for anything, it should be national defense and to protect this data.
Re:Could the article title have any more flamebait (Score:1)
We need this! (Score:1, Troll)
Re: (Score:1)
Finally on target (Score:4, Insightful)
What's more amazing is that I'm still amazed by government stupidity and corruption.
Re: (Score:1, Flamebait)
Re: (Score:2)
Wait a second... (Score:1)
Re: (Score:2)
Firewalls (Score:4, Insightful)
When the technology allows for it, I expect most companies to do the same thing, limiting or eliminating access to their sensitive data from computers that have access to the Internet.
As for data that is supposed to be public, read-only copies - perhaps made nearly in real time - must be accessible to the public. If someone manages to break security and trash a read-only copy, the original data remains uncorrupted.
Re:Firewalls (Score:4, Informative)
But, let's analyze this particular event for a moment. First, why would Booz, Allen's email server accept as legitimate an email claiming to be from the Defense Department when it was sent through Korea and Yahoo? Messages like that ought to be blocked at the doorstep. I don't let mail with @aol.com From addresses in here unless they come from AOL's own servers. The fact that such an obviously illegitimate email could be accepted by one of America's largest defense contractors make me wonder how they recruit their network staff.
Next, why aren't they using public-key encryption, or at least digital certificates for authentication? Hell, they ought to be using SMTP-level encryption with certificates for every message sent by DOD mail servers to their contractors. We're apparently more concerned about regulating the privacy of people's health information through HIPAA rules than we are about the privacy and security of communications between the military and its contractors. If you send an email with "patient health information" between providers in the clear, you could be in a heap of trouble. Why doesn't that mindset apply to defense contractors who have a lot more money to spend on this stuff than health providers?
The article also glosses over the role that the Microsoft monoculture plays in all this. Some of these attacks target OS to install things like keyloggers, but another large chunk apparently exploit Office applications like Word, Powerpoint, and Access. The article suggests that a large amount of militarily-sensitive data is kept in Access databases which make them an appealing target. Apparently the intent is to burrow small modules into Access databases that ship out the data in the background when the database is opened. Last time I looked, Access wouldn't really be my choice for a database designed to hold and protect militarily-sensitive data.
While it might be nice to think of the problem as somehow analogous to closing the borders, it looks to me like the usual security principle applies. It matters more who and what's behind the firewall than what's coming in.
BTW, the whole focus on the guy running a domain registration service in China was patently ridiculous. Of course, no one with a throwaway GoDaddy account ever used it to hack into something; it's only those devious Chinese who've figured this out.
Re: (Score:1)
By major boo-boo, do you mean accidentally talking about work with your best friend who then blogs about it? Oops.
How this will impact public information resources (Score:4, Informative)
Since the LoC and Congress are Legislative branch, and the President's Cyber Policy is from the Executive branch, I'd say "very little".
Re: How this will impact public information resour (Score:2)
I've got a better idea (Score:2)
Proposed security measures... (Score:5, Funny)
Dude! (Score:1)
Sorry, just the first thing that came to mind.
Re: (Score:1)
Packet inspection (Score:1)
This internal email is incriminating, set archive bit to not archive.
Can't be done by June 2008. (Score:2, Insightful)
Federal Network (Score:1)
Deathnutz (Score:1)
Classified? (Score:2)
Then why do we know about it?
Re: (Score:1)
thought it was a story on the LOC and MS Silverlig (Score:2)
Now, I wonder if every entry point will have a pop up asking of you are really sure you want to move forward to the next page?
LoB
Dont expect much (Score:1)
Get your Trojans in while there is still time!
Actually on a serious note; I used to work for the Governors Office which we had locked down fairly well behind two firewalls (edge and office), and an active IDS system. When the DCOM viruses started hitting hard we saw an enourmous influx of traffic coming from Department of Defence, Homeland Security, and FBI, networks. Taking a sip from the fire hose with etheral showed that over 98% of it was DCOM exploit attempts coming from well over 1000 unpatched w
Oh the irony (Score:4, Insightful)
Centralization + Security (Score:1)
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/12-17-2003/0002077687&EDATE= [prnewswire.com]
They need to do what the DOD has done (Score:2)
Taking bets? (Score:2)
Seriously, do they really think this failocracy can secure and buttress its own networks better than the open Internet everyone else uses?
I'll give them this, though: At least they're having the common courtesy to try and keep attacks on the federal government from affecting my Internet. Damn kind of them.
Way to go /. (Score:2)
IDS (Score:2)