Senate Trying To Slip Internet Kill Switch Past Us 461
sanermind writes "Sensing Senators don't have the stomach to try and pass a stand-alone bill in broad daylight that would give the President the power to shut down the Internet in a national emergency, the Senate is considering attaching the Internet Kill Switch bill as a rider to other legislation that would have bi-partisan support."
Governmental Fail (Score:5, Insightful)
CNN a few years ago ran a special were they told the story of a possible an IT attack and had former government officials try to figure out how to save the day.
The story was that people had downloaded a March Madness smartphone app that delivered scores and such in March, but now its April and it's sending out large amounts data, and making useless calls, that's overwhelming the cellular networks and running up people's bills. Round two was that this unknown data was actually waking up a bot net, and now the Internet's overloaded. Round 3... an explosion at a power station has downed power on the East Coast. However, nobody knows where the problem is to fix it, because their smartphones are dead and so is the Internet and phone systems.
The governmental instinctive reaction is to shut it all down... but you don't need to shut down the Internet, this could have been solved in round one by asking Apple, Google, even Cydia and the other responsible app stores to kill the app. What is needed is a granular control (that the app stores already have) to say when an app is causing trouble, we'll pull it off the smartphones that have it. If there's a server running a botnet, kill it, not the entire Internet.
The panel lost the game, and was punished with a postgame interview by Wolf Blitzer.
Re: (Score:3, Funny)
What! This cannot be! Surely the country's most handsome politicians wouldn't fail so thoroughly at a test of practical skill?
Re: (Score:3, Funny)
What! This cannot be! Surely the country's most handsome politicians wouldn't fail so thoroughly at a test of practical skill?
Why not? They fail so thoroughly at everything else! :p
Re:Governmental Fail (Score:4, Informative)
I most definitely want an Internet kill switch, and I would love it if the USG did this for us. This kind of project is too big and too costly to get done any other way...it requires government to get involved, and if we're going to be able to shut down the entire web with a single event, it has to be done this way because of the distributed nature of the web and it's inherent design to route around damage. My only fear is that if the USG were to take this on as a task, they might not succeed on time and within budget, and we need it to succeed.
(By the way, just to be clear, I'm a terrorist...as are all of us here, right? Think how awesome it would be to get control of a single point of failure created for the web! Key step to turning converting North America into a caliphate am I right guys?)
:-)
Re:Governmental Fail (Score:5, Insightful)
Don't design fucking critical infrastructure to communicate with the internet. Life support, power plants, hospitals, water treatment plants can use very secure computers and use local networking. BUT DON'T PUT THEM ON THE FUCKING INTERNET.
Round 2.
Don't consolidate the internet into a monopoly or duopoly. Yeah, some major thing might kill AT&T, but T-Mobile, Verizon and Sprint should still be active. Its a lot harder to "destroy" the internet when everything is spread out.
Round 3.
Take steps to protect yourself from DoS attacks.
Re: (Score:2)
Re:Governmental Fail (Score:5, Insightful)
If you want to update programs in your power plant, do it with physical media or take in a laptop and sync it that way.
Re:Governmental Fail (Score:4, Funny)
Bird is the word!
Re:Governmental Fail (Score:5, Funny)
There's also IPoAC [wikipedia.org], IP over Avian Carriers.
Highly vulnerable to shotgun-in-the-middle attacks, though.
Re: (Score:2)
If you want to update programs in your power plant, do it with physical media or take in a laptop and sync it that way.
What if the laptop was compromised? It then infects a critical system and you lose CPU cycles while it thrashes around trying to get out and time to cleanup the damage. Worst case is targeted espionage where there is a virus waiting to jump the air gap.
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
No, Black Mesa was sabotage. I know we love to blame Windows for these sorts of things, but that event was carefully implemented by an organization we have yet to meet.
Re:Governmental Fail (Score:4, Insightful)
There is no perfectly secure approach if any communication into the power plant systems is required. (Getting data out you could do securely by radio transmission, but data in is problematic).
But I would argue it's easier to secure that laptop than to protect an online control system.
First, the laptop need not be connected 24/7 - you can connect it only for brief periods to the Internet (i.e. only while downloading the laptop's regular software/AV patches and whatever data you need to transfer to the power plant). That reduces the exposure considerably.
Second, in this scenario it is impossible for the control system to communicate directly with a potential attacker. Any attacker instructions would have to go through the laptop sneakernet. This is more difficult to make work for the attacker. It also places a latency penalty on attacks. That enables things like auditing the laptop before it's allowed to connect to the control system, thus giving the defenders a chance at discovering the attack before it can do any harm. You can't do that if the control system is on the Internet.
Third, even when on the Internet, a laptop is not easily identifiable as a piece of critical infrastructure to an attacker who has infiltrated your corporate network from the Internet. A power company LAN may have many, many PCs and laptops. It has far fewer routers, such as those used to control access to the control systems. Forcing the attacker to find the needle in the haystack (which may even be offline at the time) adds some level of security.
Being offline gives you a far better chance against attacks than being online. It's just inconvenient and more costly. Since the utilities face little market or governmental pressure to be secure, cheap and convenient wins over security.
Re: (Score:3, Insightful)
Yup, but then you get management at central locations -demanding- to have access to realtime data from various plants.
The budget does not allow for dedicated links so a compromise is chosen... Heavily firewalled tunnels, but over the public internet.
Then a few years later, someone in management demands more functionality... Like being able to remotely do troubleshooting at the plant to save money on travel... This is implemented, throwing away the "Read Only" nature of the old system... again the internet i
Re: (Score:3, Interesting)
Re: (Score:2)
A seperate network.
Is it really that hard to seperate 2 networks ?
If you are in charge of powerplats, maybe some dedicated fiber in the ground, if communication is that important for you, wouldn't be a luxery.
Re: (Score:3, Interesting)
And since the power plants/company likely had to lay/string power lines... is it so hard to include a fiber run with it?
Re:Governmental Fail (Score:4, Insightful)
You're defending from the wrong threat. There was no IT attack on the power grid, there were conventional bombs along the power grid which is usually a simple problem to solve, but nobody knew where it happened because the government had activated the kill switches on public communication.
Downing the entire Internet just makes a bad situation worse.
Re: (Score:2)
The Internet is the cheapest available method to move bits from one place to another. Is there a another network that does the job well enough to be considered a competitor?
SIPRNET, JWICS, etc.
Re: (Score:2)
Internet-based networking technology is the cheapest available method to move bits from one place to another. That doesn't mean that networking system needs to be on "the" internet.
Lots of companies, the military, etc has private networking that isn't part of the internet. You just run some T1 lines around, which you'd have to do anyway to get on the internet, and make some basic configuration changes. Everything behaves the same as before, just with a separate network.
Re:Governmental Fail (Score:4, Insightful)
We can even extend our "intranet" to remote (non-local) locations through the use of virtual private networks, or VPNs.
A VIRTUAL Private Network pretends that you're on the same LAN by opening an encrypted conversation that travels over THE INTERNET. You seem to have that confused with a true Private Network.
Re: (Score:2)
Take steps to protect yourself from DoS attacks.
What about Dispensing of Stupidity attacks?
Re: (Score:3, Insightful)
Sorry, but the Internet is the cheapest and most effective way of implementing any sort of WAN today. The idea of having your own fiber is gone - there is no point to it and the companies that were offering it have stopped. I don't think you can buy a dedicated fiber connection from New York to Chicago today at any price. Packet-switched on existing fiber? Sure, you can get that. It's called the Internet.
Skip the rest and go to round 3. (Score:2)
Seriously, if you can take out the power for the entire East coast ... why not just do it? Why worry about the Internet?
Re: (Score:2)
Basically, the way to solve a power outage is to send people out looking for the problem, then swarming around the problem to fix it. It's a rather simple process when cell phones are up... but what do they do when there's not only no power, but no cell phone network too?
Re: (Score:2)
Twitter, of course!
Re:Skip the rest and go to round 3. (Score:5, Informative)
The cell phone towers all have gensets. Even the ones with the antennas mounted on the roof of an apartment building. They'll either mount it on the roof, or as part of the leasing for the roof space, also lease a small apartment, completely soundproof it, and leave it very anonymous. Found this out while on jury duty listening to the cell company's expert witness explain the set-up of each antenna as they were able to track several user's locations while they were driving around.
Re: (Score:3, Informative)
Maybe a few do for short-term outages, but do you understand what is required to keep a generator running for more than a couple of hours? There are no gasoline powered generators designed for that application. There are two types - some recent natural gas/propane ones and big diesel ones. There is no way they have diesel generators at each cell tower, nor is there any provision for refueling them.
Natural gas is a possibility, but I doubt it. Cell phones do not have the same requirements for staying fun
Re: (Score:3, Interesting)
Sure they do. I've seen hushed diesel genset that are so quiet they make your window AC sound loud. And I'm not talking a one-person portable, but the ones built on their own trailers. Cities are now now requiring them for urban construction sites when you have to keep 100,000 watts of lights on and the power hasn't been connected. You can also get gensets that run on natural gas - no need to have
Re: (Score:3, Interesting)
You got the date right :-)
Our communications infrastructure stayed up the whole time (though they had do do some "interesting" jury-rigging, like taking a couple of diesel-electric locomotives, derailing them, and having them drive down main street so they could be used as in-sutu emergency generators. Wrecked the asphalt, but everyone had power pic [cnlines.ca] because it [cnlines.ca] did happen [haya.qc.ca]).
Re: (Score:2)
Basically, the way to solve a power outage is to send people out looking for the problem, then swarming around the problem to fix it. It's a rather simple process when cell phones are up... but what do they do when there's not only no power, but no cell phone network too?
Probably whatever we did before we had cellphones? Insane, I know.
Re:Skip the rest and go to round 3. (Score:4, Insightful)
and last time I checked it didn't require a whole gang of workers to get out the long insulated pole and flip the fuse back in place.
Never worked with Union workers then? Sounds like you'd need at least 5 guys for that job. A pole extender, a fuse flipper, two signalmen to control traffic, and a supervisor to make sure everyone's looking busy.
There's a better solution ... (Score:2)
If they want to "tie up" the internet without actually shutting it down, just set up a bunch of servers, and when it's time to swing into action, release all that gubbiment pr0n that the employees have been collecting on your dime.
Nothing clogs up the inner00bs like free porn.
Re:Governmental Fail (Score:5, Insightful)
LostCluster, you have false assumption in your argument. You start with the assumption that the ability "Internet Kill Switch" is being called for based on the reason they stated. We all know that the reason stated by the government has little to do with the real reason.
Isn't the Kill Switch the actual threat? (Score:2)
I don't see how terrorist or whatever else could pose a bigger threat to the Internet than getting it all shut down.
Re:Isn't the Kill Switch the actual threat? (Score:4, Insightful)
Re: (Score:3, Insightful)
Actually, it's not the same as Y2K claims, because Y2K claims were credible. This supposed threat is not at all credible. Only someone who has no technical understanding of how networking works would think that having a kill switch for the Internet could help in some way. What a kill switch for the internet does is provide a handy switch for an attacker to throw that will shut down the entire country.
On the plus side, there's a good chance that after the switch is installed, its first use will be by a
The internet is the only thread... (Score:5, Insightful)
Imagine if Iraq or Afghanistan had common internet access, something tells me we wouldn't invade because public opinion would be very much against it. The internet lets you break down all the previous things that held countries in conflict, language, culture, and reporting hindrances no longer exist to countries with internet access.
Re: (Score:2)
Imagine if Iraq or Afghanistan had common internet access
How about Iran?
The problem is, the current governments don't WANT common internet access for the common people... because then we'd probably be hearing about a variety of inhumane treatment and human rights issues that those countries don't want us to know about.
Re: (Score:3, Interesting)
Most people support the Iranian people because they have internet, remember the election protests last year that pretty much the entire internet stood up in support of the Iranian people?
We aren't invadi
Re: (Score:2)
Re: (Score:2)
Plus, the moment US tanks start driving across the Iranian border, you can bet that Iran will start letting bloggers show how inhumane the US occupation is (all the while censoring the many Iranian human rights abuses)
Re: (Score:2)
Re:The internet is the only thread... (Score:5, Insightful)
Or, it allows the people "we're" bombing to craft a careful astroturf campaign designed to appeal to the prejudices of some portion of 'our' fellow citizens so that they then rage on Twitter, Facebook, Slashdot, etc... etc... The effects on the government are questionable at best because that 'some portion' of 'our fellow citizens' are deluded as to the actual effectiveness of said 'rage' and notably incompetent at questioning the validity and value of information that matches their prejudices.
Which is a consequence of our current system of government by soundbite and opinion poll, not a consequence of the existence of the 'net.
Re: (Score:2, Insightful)
Iraq had widespread Internet access before the invasion, you ignorant twat. Global public opinion was absolutely against it, even public opinion the United States was evenly divided after a year-long scare campaign. Fat lot of good that did.
Re: (Score:2)
And then imagine yet another series of unfortunate accidents involving undersea cables [bbc.co.uk].
Alexander the Great's solution to unsolvable problems is just as effective today as it was in Gordium two thousand years ago.
Re:The internet is the only thread... (Score:4, Interesting)
The internet we the people use was never designed to survive a nuclear attack. Further to that, all of the old long lines microwave stations that actually were hardened against attack (Cold War days and all) are now offline, replaced by fiber based infrastructure that is frequently damaged by backhoes and people in the hills with rifles.
Who cares? (Score:5, Interesting)
This is basically covered under martial law anyway, which would presumably be imposed in the event of an attack. The government already has the power to do anything it wants in such an event, so specifically enumerating an "internet kill switch" is basically moot.
Re: (Score:2)
Well put. But I believe the process isn't about enumeration. It's about establishing capacity, that is, building the "switch" which the president's could flip.
Re: (Score:2)
Yes, the leaders have the power, because they have the biggest guns. The government does not have the authority. If the leaders declare martial law, they have taken over the government to attack the people. If we give the government the authority, it can be done legitimately.
If the leaders want to attack the people, we should keep it perfectly clear that the leaders have overthrown the government and it is civil war, not government policing.
Truly sad... (Score:5, Insightful)
... that the nation that provided the infrastructure for the twitter based reports during the Iran uprisings now wants to make absolutely sure that sort of news can't get out, should things go truly bad here.
Wait a second... (Score:2)
Bipartisan support? What's that?
Re: (Score:2)
Bipartisan support is what happens when both parties feel that the particular bill being voted on should pass because it would be politically advantageous to themselves and financially advantageous to the corporations that fund their campaigns.
Re: (Score:2)
Typically, it either means a non-binding resolution on something uncontroversial, such as "the senate condemns murder"... or something which is no good for anyone, like the Patriot Act, or this "kill switch" crap.
Re: (Score:2)
the kind of support they get when they are giving themselves a raise.
Re: (Score:2)
It means you're about to get screwed by two things at the same time.
Re:Wait a second... (Score:4, Interesting)
As an interested foreign observer of US politics, I get the impression that right now if the president had a bill tabled that offered the Republicans full control of the House and Senate for all eternity, they'd still vote against it just because it was proposed by Obama.
You can't have a functioning political system when nearly half of the participants come out in protest against legislation before they even know what it does.
A poison pill? (Score:5, Informative)
attaching the Internet Kill Switch bill as a rider
It's also possible that certain Senators are pretending to like this provision because they know its inclusion could kill the entire bill, a bill they despise secretly but cannot dislike openly. It's called a poison pill in parliamentary terms; an addition which, by design, makes a bill less attractive to its original supporters and may not be favored even of the person submitting it.
Re:A poison pill? (Score:5, Insightful)
Re:A poison pill? (Score:5, Insightful)
There, see how I fixed that for you...
Whats the freakin point meatman (Score:2, Interesting)
The IT Crowd (Score:2)
Reminds me of the BBC TV show "The IT Crowd"....
"Here Mr. President, this is the Internet!" snickers
Hands President a suspiciously shoebox sized box with a flashing light on the top and a big red button.
"Just don't press the button, unless you have dire need, as this will shutdown the Internet!" more repressed snickers...
Re: (Score:2)
I loved that show. As I recall, the box was destroyed which sent the room into a panic seeing as they just destroyed the entire Internet.
Found a video of it online: http://www.youtube.com/watch?v=QAUyaELfwBo&feature=related [youtube.com]
Not possible (Score:2)
Riders (Score:5, Interesting)
Can somebody from the USA please explain why riders are legal?
It's such an obviously malevolent concept that it surprises me every time. It serves no other purpose than to sneak in bills (regardless of whether you consider them good or evil) which would have no chance on their own. Well, I guess it can also be used to torpedo bills which would have made it through otherwise. It just completely undermines the democratic process.
Most civilized countries would (and already have) prohibited riders by law after it happened a few times, but it seems in the USA it happens all the time.
Re:Riders (Score:4, Insightful)
But here in the US we have a 2 party system with no real differences between them other than on a few "hot" meaningless issues. For example, should the words "Under God" be on our currency? Despite the fact we have no real debate on actually reforming our currency to be backed by anything. Debates on whether abortion should be legal all the while few debates on privacy issues, etc.
Until we either have an awakening of the masses, or an electoral system like proportional voting, it will remain this way.
Re:Riders (Score:5, Informative)
Can somebody from the USA please explain why riders are legal? It's such an obviously malevolent concept that it surprises me every time. It serves no other purpose than to sneak in bills (regardless of whether you consider them good or evil) which would have no chance on their own. Well, I guess it can also be used to torpedo bills which would have made it through otherwise. It just completely undermines the democratic process. Most civilized countries would (and already have) prohibited riders by law after it happened a few times, but it seems in the USA it happens all the time.
Unfortunately it is sometimes the only way to get something done. At times it is the only way to get certain legislation passed when powerful individuals or committees are opposed to it. Senators cannot openly vote on the item if it stood alone, but they can feel free to vote for a combined bill that includes the item and retain plausible deniability that they ever supported it.
It is undemocratic and foul. But then, so is our Congress. Senators can't simply vote for the things their constituents want. They need to trade support like currency in the hope of growing their own individual influence. The idea is that in the end the constituents receive fair representation, but if anyone actually believes that then I think they might be interested in some lakefront property for sale in Pakistan. (too soon?)
In theory we have procedures in place to determine which items get applied to which bill. IMO it is these parliamentary procedures that are abused, not the concept of riders itself. Instead of openly drafting meaningful legislation, parliamentary tricks are played to poison bills or to sneak items through into law. Our recent passing of our Healthcare bills sickened me. I'm not going to comment on where I stand on the concept, but the process and manipulations we went through before it passed was embarrasing.
USA: Is not YOUR internet (Score:2)
Internet is worldwide now, is a network of networks, is not your thing to have a killswitch. A killswich for internet is like mining all buildings on all countrys in the world "just in case", In case what? In case a real terrorist get his hands on the killswitch? is moronic.
Re: (Score:2)
The only buttons in the Oval Office order soda. (Score:2)
Did we learn nothing from Ken Basin's $475,000 mistake on Millionaire? LBJ installed four buttons to order soft drinks in his desk. (And despite using the same desk, Bush wasn't sure what they were for.)
Don't stress out (Score:2)
Get serious. How often does that happen?
Re: (Score:2)
Re: (Score:2)
Don't forget (Score:2)
Rider bills (Score:4, Insightful)
The ability to attach unrelated rider bills to other bills is nonsense and should not be allowed.
I would vote for anyone who would fight to end that nonsense. Unfortunately, I have no voice as I am a legal alien in America and therefore cannot vote. It seems that politicians only want to listen to voters: US citizens and undocumented aliens, apparently.
I was thinking of having protest signs printed with the words "No taxation without representation" at the last election but I doubt if anyone would get the reference.
Re: (Score:2)
Who says you can't vote? In the US if you have a driver's license every state is required by law to register you to vote upon presentation of your driver's license. Period. No exceptions.
Now are you legally entitled to vote? No. But as you apparently have figured out, there is a reason for letting in as many undocumented workers as possible in the next couple of years. It will be a group that will vote for whomever will give them the most and, for them, there are no other considerations.
Re: (Score:3, Informative)
Unfortunately, I have no voice as I am a legal alien in America and therefore cannot vote
Unfortunately, I have no voice as I am merely a citizen by birth in America and therefore cannot make corporate-sized campaign contributions.
Welcome to my world.
Comment removed (Score:5, Insightful)
Re:Lieberman said.. what? (Score:5, Insightful)
I agree that it sounds like a moron squawking, but it isn't. Political corruption closely resembles ignorance and stupidity. When demonstrably intelligent public officials say moronic things in public, that my friend is a huge red flag.
Site Down (Score:2)
Looks like they've already used it against the article host! That's government efficiency!
Re: (Score:2)
Possibly...anyone know of a mirror? I'd actually like to RTFA for once.
I'm all for this.... (Score:2)
On the other hand, if the "national emergency" is defined by the same people who define "breaking news" on 24-hour cable newsertainment networks, then this could be a problem.
This sort of power is necessary (Score:2)
Welcome, Comrades! (Score:2)
Welcome to the Glorious Union of Soviet Corporatist Republics!
Obligatory Simpsons Quote (Score:2, Insightful)
-Kent Brockman [wikia.com]
Don't be so sure about it being a bipartisan bill (Score:2, Troll)
http://www.youtube.com/watch?v=fuWrMaLFdao [youtube.com]
How? (Score:2)
November's Coming (Score:5, Insightful)
We, the citizens of the United States, can't take back control of our government until we collectively declare, in a very clear manner, "Enough is enough!"
Re: (Score:3, Insightful)
What you're accomplishing, if anything, is turning people away from interest in their government, making it even more susceptible to special interests. We can't take back control of our government (if we ever had it more than we do now) until we collectively get interested and involved. At that point, our representatives will have to pay attention to what we want and need, be they Democrat or Republican or other.
To have any positive effect, you need to be for something, not against something. In polit
"shut down the Internet in a national emergency"?? (Score:2)
Isn't a "national emergency" when we (including the government) will need the Internet the most? Intentionally shutting it down will cripple the organizations (government and otherwise) who are trying to handle the emergency.
We had an example of this back during the Katrina and Haiti disasters, when trucks full of electronics were used to provide wireless phone and internet access to the affected areas.
There was a funnier example back during Gulf Way I, when the military still had the "feature" in the GPS
Nuke the economy (Score:5, Insightful)
I honestly fail to see how any kind of "cyberwar" could do more damage than "shutting down" the Internet. Exactly how do these morons in Washington think most business is conducted these days? Do they really believe that we could all easily go back to doing business solely by phone, catalog order and the USPS?
You might as well label the kill switch with "Subtract 90% from GDP!".
Sheesh....
Necron69
Re:This is why (Score:5, Insightful)
I think he's saying we shouldn't "use" the second amendment to kill every member of congress, not that we should overturn it.
Re: (Score:2)
But if we don't, they'll just become the newest generation of lobbyists.
Re:This is why (Score:5, Funny)
More support for Capitol Punishment! Punish everyone in the capitol!
Re: (Score:3, Informative)
We need to get everybody in Washington out, and start fresh, but lets do it right, and not use "second ammendment rights" like the crazy tea-party wants.
you start bitching about how standing up for your rights is a crazy thing to do.
Murdering politicians isn't equivalent to a right to have weapons. That's just one more reason why the tea party is viewed so poorly by sane people.
Re:This is why (Score:5, Insightful)
Re: (Score:3, Informative)
To understand my meaning, search for the wildly criticized phase "second amendment remedies". They keep talking about it as if it's a good idea, not the "Bachmann is actually going to convince one of those idiots is going to kill Obama" liberals fear, but a useful tool in their political toolbelt. Waiting for murder to happen isn't good enough when you know violence has already gone beyond the verbal, and the leaders of the crazies are happy to ignore and embrace it.
I find it funny that Obama has never re
Re:This is why (Score:5, Insightful)
And you conveniently ignore the fact that the right was not granted for individual determination, but as a collective decision. Insane is a perfectly fine way of describing someone who thinks they have the sole capacity and right to choose for the rest of the nation. You are only partially right about revolution is that it is violent, but it is not about assassination. The problem with King George was never looked at in such a way, and the founders would abhor you uncivilized and brutish notion.
On a personal note, if you think I've no taste for violence, I'd be more than happy to school you on the truth. It's a myth that liberals are sissier than you throwbacks, we just don't need it to settle an argument.
Re:Why now? (Score:4, Funny)
They can always say the internet is wanted for Sweden for rape.
Re: (Score:2)
No, ideas (possibly drafts) already existed before the wikileaks documents.