Internet Kill Switch Back On the US Legislative Agenda 376
suraj.sun points out a story at Wired that US lawmakers have revived the idea of a government-controlled "Internet Kill Switch," which reads, in part: "The bill, which has bipartisan support, is being floated by Sen. Susan Collins, the Republican ranking member on the Homeland Security and Governmental Affairs Committee. The proposed legislation, which Collins said would not give the president the same power Egypt's Hosni Mubarak is exercising to quell dissent, sailed through the Homeland Security Committee in December but expired with the new Congress weeks later. 'My legislation would provide a mechanism for the government to work with the private sector in the event of a true cyber emergency,' Collins said in an e-mail Friday. 'It would give our nation the best tools available to swiftly respond to a significant threat.'"
Sneaker Net (Score:2, Interesting)
We(tech types) have to think about how to have an marginally working internet without the cooperation of the telcos. Off the top of my head I could see an entire city's wireless routers all sort of passing things along. The traceroute would be from hell but data would keep moving.
I suspect that this is being developed right now by civil minded Egyptian programmers and engineers.
It could also be used in disasters and whatnot.
As long as a node here and there could contact the rest of the internet then various governments would lose the power presently exercised to evil ends in Egypt.
Message me if anyone is serious about this and maybe something could be brewed up.
Normally I am logged in as EmperorOfCanada but not at my computer right now.
Re:It is just data! (Score:5, Interesting)
No but we are at a disadvantage since we depend on private sector infrastructure which isn't coordinated enough to fend off a coordinated attack.
A government agency working with the ISPs could however respond to a systematic attack on our infrastructure and kill routes which are origins of the attack.
If a bank is receiving a denial of service attack to all of its servers it doesn't have the authority to order an ISP to start shutting down the source of the attacks. If however there is an attack under way they can notify a central agency whose job is to make an organized response to an organized attack.
Yes individual organizations need good cyber security response plans--but as we realized during the last economic crisis, just because an organization is critical to society doesn't mean it is acting in such a manner. Nor should they necessarily have to bare the cost of behaving as such.
Can we have a government kill switch? (Score:5, Interesting)
In case of emergency, it would let us cut off all government computers and communication. Seems fair to me.
Re:Oh noes! I can't reach porntube! (rolls eyes) (Score:5, Interesting)
By far, the most common use of the internet is speech protected by the first amendment. The commerce clause does not override the first amendment.
...not that the first amendment will stop congress from passing the law, the President from invoking it, or the courts from arguing over the terms strict scrutiny, intermediate scrutiny, content-specific, compelling state interest, etc.
Triumph of Sensationalism (Score:5, Interesting)
So there are hundreds of comments already posted here, but none of them that have been modded up that I can see points out that this isn't actually an "Internet Kill Switch" in any way shape or form. That's just a sensationalist title used to get people riled up and interested. This is, in fact, a much less interesting and less threatening piece of legislation. It just says the president can order companies running critical infrastructure for the functioning of our society to take action to protect them from a network attack in an emergency. No where does it grant the authority to shut down the internet or large swaths of it or censor any content.
Now this legislation is not without problems and it certainly should more clearly define what is meant by critical infrastructure, but seriously, there is a reason this bill is supported from both sides of the aisle and it had fuck all to do with people's conspiracy theories about censorship and control of the media and communication. This is just an inadequately worded bill doing exactly what internet security experts have been asking for right along; precautions put in place to quickly isolate critical systems that likely shouldn't be accessible in the first place but often are in one way or another. This is about Stuxnet and the possibility of network based attacks on real hardware and resources from foreign powers. No politicians in the US have any interest in shutting down the internet because we still have robust means of communication otherwise and it would be political suicide.
Re:It is just data! (Score:4, Interesting)
Yes individual organizations need good cyber security response plans--but as we realized during the last economic crisis, just because an organization is critical to society doesn't mean it is acting in such a manner. Nor should they necessarily have to bare the cost of behaving as such.
Then we should be taking the opposite approach. Instead of increasing centralisation because parts of the system are "too big to fail" we should be encouraging decentralisation - encouraging more players to get involved and build up redundancy so that if some are compromised we can still maintain functionality in the face of damage.