Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Government Businesses Security The Internet IT Your Rights Online

New Bill Would Put DHS In Charge of 'Critical' Private Networks 193

GovTechGuy writes "A new bill unveiled Wednesday by House Homeland Security chairman Bennie Thompson (D-Miss.) would give the Department of Homeland Security the authority to enforce federal cybersecurity standards on private sector companies deemed critical to national security. The Homeland Security Cyber and Physical Infrastructure Protection Act of 2010 authorizes DHS to establish and enforce risk and performance-based cybersecurity standards on federal agencies and private sector companies considered part of the country's critical infrastructure. Such firms include utilities, communications providers and financial institutions."
This discussion has been archived. No new comments can be posted.

New Bill Would Put DHS In Charge of 'Critical' Private Networks

Comments Filter:
  • by jeffmeden ( 135043 ) on Friday November 19, 2010 @09:54AM (#34280900) Homepage Journal

    Considering how much a lot of those companies rely on their network infrastructure, if there isn't a provision for this then perhaps the alternative is to be prepared to take over the whole organization if/when they are crippled by an attack. I am not one for heavy handed government but someone needs to light the fire under these guys.

    • Re: (Score:2, Redundant)

      by Xiph ( 723935 )

      The problem is that this will mean that they end up forcing critical infrastructure projects to rely on rot13 encryption.

    • by lgw ( 121541 ) on Friday November 19, 2010 @10:02AM (#34280972) Journal

      Has the DHS demonstrated that they are any smarter than the current crop? Is an enforced monculture somehow better for security than a variety of solutions? Is the DHS going to be immune to carefully chosen campaign contributions at the federal level, resulting an an all-Microsoft infrastructure?

      The way IT for banks is regulated, by creating standards that the banks must comply with but not dictating specific solutions, might work OK here. But I have no faith that that's where "OMG, the government needs more power" is going to end up.

      • by bsDaemon ( 87307 ) on Friday November 19, 2010 @10:20AM (#34281138)

        This move doesn't necessitate a monoculture, it just depends on how they write the law and how those in charge of implementing it end up crafting regulations. As long as they're only enforcing standards and not a standard implementation, then its probably OK, as you stated in the second part of your post. For instance, if the regulation states that networks which have any convergence points with the public internet have, at all crossover points, IDS/IPS systems in place which meet a certain level of ability, then its up to the firm who owns the network to decide whether to go with a solution from Cisco, Juniper, Sourcefire, or another vendor, or to roll something home-grown as long as they can meet the requirements.

        I'm sure most of the organizations which will be affected by this will already have most, if not all, the necessary security mechanisms in place. However, they may be out of date to some degree, not properly monitored, and some smaller organizations may be missing large swaths of helpful security infrastructure and best practices because it just hasn't "been an issue" for them in the past. This is probably a fairly direct result of the Stuxnet work/virus. Whether Federal mandates are actually going to help remains to be seen, but if they follow sane policy frameworks such as those outlined by the NSA IAD and the CNSS then this ought to be fine.

        Since this is Slashdot, I'm sure at least a plurality will focus on the "private" in critical private network, as evidenced by the air quotes around 'Critical' in the lead line of the story, however when we're talking about power, water, and communications systems critical probably isn't strong enough a word to describe them, and their ability to operate is largely a result of government-enforced monopolies and government-enforced easements, so I wouldn't really call them 'private' either.

        • by anegg ( 1390659 ) on Friday November 19, 2010 @11:06AM (#34281584)

          I have been involved in government IT security for many years now as an employee of a government contractor often hired to perform various parts of the government security process. One of the biggest problems with the government security "standards" and "processes" in place now is that there is practically no cost feedback to the controls. The policies all say that the cost of the controls should be commensurate with the value of the system being protected, but many of the security "approvers" demand gold-plated security, and are often opposed to signing off on anything less. (Hey - you can't be held responsible for a security problem in a system you approved if you simply never approve any systems.) There are numerous government systems operating either "unauthorized" or under "temporary waivers" (for years and years) because the security folks wouldn't sign off the controls.

          These problems are with the government policing the government. I can't imagine it would be any different when they are enforcing the standards on commercial companies. Although private enterprises can and do go underboard with security, government monitors are almost certain to go overboard. I have some (but limited) experience reviewing IT security for commercial entities (financial services firms, oil and gas firms, pharmaceuticals) and they often "get" most of what needs to be done... with a few lapses (like connecting SCADA networks to the regular corporate network, which is also connected to the Internet).

          If the approach is to have a few *simple* rules (like networks over which critical infrastructure communicates must be isolated from corporate networks that are attached to the Internet), then I think some government oversight wouldn't be bad. But if the approach is to require private enterprise to demonstrate compliance with full-blown government IT security C&A with the government doing the certification, I would predict drastic increases in costs, without necessarily dramatically increasing actual security.

          • Re: (Score:3, Insightful)

            by LifesABeach ( 234436 )
            I question, "Why the DHS?" In retrospect to the 'Katrina' event, and how DHS helped American citizens then; I see no reason to believe that the DHS won't repeat itself when it is involved in another 'opportunity in which to excel.' And now the TSA, a love child of the DHS has basically created an environment in which Horses Asses can be generated, without the need for the rest of the Horse. There's a reason why the rest of the Horse should be attached.
            • by slick7 ( 1703596 )

              There's a reason why the rest of the Horse should be attached.

              We could always let FEMA handle it.

              • by mcgrew ( 92797 ) *

                FEMA's problem is it's now a part of DHS. From what I've read, it was quite responsive before that happened.

                When tornados tore through my neighborhood [slashdot.org] the city acted quickly; VERY quickly. IEMA (Illinois' version of FEMA) took weeks, FEMA took months.

                • Man...triple whammy this week.

                  In addition to the Feds taking over our Internet, and other fun stuff...looks like Senate Bill SB 510 apparently passed.

                  The he Food Safety Modernization Act is so broadly worded...that it could really kill out local farmer's markets, organic farmers....and the parts I don't like, may make it legal only for big companies like our friends at Monstanto, to be in charge of storing and distributing seeds.

                  Man...what is the deal these days with the Feds and the intrusiveness? I mea

          • by hedwards ( 940851 ) on Friday November 19, 2010 @12:17PM (#34282372)
            As opposed to the current business practice of bolting on a tin can solution to a gold plated problem? I mean seriously, corporations rarely if ever spend enough on cyber security. A lot of the massive exploits were only accomplished because the corporation that got ripped off wasn't even implementing the most basic policies.

            Having the government threaten to take over their network if they aren't properly secure it would likely go a long ways towards them actually behaving responsibly, even if the government never does it.
          • Re: (Score:3, Insightful)

            by Reziac ( 43301 ) *

            Further, I wonder what would be defined as 'critical'. Certainly it would start with infrastructure, but at some point it's going to creep into everything at every level, as nearly every gov't regulatory function before it has done. Twenty years from now your home network could conceivably be deemed 'critical' because you happen to work for the power company.

          • Re: (Score:2, Informative)

            But if the approach is to require private enterprise to demonstrate compliance with full-blown government IT security C&A with the government doing the certification

            The government C&A approach should be enough for anyone in the know to run screaming from this. It basically amounts to a massive enumeration and mapping of the entire network, performed on an unrealistic schedule by people who don't necessarily know what they are looking for, then the autogeneration of mountains of paperwork based on the mapping, followed by a signature by a CEO type that basically says he is criminally liable for any security breaches henceforth. When we did this process my work sit

        • by cayenne8 ( 626475 ) on Friday November 19, 2010 @11:26AM (#34281818) Homepage Journal
          I guess again..I just don't trust them.

          Who's to say WHAT is a critical business infrastructure? Sure, it may start now with financial institutions, the power grid, etc...things I think many people could agree upon. But as with all govt. regulations....you will get scope creep, it is just the nature of the beast.

          Look at the recent discussion here about the move to force many if not most websites to conform to new ADA guidlines?!?!

          In that argument, they said the *MIGHT* not force private, small websites to comply....might not??

          Once the Feds can get into private companies and tell them what to do...it is kinda like the mob, they get more and more and more involved. Once this starts spilling over into small businesses...the cost of regulations will likely knock a lot of the smaller guys off, and close the market to new competition from smaller businesses.

        • Instead of mandating what should be deployed, stick to testing the defences of the companies.

          Fine them if the DHS crackers can gain access.

          As a side benefit, it would discourage the monoculture. Different companies would deploy different systems and that would make it almost impossible for a single attack to crack them all.

      • "The Homeland Security Cyber and Physical Infrastructure Protection Act of 2010 authorizes DHS to establish and enforce risk and performance-based cybersecurity standards on federal agencies and private sector companies consider part of the country's critical infrastructure."

        It does sound like a standards-based, not a "take over" approach. The crisis alternative (as we found out during the financial crisis) is for a takeover/bailout of the entire organization when internal processes fail to account for ris

        • Re: (Score:3, Insightful)

          And how hard is it to apply what you have hopefully learned with the rest of the legislation passed in the ten years?

          Repeat after me. This legislation exists to build a presence.

          At the best, it will do what the FAA's legislation has done to General Aviation over the past fifty years. Overregulation of federal standards which cripples usefulness/availability and stagnates innovation because new ideas are either illegal to implement, or they become too expensive to try. Give it five or ten years, and we wil
          • Re: (Score:3, Informative)

            by jeffmeden ( 135043 )

            Not to straw man your other arguments, but the FAA has managed to keep people alive at an unprecedented rate. Considering the aviation disasters that befall less regulated nations on a regular basis (and even other transportation methods in our own nation,) I would have to politely decline the notion that the FAA is overstepping it's bounds. As someone who has put on a lot of miles in the air, I prefer to take my planes well regulated and safe, as opposed to innovative and in a crater.

            • by Reziac ( 43301 ) *

              That's all well and good for people who don't have a voice in the decision to accept or decline risk, or people who are risk-averse (which has its place; craters are not typically a quality flying experience). But I think what the OP was getting at, is that there are now strictures that affect even people willing to take their own risks with new development, so it doesn't happen.

        • The problem is that with the banks the collateral damage from allowing them to fail was more or less catastrophic, at least as bad as what we'd seen in the depression of the 1890s and the equally horrific Great Depression. Taking steps ahead of time would've eliminated the necessity to step in like that at the last moment.

          It's not like it wasn't common knowledge that those corporations had grown to the point where they weren't competing.
          • Re: (Score:3, Interesting)

            by FiloEleven ( 602040 )

            No, if the banks had been allowed to fail we would have entered a new utopia where money doesn't matter and people's net worth was based on how much good they could do in the world. As such, the "richest" people would have been the best people, and they could use the resources at their disposal to bring about world peace, the end of hunger, and OMG ponies!

            See how easy it is to make unsupported counterfactual arguments?

      • by Amouth ( 879122 )

        the "DHS" is at ever corner reminding me of history

        http://en.wikipedia.org/wiki/Gleichschaltung [wikipedia.org]

        sure so far it's not as bad or nearly as fast.. but every step it takes is in the same direction.

    • Re: (Score:3, Interesting)

      by mcvos ( 645701 )

      My first thought was: why does national security even rely on private networks? But if there's one thing that the mortgage crisis taught us, it's that quite a lot of our economy can be easily messed up by a handful of irresponsible banks. Of course the same is true for telecommunication companies and our communication infrastructure.

      • by arivanov ( 12034 )

        This approach is similar to what other countries have been taking for a while. The governments pretty much slept through the Internet becoming the predominant telecommunication medium and the awakening has been rather rude for all of them.

        Nearly all other governments have taken similar steps. It is actually positive that USA has put some legal framework behind it. That has not been the case with other big-8 countries where the various three symbol abbreviated agencies have forced a number of changes on the

    • If anyone is going to do this, it should be the NSA, not DHS. Why, you ask, would I trust a military agency over DHS?

      1) The NSA is regulated by DoD regulations which prevent it from working as a domestic law enforcement agency.

      2) The NSA can very rarely share information with law enforcement because its methods are not legally admissible in most court cases (and they're not supposed to be, since the NSA's purpose is to support the military and operations abroad where civilian courts don't even have jurisdic

  • It feels like (Score:5, Informative)

    by Rosco P. Coltrane ( 209368 ) on Friday November 19, 2010 @09:57AM (#34280920)

    a deaf man telling others how to sing [informationweek.com]. Maybe they should get their act together before giving lessons...

    • by Belial6 ( 794905 )
      I was thinking more along the lines of a child molester telling others how to use the internet.
  • I'll sit over here (Score:5, Insightful)

    by Megaweapon ( 25185 ) on Friday November 19, 2010 @09:58AM (#34280926) Homepage

    and wait for the Republicans to fight this government intervention tooth and nail. .........

    • Re: (Score:2, Insightful)

      by schmidt349 ( 690948 )

      Sorry, the Republicans only fight government intrusion if it lacks the magic words "national security" and your annual income is above $250,000.

      In this instance what they can do for you is a visit from Ann Coulter, who will shriek "why do you hate America SO MUCH" loud and shrill enough to shatter all the glass in your house.

      • Sorry, the Republicans only fight government intrusion if it lacks the magic words "national security" and your annual income is above $250,000.

        Guess you haven't been following the airport-scanner debacle.

    • you will have to forget before doing that, the fact that ACTA was initiated, prepared and cooked and started being pushed around in republican term in congress, senate and admn., before 2006. at 2006, it was already during international negotiations stage, first by being pushed to canadians.
    • Re: (Score:3, Insightful)

      and wait for the Republicans to fight this government intervention tooth and nail. .........

      You'll be waiting a long, long time. Chances are that most of the companies that would benefit from this legislation (i.e. large IT shops) donate more money to the Republicans than the Democrats. You act as if there is a fundamental difference in the parties rather than rationalizations for supporting whichever group gives the party more money. Neither of the parties believe in the principles which they espouse. They simply cater their rhetoric to whomever gives them more votes or money. This kind of s

  • If this passes, does it mean I have to have the "new" patdown, or can I opt for the "classic", before I can enter the server room? And, if I can only bring in four ounces of soda, my productivity is gonna go to hell.
    • "My fellow Earthicans, we enjoy so much freedom it's almost sickening. We're free to choose which hand our sex-monitoring chip is implanted in. And if we don't want to pay our taxes, why, we're free to spend a weekend with the Pain Monster."
      - Richard Nixon's Head

      Safe to say this is where we're heading.

  • What do they mean by "enforce federal cybersecurity standards"?

    If that just means new security standards that companies have to meet, then I can't see the harm in that

    Demanding exclusive admin access? Now it's complicated.

    • by Rosco P. Coltrane ( 209368 ) on Friday November 19, 2010 @10:05AM (#34280994)

      If that just means new security standards that companies have to meet, then I can't see the harm in that

      When the standards are defined and enforced by incompetents, they tend to be useless, costly and bad for productivity.

      • by chemicaldave ( 1776600 ) on Friday November 19, 2010 @10:08AM (#34281018)
        It's certainly the right idea if standards are all they're pushing. But I agree, the DHS shouldn't be involved in this. I can't see why they are in the first place other than someone used the word "terrorist".
        • by bsDaemon ( 87307 )

          DHS is likely involved since they have a Federal mandate allowing them to operate in Civilian-space internally to the US, something NSA isn't really allowed to do for corporations (hence why similarly-skilled contractors were recommended to help with the incident response for Google re: China), but can do for government and military outfits. As I noted above, I strongly suspect that the DHS rules will be based on FIPS standards as well as slightly modified policy and technology guidelines from the IAD and

          • by dgatwood ( 11270 )

            I think we'd be far better off if the government weren't coming up with the standards in any significant way. They've shown little understanding of security (and particularly computer security) in the past. Far better if they instead pass laws that simply mandate certain types of companies conduct regular security audits by their choice of external auditors, coupled with penalties if those audits find that the companies are not following established industry standards.

            Alternatively, the government could

        • by locallyunscene ( 1000523 ) on Friday November 19, 2010 @10:32AM (#34281242)
          Thank you. I agree, defining standards are okay, but DHS should be the last one selected to do it. Networks like these need security not security theater.
    • If that just means new security standards that companies have to meet

      That seems to be just what theyre asking for, according to the article.

      Im not exactly clear why the DHS would be super good at proposing network security requirements though

      • by macshit ( 157376 )

        Im not exactly clear why the DHS would be super good at proposing network security requirements though

        Is there anything the DHS is good at?

        I suppose one way to look at it is: they probably suck massively at network security, just as they do at everything else; since we've already thrown tons of other random powers at them, why not this...

        [head explodes]

    • by anegg ( 1390659 )
      I would expect the ultimate goal is for such systems to be overwatched by the new US "Cyber Command" being set up at Fort Meade.
  • Better Yet (Score:2, Insightful)

    by ciderbrew ( 1860166 )
    Stop spending Tax, giving yourself more powers. You should have rules in place for internal departments and for any company that is THAT important, surely any contract set up would require some terms and conditions.
  • by elrous0 ( 869638 ) * on Friday November 19, 2010 @10:07AM (#34281012)

    Why do I have a sneaking suspicion that this law will be applied WAY more often to fight torrent sites than it will ever be used to fight actual terrorists?

    • Re: (Score:3, Interesting)

      Why do I have a sneaking suspicion that this law will be applied WAY more often to fight torrent sites than it will ever be used to fight actual terrorists?

      Torrent sites that aren't taken over by russian virus makers, where the files you download are guaranteed genuine and not cheap porn movies that have been renamed, certified safe by the government? Yeah, I'm all for that.

    • Why do I have the sneaking suspicion you didnt even read the summary, much less the article? This bill is about requiring certain standards to be met by certain vital private sector companies. How on earth would you even get at torrent sites under this bill, require them to upgrade to the latest version of cisco IOS?
      • by elrous0 ( 869638 ) *

        Because part of the "critical infrastructure" of this bill are ISP's. And part of the "new security regulations" could easily include shit like blocking torrent sites on both the front-end and back-end (because they pose a virus threat to our security, of course).

        • That's retarded. If your government is corrupt and insane enough to use that kind of convoluted reasoning, I'd be much more worried about them taking away your right to free speech because it could lead to "spreading of terrorist propaganda", or your right to unreasonable search and seizure because "anyone could be a sucide bomber". If you think your government is THAT bad, get the fuck out of the country NOW, while you still can.

      • Torrent sites ARE vital, dammit! And even though Russia and Sweden are little-known backwaters of the USA, they are still part of the USA and deserve the same protections that the more popular states get!

    • by pjt33 ( 739471 ) on Friday November 19, 2010 @10:36AM (#34281286)

      You obviously haven't thought this through. Remember, torrent sites steal billions of dollars from hard-working cinematographers. Where do you think that money is going if not to tiny camps in inaccessible parts of distant countries in order to wreak damage and destruction in the heartland of America? Honestly, this stuff is so basic that any junior congressman could understand it...

  • Competence (Score:5, Insightful)

    by Anonymous Coward on Friday November 19, 2010 @10:09AM (#34281030)

    Considering that the DHS is probably one of the most dysfunctional, incompetent departments in the entire federal government, I find that more frightening than the terrorists.

  • What's critical? (Score:5, Insightful)

    by girlintraining ( 1395911 ) on Friday November 19, 2010 @10:14AM (#34281072)

    As we saw with anti-terrorism spending, what's deemed critical and what truly is hasn't exactly ever been the same.

  • Lame Duck (Score:4, Insightful)

    by MikeB0Lton ( 962403 ) on Friday November 19, 2010 @10:16AM (#34281088)
    As if they haven't spent enough tax dollars they don't have.
  • by mr_mischief ( 456295 ) on Friday November 19, 2010 @10:19AM (#34281124) Journal

    I'm sure "federal cybersecurity guidelines" for a network include having Federal employees shutting down general non-critical access and putting control of the network under FEMA control whenever there's a disaster. That's great for a network owned by the Federal government. It's an abomination against the rights of the people and private companies to do those things to a commercial network on which millions of people rely for their own uses.

    It's called "socialism" when the government takes over industry for the people. It's called "facism" when the government takes over industry to enhance the power of the government. Somehow I just can't see the government taking over control of networks the citizens use as benefiting the people more than the government.

    • Before you go ranting and accusing the government of fascism, maybe you could actually, you know, READ the proposed legislation, and then cite the passage where you have found this provision?

    • Depends on what "guidelines" mean. There are government guidelines in many aspects of life today. For example what additives are allowed to be put in food products. That "fat free" and "low fat" have precise meanings, and a pack of beef hot dogs can't claim they are "low fat" without adhering to guidelines. Also how strong concrete columns must be when building a highway overpass, etc.

      If guidelines are used to outline what are minimum levels of security, then it sets a basic level of expectation. For

  • by glebovitz ( 202712 ) on Friday November 19, 2010 @10:33AM (#34281248) Journal

    I hope they don't require a genital pat down to use the Internet.

  • So if they do this like their other wonderful policies I cringe to think of what will happen...

    Those companies will see their mail servers flooding the net with botnet spam. Their websites will be littered with porn pop-ups. The and all of their secure transactions will no doubt authenticate via a .ru connection.
  • Or we could ban software companies lobbying to lower security standards and we could push for changing government pay grade scales for security experts so gov't actually has a chance of competing for talent with the private sector.

  • choices, choices

    do we want to be "too big to let fail" or "not critical to national security"

  • No.

  • Somebody should get those Diebold ATMs off the public internet and back on a WAN like they should be.
  • If you want to send any enterprise down the tubes, start by giving one group the authority and another the responsibility. DHS wants to dictate standards but when the next big blackout occurs will DHS rush to accept the blame?

    Have we considered the risk of self-inflicted damage caused by ill-conceived government-mandated software?

    You don't need to be a libertarian to see that this is insanity.

  • private sector companies considered part of the country's critical infrastructure.

    *Insert Jeopardy music here*

  • by sirwired ( 27582 ) on Friday November 19, 2010 @10:55AM (#34281464)

    DHS has been given authority to ensure critical networks are up to federal security standards. Apart from the discussion of if this will be useful, this does not, in any way, put them "In Charge" of the networks.

    • As anyone aware of the "security and accreditation" program of the DoD can tell you, this will just spawn another army of government contractors doing audits on the basics. Just like SoX was supposed to prevent large corporate breakdowns (didn't help the latest round of collapses like Lehman Brothers and Merrill Lynch), this will not help. It will merely feed the pockets of the big government contractors and not "secure" anything.

  • as useful as PCI (Payment Card Industry) standards. a great idea with loads of rules to keep things on the right track, but no real punishment for repeat offenders or major breeches. in short: just another meeting on my calendar.
  • First, the bill to censor internet and get ahold of any domain name, with a court order

    now, the ability for a single department of u.s. government, without requiring a court order, to control private networks,

    Couple these two with the draconian and stupid copyright/patent laws in usa, and you can see that it wont take a few months after this for u.n. or eu to come up with an alternative, international or european authority to govern domain names and ip numbers.

    way to go, u.s., cutting the leg you ar
  • by Anonymous Coward

    I worked in the security industry for many years and we had contracts with a number of government departments, major ISPs, and enterprise businesses. Our talks with the DHS ended when they suggested making a Windows-based version of our Linux-based network security server. The conversation went something like this:

    Us: "Sure we could do it, but it would cost more, be slower, and have poorer performance because we wouldn't be able to modify the OS directly to support what we need. You'd need a significant nu

  • Follow the money (Score:3, Informative)

    by barzok ( 26681 ) on Friday November 19, 2010 @11:13AM (#34281660)

    How would this benefit Rep. Thompson's campaign & PAC funding? "Defense Electronics" firms are the #3 contributor to his campaign & leadership PAC for 2009-2010. "Computers/Internet" were #3 for the 2008 campaign.

    http://www.opensecrets.org/politicians/summary.php?cid=N00003288 [opensecrets.org]

    • by geekoid ( 135745 )

      What are you talking about? I don't see defense electronics or computers/internet on that page. I do see donors this would hurt.

  • Senator Palpatine will protect us!
  • by scorp1us ( 235526 ) on Friday November 19, 2010 @11:18AM (#34281718) Journal

    So we'll have the same policy for fliers as packets? Deep, humiliating inspections?

  • Representative Thompson is my congressman. He'll be getting a letter from me expressing my opposition to this measure.

  • I think this begs the question, why does anyone believe that government goons would be more capable at managing a network than the private IT goons who built it?
  • ...that is, I've seen this bull before. At least twice, previously phrased as an "internet kill switch". Unfortunately, the problem with bad ideas is they're almost certainly to eventually become law.

  • I have no problem with contractors agreeing to some sort of security standard as a condition of doing business with the government. At least they are going in to their relationship with their eyes open. But what constitutes a 'critical' network? And can the feds put my system on the list without my input?

    If I offer some goods or services and one day, a customer walks in my front door with a GSA credit card, does that make me a vendor to the government? If they say 'we simply must have your product/service

  • they clearly aren't doing it themselves, and there is no market choice in these situations.

  • This is the sort of idea that gets the Libertarians and other radical right-wing types all up in arms, screaming about socialism, government power grabs, and the need to throw the whole bunch out and put in toll roads and pay-as-you-go government.

    They're still wackadoodles, and still marginalized, but this is their bread and butter.

    A stupid idea, unless, of course, you are willing to cede to the federal government both responsibility and authority to run the country directly. Not just govern, but operate.


  • Am I the only one who finds similarities with how the DHS is getting more and more control over things, just like FEMA did in the first Deus Ex game? That didn't end well...

  • Such firms include utilities, communications providers and financial institutions.

    Thus giving DHS full regulatory authority to, though that "enforce" word, monitor your ISP and your bank real-time (something the NSA was never allowed to do legally).

    And once again Big Brother's tendrils are set to grow.

"I shall expect a chemical cure for psychopathic behavior by 10 A.M. tomorrow, or I'll have your guts for spaghetti." -- a comic panel by Cotham