Bill before Congress on Internet Control

[Cool Beans]

I've just read through a lot of this bill and its worded to sound like its for security but, knowing the IT field, this will give the government almost total control of all internet traffic in the US in the name of Cyber Security. There's some on domain names and a lot on traffic control. I heard there was some on "hateful emails", that would require a 24 cooling off period to let you reconsider your email and also one that websites would be required to post links opposing opinions, but didn't see those two in the bill. I haven't read it all yet, but scary stuff here.

http://www.opencongress.org/bill/111-s773/text

Currently it is in committee, so hopefully it dies there.

[Raven]

meaning the electrical grid
water supply computers
anything related to homeland security
should have it's own domain i think
or somehow be specifically segregated

the amount of money other countries are
investing in cyber war technology is alarming
considering that a huge cyber attack on the usa
can inflict as much damage as 9/11 did and more

the time to hit us in the wallet is now
so i am happy to see this Bill coming
it is way way over due.

[Cool Beans]

This is typical of Liberal bills, it's for a good reason, and a lot of it may make sense, but it also gives too much control to the government. The same people that cry about "unwarranted wire taps, phone monitoring and monitoring email form certain countries" and say how it's infringing on their rights and how we shouldn't do it, will support this, because it is worded to make you "feel good about it" but allows a mot more "infringing" to be possible.


I want to look up China's laws on this and I bet their will be a lot of similarities....

[The Dad Fisherman]

I don't see anything wrong with this bill. With the accelerating level of cyberattacks out there this looks like a good 1st step in the process of defending against them. This bill isn't aimed at all of the internet, it is aimed at Internet accessability by Federal Agencies, Government Contractors, and companies deemed Vital (Telephone, Electrical, and other Infrastructure services).

there are a lot of good things that are in this bill.

1st Establishing a board who's main purpose is Standardizing a group of procedures and policies that these groups will operate under (No different then any other large company in Corporate America)

2nd is setting up a certification program to make sure that all Security Professionals are trained, certified and re-certified to maintain a high level of knowledge. I am already seeing this where I'm working now...most of the higher level IT admins are being required to be CISSP certified. I have been told that I need to be MCSA+ Security certified by end of August.

3rd They are requiring Software companies to Validate their applications for security flaws before the are purchased for use on the Government Networks. Everytime you introduce new S/W you introduce the possibility of new vulnerabilities. This will require software companies to spend extra time fixing Security Vulnerabilities and not just selling functionality.

4th It lays the ground work to keep and maintain a Trained and certified security workforce. We all know that the nature of IT is to move around a lot....they are addressing this by setting up programs that will keep new and highly trained people entering the security force.

5th they are establishing a process to actually monitor to make sure these procedures are being implemented. This is our national security we are talking about and it need to be constantly monitored.

I know people tend to freak out when they hear Government and IT in the same sentance and start thinking "Big Brother" but I don't see that in this bill. Thought it might of been in paragraph 17 but after re-reading it, once again, it pertains to Federal Agencies, Government Contractors and Vital Systems. This was nothing more than your typical "Acceptable Use" Policy that most companies have.

[Cool Beans]

Very good points there Dadfisherman.
I recently retired from the navy in the IT field and rest assured, all of these things are already implemented on our networks. With the exception of the recert of the techs, I know some that got certified 5 or 6 years ago and haven't recertified. But all traffic to and from is monitored by the security on site as well as a third party company hired to monitor traffic and maintain security. Every email to and from the base can be intercepted, and all traffic is monitored closely. So I think the use of Federal agencies, Government contractors and others deemed appropriate is where the hole lies. Almost every coorperation in the US have contracts with the government, ie. McDonald's and Burger King are both government contractors. Maybe I'm seeing the boogie man in the closet, but I think there is enough gray areas, to allow almost everything to be included their definitions.

Like I said you make a lot of good points, but I've seen alot of it already employed on base, not sure about the private contractor side though......

[Raven]

but to tell ya the truth.............

i got the chills big time yesterday .....
while watching the news on the spam flu ok

and they were talking about how google
was mapping the google "search queries "
down in Mexico and everywhere just north
of the border prior to the pandemic breakout
or the ground zero....kid's location

when people (SEARCHED) about .... sneezing
or elevated temperatures anything that appeared to
be looking for swine flu symptoms........

it was all being MAPPED

[Cool Beans]

Yep, Buckman posted a link to that in the scuppers threads.
Luckily it isn't on maps.live with their birds eye view you would be able to see their houses....

http://maps.google.com/maps/ms?ie=UT...1&source=embed
This takes a few seconds to load before all the little people show up on the map.

[RIJIMMY]

Quote:

Originally Posted by The Dad Fisherman

I don't see anything wrong with this bill. With the accelerating level of cyberattacks out there this looks like a good 1st step in the process of defending against them. This bill isn't aimed at all of the internet, it is aimed at Internet accessability by Federal Agencies, Government Contractors, and companies deemed Vital (Telephone, Electrical, and other Infrastructure services).

there are a lot of good things that are in this bill.

1st Establishing a board who's main purpose is Standardizing a group of procedures and policies that these groups will operate under (No different then any other large company in Corporate America)

2nd is setting up a certification program to make sure that all Security Professionals are trained, certified and re-certified to maintain a high level of knowledge. I am already seeing this where I'm working now...most of the higher level IT admins are being required to be CISSP certified. I have been told that I need to be MCSA+ Security certified by end of August.

3rd They are requiring Software companies to Validate their applications for security flaws before the are purchased for use on the Government Networks. Everytime you introduce new S/W you introduce the possibility of new vulnerabilities. This will require software companies to spend extra time fixing Security Vulnerabilities and not just selling functionality.

4th It lays the ground work to keep and maintain a Trained and certified security workforce. We all know that the nature of IT is to move around a lot....they are addressing this by setting up programs that will keep new and highly trained people entering the security force.

5th they are establishing a process to actually monitor to make sure these procedures are being implemented. This is our national security we are talking about and it need to be constantly monitored.

I know people tend to freak out when they hear Government and IT in the same sentance and start thinking "Big Brother" but I don't see that in this bill. Thought it might of been in paragraph 17 but after re-reading it, once again, it pertains to Federal Agencies, Government Contractors and Vital Systems. This was nothing more than your typical "Acceptable Use" Policy that most companies have.

Welcome back,
Your dreams were your ticket out.
Welcome back,
To that same old place that you laughed about.
Well the names have all changed since you hung around,
But those dreams have remained and they're turned around.
Who'd have thought they'd lead ya (Who'd have thought they'd lead ya)
Here where we need ya (Here where we need ya)
Yeah we tease him a lot cause we've hot him on the spot, welcome back,
Welcome back, welcome back, welcome back.

[JohnnyD]

Quote:

Originally Posted by Cool Beans

This is typical of Liberal bills, it's for a good reason, and a lot of it may make sense, but it also gives too much control to the government.

Typical of Liberal bills, huh?

Your description sounds exactly like the Patriot Act.

It's not a liberal thing, it's a Congressional thing.

[fishbones]

Is this in anyway going to prevent me from watching porn and funny videos on the internet?

If not, I have no problem with it.

[The Dad Fisherman]

I knew I'd be hearing from you .....its a short lived stay, I saw the thread title and thought I might actually have some valuable input for it. I'll be returning to my happy place real soon.

Quote:

Originally Posted by RIJIMMY

Welcome back,
Your dreams were your ticket out.
Welcome back,
To that same old place that you laughed about.
Well the names have all changed since you hung around,
But those dreams have remained and they're turned around.
Who'd have thought they'd lead ya (Who'd have thought they'd lead ya)
Here where we need ya (Here where we need ya)
Yeah we tease him a lot cause we've hot him on the spot, welcome back,
Welcome back, welcome back, welcome back.

[RIJIMMY]

I hear ya, I've been trying to stay away too.

[likwid]

Quote:

Originally Posted by The Dad Fisherman

2nd is setting up a certification program to make sure that all Security Professionals are trained, certified and re-certified to maintain a high level of knowledge. I am already seeing this where I'm working now...most of the higher level IT admins are being required to be CISSP certified. I have been told that I need to be MCSA+ Security certified by end of August.

Great, just what we need, more idiots with a piece of paper that think they know anything.