+ Reply to thread
Results 1 to 27 of 27

Thread: "Cybersecurity Act would give president power to 'shut down' Internet"

  1. #1
    Banned
    Registered
    Mar 2009
    Location
    Michigan
    Posts
    3,590

    Default "Cybersecurity Act would give president power to 'shut down' Internet"

    http://rawstory.com/news/2008/Cybersecu ... _0413.html
    A recently proposed but little-noticed Senate bill would allow the federal government to shut down the Internet in times of declared emergency, and enables unprecedented federal oversight of private network administration.
    It's unfortunate that the Obama administration does not seem to be doing anything to divest the federal government of the new powers it decided to take after 9/11. Now they want an off-switch so they can turn off the internet when necessary -- what is the conceivable circumstance in which this would be a even useful to the government, let alone in which it would justify basically shutting down world telecommunications?

    I'm hoping someone around here knows more about the architecture of the internet than me. How much could the US government do? How functional would the parts outside the US be if Obama flipped the big switch?

  2. #2
    Arms of Steel, Leg of Jello runner pat's avatar
    Registered
    Feb 2009
    Location
    Turlock, Ca
    Posts
    205

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    I thought the whole point of the original intent of what is now the Internet was to not be vulnerable to a single point being taken out.

    I going through your link(and it's links) right now but I'm willing to bet this is either Congressional idiocy in regards to computers in general, paranoia or some combination of both.
    "To give anything less than your best is to waste the Gift."
    Steve Prefontaine

  3. #3
    Arms of Steel, Leg of Jello runner pat's avatar
    Registered
    Feb 2009
    Location
    Turlock, Ca
    Posts
    205

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    From the summary linked to in this article

    This section also outlines a number of important functions and authority of the National Cybersecurity Advisor, including the authority to disconnect a Federal or critical infrastructure network from the Internet if they are found to be at risk of cyber attack.
    Underlining mine.

    fixed typo
    "To give anything less than your best is to waste the Gift."
    Steve Prefontaine

  4. #4
    Elephant
    Registered
    Mar 2009
    Location
    :noitacoL
    Posts
    651

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Never mind.... /Emily Litella
    "Dude, your statistical average, which was already in the toilet, just took a plunge into the Earth's mantle." ~ iampunha

  5. #5
    Banned
    Registered
    Mar 2009
    Location
    Michigan
    Posts
    3,590

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by RoOsh
    Never mind.... /Emily Litella
    If you're implying that you think that this law wouldn't do what is being reported, I'd be curious as to why.

  6. #6
    Arms of Steel, Leg of Jello runner pat's avatar
    Registered
    Feb 2009
    Location
    Turlock, Ca
    Posts
    205

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Full text of S. 773

    Sec. 18 Paragraph 2

    (2) may declare a cybersecurity emergency and order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network;
    Since none of the stories about this bother to link to the section that has them worried, I will presume this is the relevant text.

    As the summary I linked to in my earlier post stated, this allows infrastructure to be disconnected FROM the Internet, not shut down the entire Internet.
    "To give anything less than your best is to waste the Gift."
    Steve Prefontaine

  7. #7
    Oliphaunt
    Registered
    Mar 2009
    Posts
    1,102

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Sounds like someone's been watching Fox Noise.

  8. #8
    Banned
    Registered
    Mar 2009
    Location
    Michigan
    Posts
    3,590

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by runner pat
    Since none of the stories about this bother to link to the section that has them worried, I will presume this is the relevant text.

    As the summary I linked to in my earlier post stated, this allows infrastructure to be disconnected FROM the Internet, not shut down the entire Internet.
    Yeah, I can't find anything else that sounds closer. It'd be a stretch to construe paragraph 2 as conferring the power to shut down the internet.

    DAMN YOU LYING LIBERAL MEDIA! :: shakes fist ::

  9. #9
    Oliphaunt
    Registered
    Mar 2009
    Location
    Sweden
    Posts
    1,149

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    If the law said what was originally claimed, it would be pointless. It's impossible to shut down internet, even if you are Barack Obama.

  10. #10
    Banned
    Registered
    Mar 2009
    Location
    Michigan
    Posts
    3,590

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by Harlequin
    If the law said what was originally claimed, it would be pointless. It's impossible to shut down internet, even if you are Barack Obama.
    Uh, I don't think that's true. It would be reasonably easily possible to do so in the United States, if you had the force of law behind you; there's few enough big central pipes that if the government were able to legally require AT&T and the few other big telecommunications companies that own them to shut them off, it would basically disable the internet at least here in the US. Maybe someone who knows more can contradict me here but at least based on my knowledge of how the thing works there's no reason this should be some sort of impossible technical challenge.

  11. #11
    Member
    Registered
    Apr 2009
    Location
    northern Wisconsin
    Posts
    76

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Hmmm. I wonder if they have a gigantic plug they can just pull. That is how I shut down the internet here.

    I say good luck with that.
    Boldly going nowhere.

  12. #12
    Oliphaunt
    Registered
    Mar 2009
    Location
    Sweden
    Posts
    1,149

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by Excalibur
    Quote Originally posted by Harlequin
    If the law said what was originally claimed, it would be pointless. It's impossible to shut down internet, even if you are Barack Obama.
    Uh, I don't think that's true. It would be reasonably easily possible to do so in the United States, if you had the force of law behind you; there's few enough big central pipes that if the government were able to legally require AT&T and the few other big telecommunications companies that own them to shut them off, it would basically disable the internet at least here in the US. Maybe someone who knows more can contradict me here but at least based on my knowledge of how the thing works there's no reason this should be some sort of impossible technical challenge.
    If we limit it to just the US, it moves toward the realm of possibility, but I don't think it enters. You'll still have the people who'll get satellite access or set up pirate transmitters to Mexico and Canada. If it's American sites rather than American connectivity it's obviously easier, but even then it will only take hours, if that, for mirror sites to spring up abroad.

  13. #13
    Banned
    Registered
    Mar 2009
    Location
    Michigan
    Posts
    3,590

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by Harlequin
    If we limit it to just the US, it moves toward the realm of possibility, but I don't think it enters. You'll still have the people who'll get satellite access or set up pirate transmitters to Mexico and Canada. If it's American sites rather than American connectivity it's obviously easier, but even then it will only take hours, if that, for mirror sites to spring up abroad.
    So a few people with advanced technical knowledge could probably get internet access through other countries. Okay.

  14. #14
    Oliphaunt
    Registered
    Mar 2009
    Location
    Sweden
    Posts
    1,149

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by Excalibur
    Quote Originally posted by Harlequin
    If we limit it to just the US, it moves toward the realm of possibility, but I don't think it enters. You'll still have the people who'll get satellite access or set up pirate transmitters to Mexico and Canada. If it's American sites rather than American connectivity it's obviously easier, but even then it will only take hours, if that, for mirror sites to spring up abroad.
    So a few people with advanced technical knowledge could probably get internet access through other countries. Okay.
    And then spread it. Everyone wants connectivity, and everyone knows one geek. The knowledge involved isn't all that advanced either; even if the geek you know can't do it he'll know someone who can. I'd probably be asked in that situation and I know at least three people who could fix it.

  15. #15
    Member
    Registered
    Mar 2009
    Location
    Central WA
    Posts
    18

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by Excalibur
    Quote Originally posted by Harlequin
    If the law said what was originally claimed, it would be pointless. It's impossible to shut down internet, even if you are Barack Obama.
    Uh, I don't think that's true.
    Yeah, it is. The idea of an "Internet off switch" is nonsense. No, really -- it literally makes no sense.

    Look, "The Internet" is used as a catch-all term for an awful lot of capabilities. And that's OK, for most discussion purposes, as far as it goes...but it's probably more productive (and informative) in this case to think of it in terms of communication protocols. Which are, at this point, so ubiquitous, well-understood, and widespread that they could be quickly and easily re-implemented...from scratch, if necessary.

    Granted -- having the major telcos shut down their pipes certainly would create a major disruption, no matter how brief. And perhaps a disruption of network connectivity is enough to meet most people's definition of "shut down" -- after all, if you're the one affected, there really isn't a discernable difference. But, put simply, if people can communicate using electronic devices, "The Internet" is/will be functioning. Perhaps not smoothly, nor quickly, nor even with full connectivity between all extant networks. But it can only be "shut down" when every communication link is disabled. In the absolute worst case, enough people have wireless cards/routers that ad hoc connections would/could be used for quite a bit of functionality.

    I will note that there are legitimate concerns about this proposal. But, as stated in the OP's title, this criticism of the bill is such a load of ignorance that it lends an air of respectability to the "Obama isn't a U.S. citizen" meme. And that's quite a feat.

  16. #16
    Banned
    Registered
    Mar 2009
    Location
    Michigan
    Posts
    3,590

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by Digital Stimulus
    Look, "The Internet" is used as a catch-all term for an awful lot of capabilities. And that's OK, for most discussion purposes, as far as it goes...but it's probably more productive (and informative) in this case to think of it in terms of communication protocols. Which are, at this point, so ubiquitous, well-understood, and widespread that they could be quickly and easily re-implemented...from scratch, if necessary.
    I don't really have any idea what your point here could possibly be. If you are looking at the "Internet" as a standard set of communication protocols, I suppose it couldn't be "shut down" since we could reimplement it on carrier pigeons if necessary. But if the major telecommunications companies shut down the big pipes that a lot of traffic goes through, the Internet would, in a practical sense, be "turned off" in the United States until they reenabled those pipes. Correct?

  17. #17
    Member
    Registered
    Mar 2009
    Location
    Tinseltown
    Posts
    41

    Default Wouldn't existing legislation do the trick?

    If there's national security concerns and lawful authority shows up at a carrier, subpoenas in hand, wouldn't the carrier be legally obligated to cease operations?

    Technically, huge chunks of the Internet could be shut down in practical terms within hours. If the Tier 1 carriers disable their BGP peerings and turn off their downstream routes, lower tier carriers would be insulated to some degree. Turning off the Internet Exchange Points (where multiple carriers/ISPs exchange routes) would make matters worse. There's not a huge number of international peer setups, and they tend to be owned by large and easily-found carriers. The larger webhost companies (Akamai etc.) would conceivably be subpoenaed at the same time.

    The natural state for any network is to not work - the Internet is kept running by intense effort.

    Rebuilding as a grass root efforts is a cool idea, but not what I'd call realistic. Point-to-point links are trivial, but as popular destinations become available, bandwidth demand aggregates and the link capacity gets overwhelmed.

    As for the overseas segment of the Internet, provided the shutdown didn't prevent US-owned carriers from operating, things would probably be sketchy for a few days, but most local or regional traffic would still be perfectly routable. Transatlantic capacity is expensive and European carriers don't send their traffic to the US if there's a better path.

  18. #18
    aka ivan the not-quite-as-terrible ivan astikov's avatar
    Registered
    Feb 2009
    Location
    moston, UK.
    Posts
    4,779

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Can anyone come up with a scenario that might necessitate such a reaction? All I can think of is to stop some kind of virus proliferation, maybe?
    To sleep, perchance to experience amygdalocortical activation and prefrontal deactivation.

  19. #19
    Member
    Registered
    Mar 2009
    Location
    Tinseltown
    Posts
    41

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by ivan astikov
    Can anyone come up with a scenario that might necessitate such a reaction? All I can think of is to stop some kind of virus proliferation, maybe?
    A complete shutdown would be akin to shutting down the entire phone network - perhaps worse. The economic implications would be severe, to say the least. I could see why having targeted black-holing of specific subnets or hosts could be useful - to control virus/worms or attacks, as you say, or to put pressure on recalcitrant nations.

  20. #20
    Stegodon
    Registered
    Mar 2009
    Location
    SoCal
    Posts
    354

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Wait, why are we angry with President Obama for a bill submitted by a Congresscritter? Unless the president has said that he supports this bill and wants it to pass, we don't have any evidence he's even thought about, let alone approved, it.
    The panther is like the leopard, except it hasn't been peppered.
    If you see a panther crouch, prepare to say "ouch!".
    Better yet, if called by a panther, don't anther.
    - Ogden Nash

  21. #21
    Elephant
    Registered
    Mar 2009
    Location
    Plattsburgh, NY
    Posts
    528

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    We're going a bit off into fantasy land.. As quoted above, the bill, if it even passed, would only cut government computers/networks from the internet in the case of some emergency (like, say, a massive hacking attack). We're not talking about some big ass two foot around cable that goes into a plug in the oval office for Obama to pull if he doesn't approve of you downloading or hosting midget porn.

  22. #22
    Member
    Registered
    Mar 2009
    Location
    Central WA
    Posts
    18

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by Excalibur
    I don't really have any idea what your point here could possibly be.
    My point is that the phrase "shut down the Internet" is nonsensical. As are most, if not all, politically motivated, scare-mongering memes. And I'd reiterate: if any one person cannot get connectivity, the Internet has been "turned off" for them in every practical sense. Which is a far cry from the OP:
    It's unfortunate that the Obama administration does not seem to be doing anything to divest the federal government of the new powers it decided to take after 9/11. Now they want an off-switch so they can turn off the internet when necessary -- what is the conceivable circumstance in which this would be a even useful to the government, let alone in which it would justify basically shutting down world telecommunications?
    The notion of "turning off the internet" is monumentally stupid for one of two reasons: (1) if one takes the phrase literally, its total and utter impracticality is inane (as pointed out by Clayton_e) or (2) if one takes it as a catch-all phrase, the sweeping non-specificity involved makes it nothing but a convenient stand-in for a metric tonne of non-thought and ignorance (which Spiny Norman is countering).

    But even beyond that, this bill doesn't come from Obama (as pointed out by phouka), it wouldn't "basically shut down world communications" (holy over-inflated American self-importance on display), and has nothing to do with 9/11 (where the fuck did you dredge that up from?).

    Bleah -- there's little that gets my dander up than idiotic political catch-phrases. So, my apologies for that. With the above out of my system, I'll continue in another post with a more reasoned tone and some actual substance.

  23. #23
    Member
    Registered
    Mar 2009
    Location
    Central WA
    Posts
    18

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    As much as I like to don my tin-foil hat from time to time, at the very least I try to do so for (semi-)plausible and legitimate reasons. So, I sat down and actually read the bill's actual text...it's just not that long. And I'd advocate against it (the bill, that is), even though most of it simply lays out research initiatives and the like (which I actually support). Specific areas of concern include (yes, you'll have to read it yourself to know what I'm talking about):
    • Sec. 3(f) -- I have little idea of what FACA sunset is, much less why the panel needs exemption[/*:m:li1bpq7h]
    • Sec. 11(a)(6) -- whoops! There goes internet anonymity...[/*:m:li1bpq7h]
    • Sec. 14(b)(1) -- one of the passages creating the ruckus; specifically, the universal "all" and the exemption from restrictions (but see below)[/*:m:li1bpq7h]
    • Sec. 17 -- the mere mention of an "identity management" program, even qualified with "appropriate civil liberties and privacy protections" should give everyone pause[/*:m:li1bpq7h]
    • Sec. 18 -- the other passage creating all the ruckus (specifically subsections 2 and 6; but see below)[/*:m:li1bpq7h]
    • Sec. 23(b) -- more specifically, the non-statement of qualifying criteria[/*:m:li1bpq7h]
    With an acceptable settling of the last item, IMHO, both passages responsible for the "shutting down the Internet" ridiculousness go away. Yes, I concede that there's an issue -- (1) I don't like it that private entities should be subject to outside authority that cannot be questioned and (2) it's not clear to me that if/when the proposed regional centers are set up, said authority would even be necessary. It seems to me that the situation where private entities need disconnection but don't undertake it themselves would be due to having bad sysadmins (assuming they have sysadmins); with guidance from experts at a regional center, that would (hopefully) be a non-issue. Although I will say that, as with any bureaucracy, a definitive chain of authority might be required for timely action. And, having that decision come directly from the President kind of makes it hard to hide (and thus, less likely to happen).

    No, more troubling to me are the privacy concerns involved. Such things are not only prone to abuse, they're also easier to hide, more pervasive, and more likely to never gain public notice. And these issues are only going to grow as more information becomes data.

    In general, I tend to agree with the EFF (thanks for the link, runner pat). Although, in this case, I think the EFF author takes the wrong lesson from the linked Schneier essay -- the bill, as it now reads, would do much to address Schneier's concerns. So, in my estimation, the bulk of the bill is good; remove and/or redefine a few small (but not minor!) items, and it'll be something I can genuinely get behind.

    But, FFS, please treat the "internet off-switch" idea like the crap that it is.

  24. #24
    Member
    Registered
    Mar 2009
    Location
    On Veronica Lake
    Posts
    86

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Frankly, I've never understood why the government has "secure networks" that have Internet portals. Seems to me that in such cases you would want a brick wall, not a firewall. If you want to keep your network secure, don't build it with any nodes that connect with other networks. Simple, eh? If you have to transfer data between two separate systems, do it the old-fashinoned way: dump the data on a floppy disk (okay, these days, a flash drive) and hand-carry it between machines.

  25. #25
    Elephant
    Registered
    Feb 2009
    Posts
    909

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Even if the federal government could shut down the internet (which they cannot, because it is just not possible), they wouldn't. Without the internet, the US Financial system would collapse, leading to global economic chaos. Kind of like something you'd see in a Superman movie.

  26. #26
    Elephant
    Registered
    Feb 2009
    Posts
    909

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    Quote Originally posted by BJMoose
    Frankly, I've never understood why the government has "secure networks" that have Internet portals. Seems to me that in such cases you would want a brick wall, not a firewall. If you want to keep your network secure, don't build it with any nodes that connect with other networks. Simple, eh? If you have to transfer data between two separate systems, do it the old-fashinoned way: dump the data on a floppy disk (okay, these days, a flash drive) and hand-carry it between machines.
    That's the absolute worste way to handle data if you want it secure - no records of data transfer, no trail of breadcrumbs (i.e. logon name, source and destination info, etc.). The most secure facilities disable USB ports, do not allow CD burners or floppy drives, do not allow access to hotmail or yahoo, do not allow access to message boards, etc.

    It's also the most like way to lose or currupt your data.

  27. #27
    Member
    Registered
    Mar 2009
    Location
    Central WA
    Posts
    18

    Default Re: "Cybersecurity Act would give president power to 'shut down' Internet"

    To give some topic context and significance to the term "cybersecurity", there was an article in yesterday's NYTimes, U.S. Steps Up Effort on Digital Defenses that discusses "cyberwarfare" and the potential governmental desire for offensive capabilities. (I came across it on /. this morning.) The article has no explicit link to the bill we're discussing -- which is concerned mostly with defensive capabilities -- but it certainly serves to inform it a bit.

    A pastiche of threats strung together from the article:
    The scenarios developed last year for the incoming president...described vulnerabilities including an attack on Wall Street and one intended to bring down the nation’s electric power grid....Government officials will not discuss the details of a recent attack on the air transportation network....Studies...have focused on whether cellphone towers, emergency-service communications and hospital systems could be brought down, to sow chaos....Cyber Storm II...studied a disruption of chemical plants, rail lines, oil and gas pipelines and private computer networks. That study and others like it concluded that when attacks go global, the potential economic repercussions increase exponentially.
    Near the end, the article also sorta-kinda refers to the "who's in charge" issue that Schneier discusses; it's interesting, in a disturbing way, that the choices presented are limited to the NSA, Pentagon, etc.

+ Reply to thread

Posting rules

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts