Create an Account
username: password:
 
  MemeStreams Logo

RE: WSJ | Bush Looks to Beef Up Protection Against Cyberattacks
search
Home Agent Weblogs Social Network Post Help About

noteworthy
Picture of noteworthy
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

noteworthy's topics
Arts
  Literature
   Fiction
   Non-Fiction
  Movies
   Documentary
   Drama
   Film Noir
   Sci-Fi/Fantasy Films
   War
  Music
  TV
   TV Documentary
Business
  Tech Industry
  Telecom Industry
  Management
Games
Health and Wellness
Home and Garden
Miscellaneous
  Humor
  MemeStreams
   Using MemeStreams
Current Events
  War on Terrorism
  Elections
  Israeli/Palestinian
Recreation
  Cars and Trucks
  Travel
   Asian Travel
Local Information
  Food
  SF Bay Area Events
Science
  History
  Math
  Nano Tech
  Physics
  Space
Society
  Economics
  Education
  Futurism
  International Relations
  History
  Politics and Law
   Civil Liberties
    Surveillance
   Intellectual Property
  Media
   Blogging
  Military
  Philosophy
Sports
Technology
  Biotechnology
  Computers
   Computer Security
    Cryptography
   Human Computer Interaction
   Knowledge Management
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!


 
RE: WSJ | Bush Looks to Beef Up Protection Against Cyberattacks
Topic: Surveillance 9:11 pm EST, Jan 28, 2008

Rattle quoted WSJ:

President Bush has promised a frugal budget proposal next month, but one big-ticket item is stirring controversy: an estimated $6 billion to build a secretive system protecting U.S. communication networks from attacks by terrorists, spies and hackers.

Then Decius asked:

Could it be related to this?

And by that you mean The Spymaster, which I recommended earlier this month. The article recommended by Rattle is here in full text. Significantly, the figure cited above is only the starting point:

The administration’s plan is to reduce points of access between the Internet and the government and to use sensors to detect intrusions displaying potentially nefarious patterns, said former top intelligence officials. The program would first be used on government networks and then adapted to private networks. Former officials said the final price tag is approaching an estimated $30 billion over seven years, including a 2009 infusion of around $6 billion, though those numbers could change significantly as the plan develops.

This Chertoff quote is either amusing or disturbing, depending on your perspective:

"There is a lot of thought being given to: How do you organize this in a way that protects an incredibly valuable asset in the United States but does it in a way that doesn’t alarm reasonable people, and I underline reasonable people, in terms of civil liberties?"

Finally:

The CIA and the Pentagon didn’t want other agencies mucking about ...

This tussle is referred to at the end of the Washington Post coverage just now recommended here.

What's silly here is that no one is talking about ROC curves. How can you even propose to monitor the open Internet? The human resources involved would be outrageous, no? Not quite as bad as having human telephone switch operators, but as presented, this proposal simply doesn't scale, and as such is not credible. The stated intention to "protect US networks from hackers" is not credible, because the proposed task cannot be resourced. How much can they really accomplish, anyway? Consider the following:

Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection

All currently available network intrusion detection (ID) systems rely upon a mechanism of data collection -- passive protocol analysis -- which is fundamentally flawed.

Maybe they intend to install normalizers at every access router in the US?

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics

A fundamental problem for network intrusion detection systems is the ability of a skilled attacker to evade detection by exploiting ambiguities in the traffic stream as seen by the monitor. We discuss the viability of addressing this problem by introducing a new network forwarding element called a traffic normalizer. The normalizer sits directly in the path of traffic into a site and patches up the packet stream to eliminate potential ambiguities before the traffic is seen by the monitor, removing evasion opportunities.

Of course even then you face The Eavesdropper's Dilemma.

RE: WSJ | Bush Looks to Beef Up Protection Against Cyberattacks

Thread [9]


  
 
Powered By Industrial Memetics		RSS2.0