Internet Czar and Regulation Bill?

[kandrathe]

First I've ever even heard of this before. Anyone got more information on this? As usual, Fox News exceptionally vague trying the fear-mongering technique, but it article makes it sound like America's internet could become the next China in terms of what we can and can't do on the internet.

Check out Internet2. Technically, there really is a need for something more secure than the free for all we have now. I don't agree that the government should need a czar to control it, but they could give the project a big kick in the butt to keep it moving forward. Essentially, a smart hacker can sniff data off the network and given a beefy laptop, decrypt (if needed) most of it on the fly. Look into GhostNet for reasons why we need something better in order to move forward. I've already had my rant here on how my cable system is unsecured. So much so, that the day they hooked me up, I was able to hack into my home machine from work in under 5 minutes. I stopped by the store on the way home to get a firewall router to secure my home.

Every responsible organization connected to the internet needs to be security aware, but still the biggest threats are the foolhardy people who are inside that organization. At a C2 secure facility I worked at, the only breach we ever had was by an executive who brought his tainted home laptop to work one day and plugged it into the wall. The tripwires fired immediately as the malware in his system tried to attack our servers. I thought we had been hacked through the firewall, so I pulled the plug on the hard line to the internet. It didn't stop, so we brought down all the servers, and fired up the sniffers until we found the machine that was compromised. The malware did find another unsecured system to infect, and it was the phone system that we had an external vendor install and manage, which was only connected to the net for printing reports. After that incident, we took over the security for the phone systems as well. The problem with ubiquitous computing is that as we move toward intelligent and wireless everything, people do not recognize that cool gizmo in their purse or backpack as a potential threat.

The hardest place I've had to secure though was a college. Everyone on the inside of the network wants total freedom and total security. They had a packetshaper and extensive VLAN topology. We also set up many monitoring scripts, including one that would automatically remove ports from the network that originated any problem. Then, you just need to deal with the help desk call from the professor or student who caused the issue. In order to get back onto the network, they would need to allow us to re-certify their computer to insure it was not compromised or a zombie (automated using Cisco Campus Manager).

I think there needs to be a tiered system. One network for government, one for education, and one for commerce. You might have an address in multiple networks, but you wouldn't easily get from one to another. Right now we just have the one big network that should always be considered insecure. I believe that hackers broke into computer systems of companies working on the JSF, not the Pentagon itself. It would make sense that if someone were able to break through the security of one embassy, then all with that same architecture would be compromised. This is one reason I like to use non-standard and heterogenous suppliers for network security appliances.