Re: [Full-disclosure] Fwd: cnn.com - Homeland Security seeks cyber counterattack system (Einstein 3.0)
Yes, they put these bizarre ideas out there to see what public opinion is, they don't have a chance in hell of implementing it. On Sun, Oct 5, 2008 at 6:46 PM, James Matthews <nytrokiss@gmail.com> wrote:
They generally don't have any clue what they want. This is only a PR stunt
On Sun, Oct 5, 2008 at 10:30 AM, n3td3v <xploitable@gmail.com> wrote:
Bad idea,
The rogue government would use hospitals and power stations, to "cyber human shield" against the counter attack.
You guys are living in cloud cuckoo land. The rogue government wouldn't have their bot nets in home computers that you could shut down easily.
Read my rant about it all with the link below that I typed in May 2008 to stop the "Afcyber" idea going through.
http://lists.grok.org.uk/pipermail/full-disclosure/2008-May/062517.html
All the best,
n3td3v
---------- Forwarded message ---------- From: Tony Patti <tony@swalter.com> Date: Sun, Oct 5, 2008 at 5:20 PM Subject: cnn.com - Homeland Security seeks cyber counterattack system (Einstein 3.0) To: "nanog@nanog.org" <nanog@nanog.org>
I presume this CNN article falls within the "Internet operational and technical issues" (especially security) criteria of the NANOG AUP, in terms of "operat[ing] an Internet connected network", especially where Chertoff refers to " like an anti-aircraft weapon, shoot down an [Internet] attack before it hits its target".
http://www.cnn.com/2008/TECH/10/04/chertoff.cyber.security/index.html
Homeland Security seeks cyber counterattack system
WASHINGTON (CNN) -- First, there was "Einstein," the federal government's effort to protect itself from cyber attacks by limiting the number of portals to government computer systems and searching for signs of cyber tampering.
Then Einstein 2.0, a system now being tested to detect computer intrusions as they happen.
And in the future? Perhaps Einstein 3.0, which would give the government the ability to fight back.
Homeland Security Secretary Michael Chertoff on Friday said he'd like to see a government computer infrastructure that could look for early indications of computer skullduggery and stop it before it happens.
The system "would literally, like an anti-aircraft weapon, shoot down an attack before it hits its target," he said. "And that's what we call Einstein 3.0."
At a meeting with reporters to highlight National Cyber Security Month, Chertoff reiterated his belief that the government should aggressively defend its computer systems, saying that terrorists, if they gain expertise already available to others, would "cause potentially very serious havoc" to government systems.
"Let's make the investment now rather than wait until there's a huge catastrophe," he said.
But despite his emphasis on the risks posed, Chertoff said the government is moving slowly to avoid stepping on the toes of the private sector as it addresses calls to reorganize the governance of cyberspace to provide accountability and authority.
"I think the question of what is the government's role in cyberspace in general needs to be discussed among all the stakeholders, because there is a culture of cyberspace that is an open architecture," he said. "And I think if we just came in and said we want to take it over, there'd be, understandably, a considerable amount of discomfort with that."
"We are deliberately going slowly because we recognize that the issue of government involvement in the Internet is fraught with all kinds of potential concerns and potential anxieties about not having the government have a big-foot impact on an area of communication and commerce that has traditionally been viewed as really independent and free."
Chertoff said the government is "feeling our way to what is the right mix of government involvement with protecting the Internet in the private domain while preserving everybody's comfort level that we're not going to be in their business in a way that would be inappropriate."
Asked if he envisioned a world with two cyberspaces, he said he envisions a world with "a lot of different levels of security and trust, depending upon the nature of what it is that you're doing."
"We already have that now, in the sense that we have classified systems which are walled off from unclassified systems," he said. The Bush administration released its National Cyber Security Initiative in January. The "most immediate component" of it from the Department of Homeland Security's perspective, Chertoff said, is to increase security for federal government computer systems.
But another priority is to work with the private sector to address threats to businesses. This includes not only protection from hackers, but also from counterfeit parts, which an individual or another nation could use to create vulnerabilities in the United States, he said. E-mail to a friend
Tony Patti CIO S. Walter Packaging Corp.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
participants (1)
-
n3td3v