[NCSG-Discuss] CISPA 2.0

Michael Haffely ncuc at jollyrogers.com
Wed Jan 30 01:54:20 CET 2013


It concerns me that "I don't use email, some would call me a
Luddite<http://mashable.com/2012/09/28/janet-napolitano-email/>"
Napalitano wants DHS to have "*greater access to internet and cybersecurity
information from the private sector*"  She doesn't have anything to be
concerned about or lose as she isn't a participant of/in either the
internet or the private sector.  She also said of a potential "Digital
9/11" "*There are things we can and should be doing right now that, if not
prevent, would mitigate the extent of the damage"  *What things?  What
isn't being done?

I also have doubts about the "Cyber Pearl Harbor that will occur and be as
bad as the September 11 attacks" meme that is thrown about. In my opinion
there has not been a Cyber Pearl Harbor threat model that isn't akin to a
movie plot, and the security community is, for the most part, very good
with sharing/alerting when a weird problem arises (CERT, SANS ISC, Mitre's
CVE, informal lines of communication, etc.).  I would encourage United
States citizens to contact your representatives and let them know that this
not the direction we should go, the proposed measures do little to
pro-actively protect the internet as giving DHS access to "internet and
cybersecurity information" will not protect, nor prevent an attack (and
what would they do with it?  Raid offices of companies with unpatched
equipment/servers?  Force them to upgrade? Require attestation of
compliance?).  Information of this type would probably only be useful to
attempt prosecution after an event.

It's an incomplete thought but just my two cents.



On Sat, Jan 26, 2013 at 11:55 AM, Carl Smith <lectriclou at hotmail.com> wrote:

>  Homeland Security's Napolitano invokes 9/11 to push for CISPA 2.0
>
> Link     https://rt.com/usa/news/napolitano-us-cyber-attack-761/
>
> Lou
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20130129/f2e097c9/attachment-0001.html>


More information about the Ncuc-discuss mailing list