[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Declan McCullagh über den Cybersecurity-Plan von Bush
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
Beachte vorige Mail: Er hatte schon den Draft Text vorliegen.
RB
http://news.com.com/2100-1023-958159.html
White House preps cybersecurity plan
By Declan McCullagh
Staff Writer, CNET News.com
September 16, 2002, 6:58 PM PT
http://news.com.com/2100-1023-958159.html
WASHINGTON--The White House's cyberspace security plan, scheduled to be
released Wednesday, envisions a broad new role for the federal
government in maintaining Internet security.
While couching many concepts as mere suggestions, a draft of the plan
seen by CNET News.com says the government should improve the security of
key Internet
protocols and spend tens of millions of dollars on centers to recognize
and respond to "cyber attacks."
The draft report, however, is still in flux. As of late Monday, one
controversial section that appears to have been deleted would have
required companies to contribute money to a fund to secure computer
networks.
Prepared by Richard Clarke, President Bush's special advisor for
cyberspace security, the draft says changes "will be needed" in key
Internet protocols and endorses "trustworthy computing" technologies
such as Microsoft's proposed system. Also under consideration are a
"cyber emergency response plan" that would be activated during Internet
crises and a National Cyberspace Academy to "advance research in
cybersecurity education."
It says the executive branch should consult with privacy groups and
attempt to preserve civil liberties, but concludes that in some cases,
privacy could be limited. "Allowing completely anonymous communications
on a wide-scale basis, with no possibility of determining the source,
could shelter criminal, or even terrorist communications," the draft
says.
Because the report is simply a set of recommendations prepared by the
Bush administration, there is no compulsion for private firms to follow
its recommendations. But because it is backed by the White House during
a time of heightened security consciousness, it likely will be taken
seriously by legislators when they consider new laws.
In October 2001, in the wake of the Sept. 11 terrorist attacks,
President Bush appointed Clarke to coordinate the administration's
Internet security efforts.
Harris Miller, president of the Information Technology Association of
America, said he believes any remaining disagreements that industry
groups have with the White House report will be worked out before
Wednesday's scheduled release.
"The issues that we're focusing on are on the margins," Miller said.
"There weren't any fundamental concerns...Assuming the final draft is
close to the draft we've seen, we generally support it."
Government-crafted protocols
One Internet protocol the draft singles out for criticism is the Border
Gateway Protocol (BGP), which is used to exchange routing information
among interconnected networks. The report concludes that "changes in BGP
will be needed" because of current security vulnerabilities.
Another point of criticism is the Domain Name System (DNS), which
translates domain names such as cnet.com into numeric addresses such as
206.16.0.148. "The accuracy of the data in the DNS databases needs to be
improved and stronger mechanisms are needed to ensure the authentication
of the DNS database along with changes to the database," the report
concludes.
The draft suggests that it's time for the federal government to become
more involved in the development of Internet protocols, security and
standards--a role currently assumed by the Internet Engineering Task
Force.
Government, it says, must "conduct research and development for the
collective good. This is a role that the government played during the
founding of the
Internet...The federal government, without regulating or controlling the
Internet, should systematically ensure that necessary research and
similar activities are conducted to insure the security and reliability
of the Internet."
Brad Jansen, an adjunct fellow at the free-market Competitive Enterprise
Institute who is familiar with the report, said: "I found it encouraging
that the report recognized the importance of training and implementation
beyond just grand plans. There are systems within the government's
sphere that it should not ignore. But there's little recognition of
cost-benefit analysis throughout the report, and much emphasis on how we
can spend money."
Future directions
One section, part of the "National Priorities" chapter, is
forward-looking. It says that the government should closely monitor
progress in quantum computing, intelligent agents and nanotechnology:
"For example, the development of intelligent nanodevices could cause
massive growth in the numbers of connected devices on the Internet and
the locations and uses in which these devices are deployed."
Quantum computing, which could bring systems so powerful that they could
render current encryption technologies obsolete, poses a threat as well.
"Backup planning for the unexpected--the secret breakthrough by an
unfriendly country--should be considered. How would such an advance be
used against us? How would we detect if our cryptography is compromised?
A watchful eye should also be kept on foreign research."
The White House is also worried about attackers employing intelligent
agents, smart computer programs that can search for information or carry
out tasks on their own. "Adversaries using agents would have the
distinct advantage of being able to attempt many variations on many
themes either over a very short period of time, since they can operate
at digital speeds, or over an extended period of time without losing
focus, since they are computer programs."
---------------------------------------------------------------
Liste verlassen:
Mail an infowar -
de-request -!
- infopeace -
de mit "unsubscribe" im Text.