Suche innerhalb des Archivs / Search the Archive All words Any words
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] NYT zum Cybersec-Plan

Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
Interessanter als die Inhalte des Planes scheint für die Presse der 
Druck der "high-tech companies" auf die Regierung zu sein.

http://www.nytimes.com/2002/09/18/politics/18CYBE.html?pagewanted=print&position=top


          September 18, 2002


    Revamped Proposal Suggests Strategies to Tighten Online Security

By JOHN SCHWARTZ

A long-awaited report from the Bush administration intended to help 
citizens, businesses and government shore up the nation's cyberdefenses 
will be revealed today.

Sort of.

The report, "The National Strategy to Secure Cyberspace," was scheduled 
to be released today with great fanfare at Stanford University. But 
officials have decided not to release the report in final form today in 
hopes of building support among high-tech companies that worked to 
weaken previous drafts.

Instead, the current document is being referred to as a draft. It will 
be subject to a 60-day comment period, after which it will be revised 
and submitted to the president for final approval.

Like many other reports on cybersecurity before it, the new document 
describes a society that has grown increasingly dependent on networked 
computer systems, and thus increasingly vulnerable to cyberterrorists, 
hackers and destructive computer programs like viruses and worms. Like 
those previous reports, it also emphasizes the importance of education 
for business, government and consumers. The report breaks down the 
cyberspace security challenges faced by various online populations, 
including home users and small businesses as well as industry sectors 
and nations.

Some of the tougher measures proposed in earlier drafts of the document 
included recommendations that Internet service providers give high-speed 
customers firewalls and other tools to defeat hacking and bans on many 
uses of wireless networks until the technology is made more secure. The 
draft being released today calls for more general proposals that one 
security expert dismissed as "pretty-please recommendations" to improve 
security awareness.

Richard A. Clarke, the chairman of the president's critical 
infrastructure protection board, dismissed assertions that the report 
had been softened. "That is a vast exaggeration," Mr. Clarke said 
yesterday in a conference call with reporters.

"The point is not what was in Draft 4 or Draft 8 or Draft 12," Mr. 
Clarke said. The report, he said, is an effort to offer guidance without 
resorting to a greater regulatory structure, or what he called a 
"government heavy hand" approach.

"Everybody has to do his own thing to protect cyberspace," he said.

The report has raised fears among civil liberties advocates that the 
proposals, in trying to answer many issues, rely heavily on more 
surveillance of computer networks -- and, by extension, of those who use 
them.

"It's hard to find a security approach that will simultaneously solve 
the problems of ice storms, software glitches, Al Qaeda, faulty 
operating systems and spam," said Marc Rotenberg, director of the 
Electronic Privacy Information Center in Washington. "But in almost any 
scenario, less emphasis should be placed on monitoring and more on 
reliability."

Those speaking in favor of the new report said that the industry 
welcomed the opportunity to comment on the report, and that the essence 
of it is unchanged.

"The basic thrust of the recommendations is still there," said Mario 
Correa, director of Internet and network security policy for the 
Business Software Alliance, a lobbying and policy group in Washington.

A security expert said he was disappointed that the government was not 
getting tougher on cyberissues. The expert, Russ Cooper, whose official 
title of surgeon general describes his role in advocating good computer 
health and hygiene at the Trusecure Corporation, said the information he 
had received about the report was "a lot of rhetoric, a lot of 
discussion, a lot of what we've been doing along -- but nothing 
mandatory about what we needed to do."

Mr. Clarke said that those expecting a detailed set of requirements were 
missing the point. He declined to estimate the ultimate costs of 
implementing the proposals, saying they should not be taken as a set of 
low-level, specific requirements.

"It's not a plan," he said, "it's a strategy."




---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.