Collaboration optimize

What the experts think about the viability of an Internet kill switch

Media coverage abounds over the so-called "Internet kill switch" and its potential for harm. Little of it mentions the opinion of experts. Michael Kassner went straight to the bill sponsors and to several tech experts for insight.

A confluence of events in Tunisia and Egypt has bared the underside of the Internet, scaring some and emboldening others. As evidence, the US Congress has reinvigorated interest in Senate bill S.3480: Protecting Cyberspace as a National Asset Act of 2010.

Senate bill S.3480

I remember last June, when Senator Lieberman -- along with cosponsors Senator Collins, and Senator Carper -- introduced Senate bill S.3480. Right away, people were upset. To them, the legislation gave the president authority to shut down the Internet. That reaction quickly stagnated the bill.

Egypt's move to shut down their portion of the Internet has renewed interest for and against the Lieberman-Collins-Carper bill. And, I started seeing mention of an Internet kill switch again. Curious now, I asked the senators how recent events affected their legislation:

The steps the Mubarak government took last week to shut down Internet communications in Egypt were, and are, totally wrong. His actions were clearly designed to limit internal criticisms of his government.

Our cyber security legislation is intended to protect the U.S. from external cyber attacks. Yet, some have suggested that our legislation would empower the President to deny U.S. citizens access to the Internet. Nothing could be further from the truth.

They continue:

We would never sign on to legislation that authorized the President, or anyone else, to shut down the Internet. Emergency or no, the exercise of such broad authority would be an affront to our Constitution.

The senators go on to explain their intent:

But our current laws do give us reason to be concerned. Most important, under current law, in the event of a cyber attack, the President's authorities are broad and ambiguous--a recipe for encroachments on privacy and civil liberties.

For example, in the event of a war or threat of war, the Communications Act of 1934 authorizes the President to take over or shut down wire and radio communications providers. This law is a crude sledgehammer built for another time and technology. Our bill contains a number of protections to make sure that broad authority is not used.

Major provisions of bill

The senators then outlined the bill's important details:

  • The emergency measures in our bill apply in a precise and targeted way only to our most critical infrastructure (as defined in section 1016e of the USA Patriot Act) -- the networks and assets most essential to the functioning of society and the economy -- to ensure they are protected from destruction.
  • Our legislation specifically says the President can only invoke the emergency authorities "if there is an ongoing or imminent" attack that would "cause national or regional catastrophic effects" by the disruption of the nation's most critical infrastructure.
  • When invoking these authorities, the President must notify Congress, and the emergency measures cannot be continued beyond 120 days without congressional approval.
  • The legislation expressly forbids any action that would violate the First Amendment and also prohibits limiting Internet traffic, emails, and other forms of communication (except those between critical infrastructure providers) unless no other action would prevent a regional or national catastrophe.

The senators conclude with:

Our bill already contains protections to prevent the President from denying Americans access to the Internet - even as it provides ample authority to ensure that those most critical services that rely on the Internet are protected.

And, even though experts question whether anyone can technically ‘shut down' the Internet in the United States, we will ensure that any legislation that moves in this Congress contains explicit language prohibiting the President from doing what President Mubarak did.

That is straight from the bill co-sponsors.

Complicated stuff

My mentor demanded that I read the bill. "It's your ‘insert naughty word' responsibility, since you're writing about it," he asserted. I complied and later told him, "Good thing you didn't mention anything about understanding it!"

With subjects as complicated as this, there will be a variety of opinions. I have one. From my reading, most tech writers are eager to express theirs as well. Still, none of us are experts. And, for something this important, we need to ask those who are most qualified what they think.

Ask the experts

I blasted an email to several subject matter experts (SMEs) I have worked with, written about, and trust: What do you think about the legislation and the kill switch. More specifically:

  • Is something like an Internet kill switch possible?
  • What would it take to put in place?
  • Is it a good idea technically and will it do any good?

I was hoping to receive answers from everyone, but several were hampered by employer-dictated restrictions. That's okay. Invincea's Anup Ghosh, NoScript's Giorgio Maone, and Arbor Network's Jose Nazario offered the following insights:

Anup Ghosh

Is such a switch possible: First, it's important for your readers to know that the Internet Kill Switch is not an actual switch or technical device. It is language written into one of the pieces of cyber security legislation that is winding through the Senate.

The original intent of giving the President authority to protect the U.S. and U.S. national security interests -- such as critical infrastructure providers -- against cyber security attack, while well intentioned, is fundamentally-flawed technical policy.

Implementing such a switch would be difficult technically. The Internet is a dynamic and distributed network implemented by a number of large service providers with many downstream smaller service providers.

Replication and redundancy was built into the network design from its original ARPANET origins in routing and naming to protect against single-failure modes in the Internet. The Internet simply routes around outages and disruptions.

But, none of this is really relevant because the intent is really to give the President "authority" to direct the service providers and potentially the military (US CYBERCOM) to take down Internet connectivity in the event of cyber attack.

What would it take to put it in place: Putting an Internet kill switch into practice is not a technical issue. It's really about giving the President the authority and then getting all service providers to agree to null route Internet requests. So, it takes authority and cooperation to implement an Internet kill switch. Is it a good idea technically and will it do any good: It is a poor idea on technical, policy, and potentially legal grounds. I don't see any upside to including this authority.

From a technical perspective, there is more damage that will be caused by disconnecting or shutting down the Internet than good. So many services now ride the Internet backbone including the power grid, industrial control, telecom, transportation, banking, military command & control, and of course all manner of business communications and logistics.

In other words, our economy and critical infrastructure is so dependent on the Internet, that it's actually an "economy kill switch." This is the very reason why we need protection against cyber security threats in the first place.

An Internet kill switch would be a self-imposed Denial of Service. If an adversary could trigger a Presidential decision to implement, it would be a much more effective weapon than most-imaginable cyber attacks.

Giorgio Maone

Is such a switch possible: If by "switch" we mean some sort of regulation which binds ISPs to suspend Internet routing when asked by the government. It is obviously quite possible.

Such an Orwellian law might go as far to mandate some sort of disconnection relay, remotely controlled by the President's office. A bunch of phone calls to ISP CEOs would be just as effective.

What would it take to put it in place: As I said, just a law and all the ISPs of a country (including universities, which often have their own infrastructures) agreeing to comply. A global (international) "switch" is more complicated, being more a political than technical issue.

Furthermore, I suspect in most "civilized" countries, shutting down Facebook and Twitter would be enough of an "Internet kill switch" for most people. What ridiculous times we're living...

Is it a good idea technically and will it do any good: If its aim is protecting people from terrorists, it would be a total fail. There are several secretive alternative communication channels available to relatively small and organized groups.

Unfortunately, I believe the only real use of such a "device" would be against people. For example, trying to control and sedate a popular revolt, like the ones we're currently witnessing in Middle East. So, it is an awful idea, anti-democratic and against free speech.

Jose Nazario

Is such a switch possible: In one sense, yes. It's just a technical issue. You can drop routes or shut down routers etc. In a different sense, it's quite difficult:
  • Who has the legal authority to compel providers to act?
  • How many international points do we have?
  • How do we ensure it's a satisfactory blackout?

I'm not sure answers to those questions -- or even the legal authority (hence the bills being proposed in Congress) -- exist.

What would it take to put it in place: At a minimum the following are needed:
  • Legal action to pass laws to grant someone in the government such authority.
  • Identify all of the ISPs who provide international access to US subscribers, and ensure they are legally bound to follow such orders.
  • Identify what routes would get pulled or blocked to provide such a "kill switch".

Routes and ISPs are fluid, to the point of changing throughout the day. By the time you had an inventory; it would be out of date.

Is it a good idea technically and will it do any good: Technically, I would say it's probably a disaster. The US is a major hub for international transit traffic. Shutting down routes and elements of the infrastructure, for example, Latin American gateways at the NAP of the Americas or various root DNS servers within the U.S has major consequences.

Are we willing to live with that? The damage to American businesses with global customers -- Google, Facebook, Microsoft, Symantec, and specially Verisign (think about their RSA trust chain that could get broken) -- will cause massive collateral damage.

As for "would it do any good", I guess it depends on what you're trying to stop. If you're trying to stop a worm attacking the government or critical infrastructure, probably no good could get done without massive collateral damage.

If you're trying to stop information from flowing, say an insurgent force is coordinating within America via the net, again, probably not: Enough other means to get to the net exist. If you just want the power to shut a specific set of circuits down (think US-KR back in July '09's attacks), then it could do some good to have that power and that insight.

Final thoughts

There you have it. What the bill co-sponsors think and what several IT experts think. I just had a thought. Where did the term, "Internet kill switch," come from? It is not mentioned in the bill. And, experts are saying an actual switch where everything goes dark is difficult at best to set up. Hmm.

I would like to thank Senator Lieberman, Senator Collins, and Senator Carper for their help. Also, thanks to Dr. Ghosh, Mr. Maone, and Dr. Nazario for allowing me to borrow from their expertise.

Update: Cormac Herley, another important SME in my world, with the blessing of Microsoft was able to answer my questions on his blog site, my thanks to him as well. Update (09 Feb 2011): Rick Moy of NSS Labs just returned from Europe and rushed his answers to me. Here is what he had to say: Is such a switch possible: Much harder than it was in Egypt. They have only 4 ISPs, whereas in the US we had at one time over 5,000. So from a volume perspective, it would be a massive undertaking. What would it take to put it in place: The technology behind the Internet was originally created by DARPA to ensure strategic command could still launch missiles if one node of the network was taken out. This type of resiliency is ‘baked in'. I think there would be ways to hard-crash certain systems, but bringing them back up properly later would be a different story.

It would probably take engineering, planning, and years to devise anything that didn't resemble ‘pulling the power plug'. Even so, coordination would be a disaster. Further more, one would have to design security into the system. So the ‘kill switch' didn't become the next best way for criminals or political groups to hold us hostage or interrupt commerce.

Is it a good idea technically and will it do any good: I have ethical problems with the idea of putting a kill switch for something like the Internet into the hands of government officials. The Internet is many things now; not least of which is a medium for free speech, a positive part of our society.

Shouldn't we rather find better ways of protecting us from specific threats? Carriers and ISPs have had the ability to filter malware from our pipes for a while, not perfectly, but there have been solutions. They've mostly opted out til now for various reasons. Maybe that should change? Or provide instructions and guidance to those who wish to take themselves off the net in such instances? Feels like there's a lot of core issues to deal with here.

About

Information is my field...Writing is my passion...Coupling the two is my mission.

168 comments
Michael Kassner
Michael Kassner

Rick just returned answers to my questions. Check out his opinions.

JCitizen
JCitizen

That would be like trying to explain to the people in WWII that the phones need to be shutdown because German sappers would be using the phone system to coordinate their attacks. Nobody gave it a first thought - let alone a second one; neither should we. I do agree that we need to know what to do to actually make it HARDER to shut down the internet! After all that is why D.A.R.P.A introduced the idea. I think it would be a lot smarter to admit we need a resurgence of Civil Defense practice in this country - put it under Homeland Security if you like. We need to harden our industrial and power sites, and even hold drills if need be to practice what to do in the instance of an attack. I would be trivial to have a national emergency warning system set up over the internet that could talk to all systems whether they be SCADA or good old DOS based PLC devices. It would be no different than the safety and fire drills we already do in industry, except that it would be more regional and wide spread among more than one commercial or municipal sector. The Air Force used to do emergency communication recovery exercises before the web was here, and possibly got lazy afterward, because D.A.R.P.A's dream had come true, of a internet system that had combat survivability. Messing with that would be shooting one's self in the foot. It is probably more likely that the government would like a controlled clear backbone that only they could communicate on, like some cities want to do with cell phone emergencies; where only officials IPs are allowed to communicate during such a crisis. With the power to shut it all down, this would make the public feel lucky that even the officials had some control. Not me - I still think it is stupid. But then - I always kept another form of communication around so I would never feel naked, like CB or HAM. I imagine Michael knows that feeling of confidence. Too bad the rest of the public, has probably relegated theirs to the junk yard.

srr
srr

Once again our legislators are proposing a "simple, knee-jerk answer" to a complex problem. All of the learned PhD's are aboslutely correct in their assessment that such power would effectively shut down the economy. In my opinion, giving the President power to do anything for 120 days is dangerous. In fact, giving the government the power to control speech in any manner is dangerous, unless you believe in Omnipotenet State control of our lives. I think Ben Franklin and Thomas Jefferson will be rising from their graves if this happens in any form.

seanferd
seanferd

That kind of reaction to a threat is just like the reaction to the 09/11/01 attacks. While everyone was busy pontificating about how "We" wouldn't let the terrorists win, the terrorists had already won. Look at our ridiculous and destructive reaction since that day. Until the entire Patriot Act and Homeland Security beast go away, at the least, they are still winning. And so are the internal forces that want to control everything. An internet kill would be so devastating that any enemy may just as well fake an attack to get the gov to throw the switch, as it were. In the event of a real attack, massive damage is done whether or not the attack succeeds, so it is a no-lose situation for any terrorists (and those who wish to control USAnians from within as well, it is still a partial win, because they can then demand further powers). This isn't security, but more theater and power-grabbing.

jkameleon
jkameleon

... I'm pretty skeptical against so called "terrorist threat". 10 bloody years of scaremongering & blowing innocent people up, and at the end it turned out, that it was all false flag. Not one attack was "genuine". The most important lesson from "Strategy of Tension"/"Operation Gladio" was, that the worst terrorist threat always comes from one's own government. No need to theoretize conspirationally, it's enough to look at the history. No need to worry about Amazon, no need to worry about backbones, no need to worry about government installations. They all have resources to protect their infrastructure against any threat. You should be worried about you, about your access to information.

Michael Kassner
Michael Kassner

A guest emailed me with this perspective: "Everyone seems to be missing the obvious comparison: Shutting down all aircraft traffic for several days after 9/11. Should that have been prohibited? It had serious economic effects and was terribly disruptive. Here in Alaska people were stranded out in the wilderness and many didn't know why their scheduled bush plane pickup didn't happen if they didn't have a satellite phone. Or why they saw no jets on their regular trans-polar routes. I'm sure some must have thought the world had ended. What's the first thing you and most IT folks do if you find your computer is under heavy attack or is causing an attack? You probably shut it down or pull the Ethernet connection to limit further damage and then figure out how to bring it back up safely. Because of the ramifications (including politically for the President and his party), just like shutting down air traffic, "killing" the Internet would only be done in extreme circumstances, probably when (not if, but when) the Internet is essentially being killed anyway due to a large cyber attack. The person we trust to not shoot off nuclear weapons unless it's really necessary isn't going to kill the whole Internet without a lot of good reasons since it will likely end their political career. So all these experts trust the President with nuclear weapons but not the Internet? I think there is a technical issue--if the attacker knows their external access to the US network can be quickly shut off in a massive attack, won't they just pre-set bots inside the US? Probably shutting down major US routing hubs would slow things down."

wdewey@cityofsalem.net
wdewey@cityofsalem.net

Government agencies have had the authority to blockade roads for years and have even closed airspace over the entire united states. Does this cost money and cause inconvenience for people? Yes, but this is necessary to protect lives and carry out the duties that we expect from the government. Can these laws be abused? Yes they can. I have not read the current legislation, but I think that if we completely tie the hands of the government and give them no authority then a major event will be exasperated because there is no way to centrally manage and respond to it. I am not a fan of giving the government too much power or responsibility, but they are the reason we have roads, and schools. Bill

WDMilner
WDMilner

"internet kill switch" may well be Tom Clancy's NetForce series of books from which a two part miniseries was made for television around 1999 and which revolved around an "internet kill switch" that resided in the Oval Office.

Neon Samurai
Neon Samurai

I believe it was Mr Shneier among other's who pointed this out; the issue of cybersecurity is not a state controlled access issue.. it's simply product quality. Vendors need to put more focus in secure product designs, better production quality and faster correction of vulnerabilities (patches or replacement shipments). This problem is not that people are trying to get in; that's always going to happen. The problem is that people are successful at getting in because of the shoddy products we put up with. A kill switch is a reactive blacklist where what is needed is a proactive whitelist type approach. Fix the cause not the symptoms.

mckinnej
mckinnej

I'm trying to follow the money here folks because that's normally the reason behind, well, everything. I suspect one reason our legislators push to have so many (worthless?) laws enacted is because it gives them "points" during the next election. Incumbents can boast about how many bills they got passed in their effort to get our votes and keep their fat paychecks. They think this serves as some sort of performance indicator or "scoreboard" for them when in reality it is the opposite. New laws drive up the cost of government, which is already more than we can possibly afford. They should be getting rid of outdated and worthless laws instead of creating more of the same. As the saying goes, when you realize you're in a hole the first thing you should do is put down the shovel, but that isn't in the DC vocabulary. As for the bill itself, I think it was well intentioned, but they should have consulted to some real technical people before trying to write it. As it is written it is nothing but a money pit for taxpayer dollars.

sboverie
sboverie

I suspect that the bill is a reaction to the STUXNET virus. The problems with the bill is that is assumes that in the event of a serious cyber attack on critical infrastructures that there will be enough time for a notice to be sent up the chain to the president and the order to shut down can be done before any damage. The reality is that by the time a problem is detected then it is too late to stop it. The other problem is depending on ISPs to quickly respond to a command to shut off; how quick would the ISP need to be to stop further damage? If we compare this bill with the national defense early warning network that gets frequent false alarms then it would show other problems. The early warning network is designed to detect possible missle launch and give the US a chance to retaliate ala MAD; the time from an actual launch to target is just enough time to verify the launch and track it with some warning to the government. This is more time than a well coordinated cyber attack can take; the time to verify a possible event would take too long if done by people. Ironically, the bill was written with too much trust in technology to solve a problem caused by putting utilities on the internet. The reliance on automation and the need to remotely monitor unitlities would have been better served by what some are suggesting, a separate network that has tighter security.

aeiyor
aeiyor

Good Day all. Hmmm interesting and was just noting somethings similar from the posts involving the Social networks. Michael, another interesting article. So first let me address the questions you asked the experts. * Is something like an Internet kill switch possible? ==== Yes. * What would it take to put in place? ==== Simple really in the sense of addressing the root structures and then disabling them. I'll explain in my main commentary. * Is it a good idea technically and will it do any good? ==== No not a good idea because its like taking away elements of common conveniences and "utilities" of people. There's a story I share with several people in conveying about properly acting on given situations. This again uses principles of Ancient Art of War. Again will comment further below. Now to the commentary core. Actually as I was writing my commentary I just realized this could be googled and then implemented so I decided not to post the full extent of what I wrote but very brief synopsis. Though all it would require is a combination of very good intelligence, some creative thinking and a comprehension of how things work. What would it take to put in place. -- you basically need to understand the root fundamentals behind the internet and you address the root and it disables the tree. (Another fine concept within the Ancient Art of War.) Is it a good idea - no. Will it do any good - in the immediate consideration it MAY appear that way. However, the ramifactions are absolutely nightmarish. As some of the experts mentioned what impact it would have to MANY things. Like with anything, when a discovery or revolutionary concept/thing gets implemented and used within society as a day to day norm -- we depend on it. We build, create and structure things to include this discovery and revolutionary thing. Those things then become a reliance and are worked into the lives of many. So with that I will share a short story that I relate to people to convey a simple principle of Change. This is a story about a frog and boiling water. If you throw a frog in boiling water, its immediate and quick reaction is to leap out or escape. If on the other hand you put a frog in regular water (regular temp within the surrounding environment) it stays or just secures itself. Now if you begin ever so slightly increasing the temperature of that water, the frog will remain because very slight shifts in temperature have no apparent effect to cause concern. In gradual time the frog gets cooked. The point in this is that when we are introduced to intense and rapid change, we have a quick reflex to say WAIT - HOLD-ON there or properly act in the situation... because we can quickly see the impact and experience that the change will cause. (Very easy examples: Hot stove, putting hand on stove)... However, if we are introduced to very slight discrepancies, our nature usually is to tough it out or deal with it. Eventually when all the changes are put into place it may be too late to do anything about it. (Very easy examples: various laws enacted to "protect people" in real perspective are wolves in sheeps clothing that actually are designed to limit people of freedoms). Now the point behind the story along with its explanation addresses the part about "is it a good idea technically and will it do any good".. -- a "quick kill switch" -- as a metaphor -- would be equivalent to throwing the public in boiling water. The response - unpredictable. Will it do any good? Depends on what you mean about "good"? I concur in hypothesis that as the internet has taken root, there is another network which is obscure but not inaccessible. This network follows the principles behind critical mass and morphogenic fields. Anyways this is going on obscure for most and will be out of topic if I proceed but let's just say there's alternatives out there.

TNT
TNT

If there is an attack on, say, a nuclear power plant, then simply disconnect the plant from the Internet temporarily. If the attack is against multiple targets, say banks, then they all go off-line. Perhaps the incoming attack is rerouted to a military/FBI cyber crime unit to analyze and defeat it. I don't understand why one would want to shut down the Internet when it is much easier to simply "kill" the connection at the affected target. As far as Congresses??? motivation for having a kill switch, I believe it eventually comes down to taxing the Internet. If they can establish the government???s right to control the Internet then there is a reasonable path to taxing it. This is something they've been trying to accomplish for at least a decade and haven't been able to figure out how to do it. This, in my opinion, is a backdoor approach. That's my two cents; tell me where I'm wrong.

AnsuGisalas
AnsuGisalas

...and no-one knows how the law is supposed to achieve it's stated goals... not looking good. And like the Patriot act shows, bad legislation is never taken back down...

jkameleon
jkameleon

... if you are Hosni Mubarak.

santeewelding
santeewelding

I heard on the news that a bulldozer of our modern nation-state ran over and then re-buried them. Anyway, there's no sense hearking to them. It's in our hands. Or, on our hands.

jkameleon
jkameleon

I'd go one step further: Patriot Act and Homeland Security was not the reaction, but the purpose of 9/11. The old problem-reaction-solution thing. The Bush administration's handling of the 9/11 wasn't ridiculous or stupid. From the standpoint of someone, who wants to grab power, it was perfectly reasonable. If you consider the above statement outlandish, sit back, think for a minute, and, if you can, try to leave out of account the bovis stercus you are bombarded with on the news. The worlwide conspiracy of a secret organization named Illuminati? Crazy, no doubt. The worlwide conspiracy of a secret organization named Al Quaeda? If you doubt it, you are called crazy. Mind zapping earthqake rays from HAARP, cow killing black helicopters, little green men in flying saucers? If you want to believe it, you're crazy. Ninja islamists hijacking planes with boxcutters, WTC buildings collapsing in a funny way, a bunch of weird coincidences all happening at once, a caveman in Afghanistan in charge of the whole thing? If you don't believe it, you are called crazy. Whatever the truth about 9/11 might be- the bottom line is, that in politics & propaganda, 9/11 was utilized in exactly the same way the Reichstag fire was utilized in 1933. 9/11 should therefore, for all practical purposes be considered a Reichstag fire. Internet killswitch is not about you vs terrorists, but you vs the (para)government. Even if there actually are some terrorists out there, they are just a couple of agent provocateurs running amuck. A minor annoyance which could easily be removed by any functioning, non-corrupt government.

dogknees
dogknees

They won the minute the planes were shut down. And they keep winning each time another "freedom" is limited or revoked.

AnsuGisalas
AnsuGisalas

Right, so the wording of the law has nothing to do with a kill switch. The kill switch is a decoy, a conjurer's distraction. The wording of the law states that the President or the Director of the UberCyberDefenx Office (sorry, that's not it's name) can make a plan or measure, and then force all operators and/or owners of anything that can be conceived as "vital" to comply with that plan or measure. That certainly includes pulling the plug, but it includes all sorts of other things too... things that make sense, but which make sense to whom? The kill switch is nonsensical, it's not what they're trying to do. But they're actually expanding the powers granted to the President by the Communications Act to ... well... everything and anything. From power, food, medical all the way down to internet, email and cell phones. The kill switch... look how we've been talking about that? And at the same time, everybody - including Lieberman - is saying : "Killing the internet makes no sense". Because that's what they want us to be talking about, so they can alleviate those fears, smoothing over all the other things that should be feared in stead. In it's twistedness, it's a thing of beauty - chilling, demonic beauty.

apotheon
apotheon

> Everyone seems to be missing the obvious comparison That's an interesting choice of words. Let's look at something else obvious: > So all these experts trust the President with nuclear weapons but not the Internet? They don't all trust the President with nuclear weapons. They just live with the fact he has the access he does because it would be pretty difficult for them to do something about it. That, at least, is how I feel about it. No, I don't trust the President with nuclear weapons. I trust him with the Internet even less, because he surely understands (and cares about) the consequences of using an Internet kill switch far less than he understands (and cares about) the consequences of using a nuclear arsenal.

SirWizard
SirWizard

[The following discussion refers specifically to issues in the United States, though might be applicable to other countries.] Arguments favoring wide government authority contain major flaws. Government routinely usurps rights and powers under weak claims of authority. For example, the government routinely blocks roads for all manner of unauthorized purposes, such as massively stopping and detaining drivers without probable cause, hoping to find some transgression and squeeze fine money from the hapless citizenry. Indeed, this costs money and causes inconvenience, and though it might on very rare occasions help protect lives, it is at the unacceptable cost of our liberty. The duties that the great unwashed masses regularly expect from the government far exceed the government's constitutional authority. Let's consider the ridiculous assertion that giving the government responsibility is the reason we have roads and schools. We have them because they are useful and important, but too many have let the government usurp its destructive control of these. There is no constitutional authority for the government to regulate roads or schools. The government merely has taken control of them, and we see how horribly it handles these, as it does with virtually everything it touches. Roads are frequently left in disrepair, strewn with garbage and other debris, poorly labeled, and congested with traffic so as to waste millions of man-hours daily. Government controlled schools (the majority) cost (and waste) many billions of dollars, hire and retain poor quality teachers, fail to actually teach crucial (as typically accepted) material, such as reading/writing in English, mathematics, science, geography, and history. Curricula fail to include crucial (though not routinely considered) skills, such as critical thinking, ethics, how to write a resume, or how to interview for a job. Those are just roads and education. Consider the government's abuses and mishandling of rail travel (Amtrak), delivery services (the Postal Service), the economy (fiat [un-backed] money and the Federal Reserve), healthcare (Obamunism), justice (courts and prisons), (un)employment, cronyism, corruption, ... Our government has only one proper function: to secure our rights. It is ridiculous to let the clowns who run our government control the Internet.

Neon Samurai
Neon Samurai

I think the examples differ a little to much. An airborn threat can come down anywhere; you need to address it in terms of national airspace. You also have a lot of other traffic in the air that you want out of the way of the threat and your response. You have physical collisions and similar real risks. In terms of road blockades; those are not normally a national affair. One doesn't halt all US road traffic because they are stopping a speeding car on a Springfield sideroad. In the digital realm, one can filter out the other "air traffic" and one can have a much better idea of where that threat is destined for. Springfield "Nucular" is threatened by network attack; cut the ISP connection.. assuming that control mechanisms are connected on the same network as public traffic. It doesn't have to be a national call and actually, with proper network security it shouldn't even be a call let alone a required reaction. What would granting government power to over-react offer that is not already available and affective?

Michael Kassner
Michael Kassner

I thought I had read it somewhere. You made an old fart feel a bit better, not totally losing it just yet. Checked it out. I believe it is Cybernation (Net Force # 6)

dogknees
dogknees

If you don't like what they do, why do you keep them? Remember, they're your servants not your masters.

Michael Kassner
Michael Kassner

When you realize you are in a hole, it's time to put the shovel down. Is the second most excellent saying I have read in these comments. Both have a great deal of meaning. Thanks.

Michael Kassner
Michael Kassner

Is another hit-home point. I have been getting similar sentiment from the SMEs I have interviewed, along with too fast, and no safe guards.

Michael Kassner
Michael Kassner

it is always a good one. I have used it a numerous occasions. It makes the point powerfully. Your answers and comments are insightful once again. Thank you for sharing them.

dogknees
dogknees

The actions you describe take place after an actual attack has begun. How, in the event of a war do you stop the ability of the enemy to access ANY of your infrastructure. You're not going to know the targets until after the attack.

SSandersTX
SSandersTX

Taxing is financial lingo for control/power and that's what Congress wants most. Never, EVER give them that abiltiy or they will use it 'in the best interests of the country' cloaking the whole issue in patriotic terms so that anyone who is against it is viewed as a 'bad guy.' The so-called Patriot Act worked exactly like that and is/was one of the worst violations of the constitution and American values since the McCarthy witch trials. We just learned how to do it in private this time so that nobody could object.

Michael Kassner
Michael Kassner

Taxation might be a motive. Pay or it will be shut off?

seanferd
seanferd

At least three provisions of the Patriot Act have just recently been refused renewal. I must confess I am shocked as hell. The action doesn't go far enough, and is way too late in coming, but it is yet progress. Gives me a vague sense of hope, but maybe that is what it is supposed to do. ;)

apotheon
apotheon

Look how well it's working out for him. I expect him to be out on his kiester in relatively short order (certainly very short order compared to 30 years in office with roughly 90% voting majorities reported).

JCitizen
JCitizen

Everyone is spot on here!

apotheon
apotheon

> In it's twistedness, it's a thing of beauty - chilling, demonic beauty. I think I dated her about a decade ago.

apotheon
apotheon

The great mass of idiots who keep performing the same action over and over (electing the same class of bad candidates) in hopes of achieving a different result are the ones keeping them.

aeiyor
aeiyor

Good Day all. Michael, you're very welcome. Sometimes I speculate with the posting of our thoughts and ideas -- how it contributes to either the knowledge pool of action or if acts as a springboard to other things that we don't have any understanding about until it makes news. However, I've come to realize that the internet being an incredible haven for resources people would just need to Google or search to locate information. The posting only adds to the pooled knowledge out there. So with that and slightly adjuncted to my original comment but not in the original comment I will mention what I didn't. The key is electricity and power. Take away power and electricity and you disable accordingly. Also with the notion of Back-Up Power... EMF's are potent at disrupting electronic devices. There's always lots of gives and takes for the development of technology and structures. -- and understanding it gives you the key to work with or about it. I try to remain partly obscure with the information but a fairly intelligent person can surmise what I mention.

AnsuGisalas
AnsuGisalas

After all, the point would be to protect the infrastructure, not pre-emptively destroy it! Only a fool scorches his own earth before the invaders are even landing...

TNT
TNT

I agree the Patriot Act was too broad, thankfully I haven't seen abusses of it yet. What concerned me more was Obamma's passing a bill stating cell phones could be tapped without a warrant because "there is no expectation of privacy on a cell". But bringing it back on point, since the Internet has global reach no one government should have a kill switch, or be able to tax it, or have any such control - not even the US government. I am surprised at how quickly and easily Egypt was able to accomplish what they did. Others have noted rightly that we desperately need a hardening of security for critical services connected to the net, but we also need more diversity in carriers and access points. We need to protect a country's assets, but at the same time we need to protect the people's access.

TNT
TNT

I'm thinking Congresses reasoning will be more along the lines of, "since we are offering security for the Internet everyone now has to pay for that protection." Kind of like cities taxing you for snow removal, police and other services. I don't see them being so heavy handed as to say "Pay up or we turn it off."

AnsuGisalas
AnsuGisalas

Yesterday's Proud GOP Party Line Candidates, today's "Alternative" Tee Party Line Dancers... if I understand correctly.

apotheon
apotheon

Given that something like 31 out of 40 Tea Party candidates voted for it, I don't think the fact it lost is much of a necessary appeasement to them. Like anything that tries to do some good "from within", a movement within the Republican Party to actually do some good is bound to be corrupted and turned against itself -- just the same as any similar efforts within the Democratic Party.

apotheon
apotheon

Basically, this is the only way bad laws go away; if they have some kind of built-in lifespan (intentionally or otherwise), and fail to get a new lease on life via some later vote.

AnsuGisalas
AnsuGisalas

I'm sure it must just be someone taking pot-shots at "Dubya's legacy", out of spite... can't be a sense of proportion, can it? (In politicians?!? Naaah!)

jkameleon
jkameleon

Two facts to take into account: - Mubarak's regime purchased internet spying equipment in the USA about the same time it was switched back on. - IMHE, during the regime change, people like policemen, military, spies, bureaucrats, reporters, public figures, everyone who can make a difference, is pressed to take sides. Everybody knows, that even in the absence of retaliation, his choice will affect at least his career & business opportunities in the years to come. I'd imagine, that ISPs in Egypt must be under pressure from both sides, regime, as well as protesters.

Michael Kassner
Michael Kassner

There is significant confusion as to who said it first. It starts with Ben Franklin, and moves to others as the years pass. Being from Minnesota, I go with the group that says a MN Vikings trainer first uttered it: http://en.wikiquote.org/wiki/Talk:Benjamin_Franklin

apotheon
apotheon

Was that Einstein? Well . . . someone did.

Neon Samurai
Neon Samurai

Doing the same thing over and over expecting different results.. :D

apotheon
apotheon

It is becoming increasingly apparent to anyone paying attention that "security" must protect us not only against lone criminals, but also against organized criminals -- like those in the legislature.

apotheon
apotheon

The traditional relationship between street pimp and his "ho" stable is a protection racket.

AnsuGisalas
AnsuGisalas

I was more thinking it sounded like a pimping racket - but my criminology is a little rusty ;)

apotheon
apotheon

US foreign aid money will be withheld if those states do not toe the line set by the US executive. That sounds more than a little like a protection racket, too.

AnsuGisalas
AnsuGisalas

That stuff Dubya passed that said that US foreing aid money not be given to states that instruct women to use [i]protection[/i]. Coz, you know, abstinence will totally work. On the other hand, Dubya's brilliance on that subject may have been what swayed God - or make that the Pope - to change his mind on the matter.

apotheon
apotheon

. . . just like copyright and patent protection, and just about every instance where "protection" shows up in law.

AnsuGisalas
AnsuGisalas

a protection racket, to be precise ;)

Michael Kassner
Michael Kassner

It manages to bite us more than we care, doesn't it.

TNT
TNT

It isn't security in any real sense; it is only protection in a perceived sense. If it is perceived that government owns the Internet, or provides a service paramount to its existence, then taxes and fees can be imposed. Look at it this way: Congress only has two powers, the power to create law and to tax. The Internet (for the most part) has been immune to their powers. For this reason any legislation regarding the Internet must be held suspect.

Michael Kassner
Michael Kassner

I see it as the results of not having sufficient protection. That is my difficulty with this approach. It seems like giving up in a sense.