Hacker Newsnew | comments | ask | jobs | submitlogin
tptacek 584 days ago | link | parent

Did I call this? Yes, I think I called this. The Obama bill (note: Obama-supportin' Democrat here) is worse than CISPA: an everything-and-the-kitchen-sink bill that randomly creates incentive programs, new research organizations, a "cybersecurity tip line", and federally funds research into DNSSEC (DNSSEC: Rated S for Statutory).

Also worth noting: nothing in the Lieberman bill that this EO is patterned on creates enforcement mechanisms for IP and copyright enforcement, or for collecting customer information from ISPs. Of course, neither did the GOP's CISPA bill. That's because neither regulatory effort is about user information.

The problems both of these ill-conceived bills are addressing are simple.

Problem 1: There is no coherent strategy in the (vast, sprawling, chaotic) federal government, which is the largest IT operator in probably the world. Every agency does something slightly different. This means (a) nobody is doing exactly the right thing (usually, they aren't doing anything close to the right thing) and (b) it is prohibitively difficult to introduce new technology to help fix things, because everyone you'd get to buy it has a different set of hoops to jump through.

Problem 2: If you were a foreign adversary who wanted to cripple the US with electronic attacks, you probably wouldn't bother hitting government IT systems. Instead, you'd go for something like the power grid, or a trading exchange. Those systems are privately operated, and so nothing the government does to try to track, monitor, or deflect online attacks can benefit them.



stfu 584 days ago | link

I am glad that HN is even able to discuss politics with some sanity.

Was just scrolling through Reddit to find their take on the subject, but after the 10th "Romney eat my hamster" story I just gave up.

This leads of cause to my conspiracy, that Reddit was highly active in the anti-CISPA movement, and the recent Obama visit political motivated to create goodwill for the upcoming executive order.

-----

wallawe 584 days ago | link

Just curious, how can you support a president who is so blatantly a hypocrite and liar? I am not suggesting that Romney is a better alternative by any means, just curious as to why smart people like yourself continue to stand by this man who could care less about civil liberties?

-----

tptacek 584 days ago | link

I ask myself, what would I rather do? Vote for a guy who wants to close Guantanamo Bay but not enough, and who wants guaranteed-issue health care enough to stake his Presidency on it... or, implicitly or explicitly, vote for a guy who doesn't want to close Guantanamo Bay and who has said his first action after election will be to set in motion the repeal of guaranteed-issue health care?

I guess I'm just a dummy.

-----

wallawe 584 days ago | link

I know you're not a dummy and don't mean to insinuate that, but I've had this conversation with people over and over and am just trying to understand it. We are choosing between the lesser of two evils here and it's extremely frustrating. I feel like it's time to stick to principles here and affect change like we would want to see in the business world. When there is a major problem in business, our instinct is to disrupt it to make money. Why do we throw our hands up in the air and say 'oh well' when we see such major problems in government?

-----

Steko 583 days ago | link

"am just trying to understand it"

Ok here's why I support a major party candidate (spoilers: O-bot) despite said candidates inability to spin cloth to gold:

(1) You can hardly expect either of the two major candidates to mirror your views on all issues. That doesn't make them evil choices.

(2) Throwing away every other issue over a pet issue seems like a bad idea. Obama mirrors my stance on many issues. Many of them I feel are vastly more important than internet privacy.

(3) The actual issue at hand is a lot more complex than the EFF party line lets on. The reality is that cybersecurity threats from you know who are as real a threat to your freedoms as whatever the us government is going to do with your private data. Sorting out the intersection of freedoms pulling in different directions is always hard.

(3a) That said, if we have to do something we can do a lot better then Lieberman/Collins and this Executive Order/PDD is a fundamentally worse proposition, no matter if it's more lenient in a few details, because these trade offs should to be done openly through the legislature.

(4) Romney's alternative energy plan is cold fusion.

-----

danenania 583 days ago | link

"Why do we throw our hands up in the air and say 'oh well' when we see such major problems in government?"

I think it's mostly because true political change is messy. People are self-centered and if they are doing okay, they will prefer stability to revolution almost without fail, regardless of how rotten the system is or how many people it cheats and abuses. It's why the Sunni merchant class in Aleppo supported Assad just about to the point he started dropping bombs on their houses. Real change in America would mean short term strife and uncertainty, even if it vastly improves long term prospects, and there's always the risk that the attempt will fail and things will end up worse than before. That's not a trade that well-off people are historically keen to make, so they stick with the devils they know, quibbling over their relatively minor differences. Real change requires a desperation strong enough to break the seal on pandora's box through a willing rupture of the status quo.

-----

antidoh 584 days ago | link

You could vote (any) 3rd party. Not because you hope they win; they won't. And because they won't, a vote for 3rd party is a vote for none of the above (two). Which I think is the best possible vote, because the two current stewards of democracy, debate and engagement are failing.

-----

srs0001 583 days ago | link

It is too bad that Democrats and Republicans rule the political sphere. It would make the political environment much more interesting if the Libertarian and Green Party played a bigger role.

-----

ajslater 583 days ago | link

If you live in a decided state ( http://fivethirtyeight.blogs.nytimes.com/ ), vote third party. Most states are decided.

-----

shirederby 584 days ago | link

Johnson or Stein? One or the other (could be) a more principled vote (I don't know what your full "checklist" is, although you clearly differ from Johnson on healthcare, at least).

Johnson looks very likely to be on all states' ballots in November (Michigan is the least likely, but still very possible) and Stein should be on the ballot in the majority of states.

Except for a few states (e.g., Colorado) it looks quite likely that any effect Johnson has will favor Obama's electoral prospects over Romney's, anyway.

-----

aidenn0 584 days ago | link

Except, thanks to the current electoral system, changing your vote to a vote for any but the two most likely to win candidates is essentially half a vote for the other guy.

-----

shirederby 584 days ago | link

aidenn0, I explicitly addressed that in the last sentence of my remark.

-----

ekianjo 583 days ago | link

Simple answer: Don't vote. Why provide legitimacy to someone who you think is not "good enough". Voting is not something you do by default. It is a choice.

-----

xtdx 583 days ago | link

Not voting is what people do by default. It's not an interesting choice.

-----

ekianjo 583 days ago | link

I disagree - even in countries where voting is not popular, you usually get much more than 50% participation in the voting system. Less than 30% hardly qualifies as "default".

-----

xtdx 583 days ago | link

In the US, it's hovered right around 50% for a while, though it's climbed up between 55-60% for the past couple elections. More people don't vote than vote for any candidate. I would agree less than 30% isn't default, but 45% isn't less than 30.

And non presidential election turnout is abysmal.

-----

Aloisius 583 days ago | link

References on Obama supporting Internet privacy?

I believe Obama's publicly stated position in 2008 was to set up this system: http://www.politifact.com/truth-o-meter/promises/obameter/pr... and http://www.politifact.com/truth-o-meter/promises/obameter/pr... and http://www.politifact.com/truth-o-meter/promises/obameter/pr....

Hard to be a hypocrite and a liar when you follow through with your own policies. Not that I agree with this one though.

-----

taw9 584 days ago | link

Solution to 1 & 2: Make use of Windows on any Federal computer or power grid control system illegal, punishable by public whipping.

Let's call this EO what it is: erosion of privacy, redux.

This has nothing to do with political parties. This is about money. Stinks of MPAA...

-----

tptacek 584 days ago | link

In exactly what sense does this EO have anything to do with privacy? It is a more limited version of Lieberman-Collins; you can read that bill online right now, and it's linked from the story. You should be able to find a clause or pattern of clauses that points to "erosion of privacy".

-----

shirederby 584 days ago | link

I don't know if the update that added it was present when you read it, but the quote from TechDirt explains why it might be a "privacy disaster."

And the post on OpenCongress mentions that "inclusion of this report [to examine the legality of limiting liability of private actors for disclosing information] suggests that the Administration may believe there is a potential work-around for the privacy laws."

-----

tptacek 584 days ago | link

I don't know if the update that added it was present when you read it, but the quote from TechDirt explains BZZT COMPUTER OVER. VIRUS=VERY YES.

-----

shirederby 584 days ago | link

...I don't, err, get it.

I have a couple ideas but I'm not confident enough in them to assume veracity.

-----

taw9 581 days ago | link

http://www.guardian.co.uk/commentisfree/2012/aug/02/cybersec...

-----

yuhong 584 days ago | link

>Solution to 1 & 2: Make use of Windows on any Federal computer or power grid control system illegal, punishable by public whipping.

Huh?

-----

taw9 581 days ago | link

Modern cybersecurity threats generally involve (1) legions of zombie computers and (2) weak native OS security.

"No Windows = No Problem" is not an overstatement. The fact that we have nuclear power plants running on Windows in this country is abso-fucking-lutely terrifying.

-----

yuhong 579 days ago | link

What is exactly wrong with Windows itself that leads to these problems? And even if there is, it doesn't mean that it is as simple as that.

-----

taw9 578 days ago | link

Do you run your Windows box without virus protection?

-----

yuhong 575 days ago | link

Most of these attacks are targeted attacks and antivirus wouldn't have helped.

-----




Lists | RSS | Bookmarklet | Guidelines | FAQ | DMCA | News News | Feature Requests | Bugs | Y Combinator | Apply | Library

Search: