**This article was published prior to this date**
These subjects are currently being debated as Congress begins the process of beefing up IP law and cybersecurity. While we do have a need to protect our infrastructure, there is little (if any) real dialogue about actually securing national resources. The bills that have been introduced revolve around censoring the internet in an attempt to protect the IP (intellectual property) interests of Hollywood, the recording industry, patent holders, and major software manufacturers. They seem to be using critical infrastructure as a convenient excuse to create new legislation. No one involved in drafting these bills seem to have even a passing understanding of IT or network security.
After reading this 3 part article and this one on Forbes.com, I have serious reservations about the drafting process and the people involved in it. Any hacker worth their salt knows corporate naming conventions. AV programs and firewalls are good for scanning files and traffic control, but they offer no protection against a pointed attack. These attacks can be launched in many different ways using common ports, applications, and protocols. They may or may not leave any evidence behind, other than empty log files. Any hacker will tell you the only sure fire defense is to disconnect your machine from the network and shut it down. To assert that any serious security firm would prescribe AV and firewalls as a serious defense against these types of attacks is laughable. The fact that these attorneys don't get it is disturbing. How can people with such a poor understanding of corporate IT draft legislation to deal with cyber threats? Do they actually know what they are doing?
How is blocking pirated media, websites, or stiffening intellectual property going to secure the national power grid? The problem with the proposed legislation is the lack of protection for internet users from over zealous and tyrannical policing of content that may not be popular with the powers that be. Websites could be taken offline on a whim. It could take years to get a site back online, if at all. It could also potentially keep new technological break throughs, in virtually every field of science, from ever being used outside of the select few that develop or own them. These laws could potentially be used to erase or cripple other technologies.
The cybersecurity and IP legislation in their current form are being created to protect corporate profits, and nothing more. I'm not against turning a profit, it's the American way. But when does IP become more valuable than our rights as American citizens? I have a feeling we're about to find out.
No comments:
Post a Comment