[ISN] Big software pushes hard for national Gestapo

From: InfoSec News (isnat_private)
Date: Fri Jul 26 2002 - 01:50:48 PDT

  • Next message: InfoSec News: "Re: [ISN] U.S. Businesses at Risk for Major Cyber Attack, IT Pros Say"

    Forwarded from: bob <bobat_private>
    
    The guys at the Register are always so much more fun to read.
    
    Bob Adams
    http://www.globaldisaster.org
    http://globalangst.blogspot.com
    
    
    http://www.theregister.co.uk/content/55/26378.html
    
    Big software pushes hard for national Gestapo
    By Thomas C Greene in Washington
    Posted: 25/07/2002 at 15:49 GMT
    
    I was puzzled last month when industry lobby the Business Software
    Alliance (BSA) released a cyberterror FUD bomb. Or, rather, a FUD dud
    -- a laughably meaningless survey of the opinions of so-called "IT
    pros" all laboring under the delusion that a deadly national
    catastrophe by electronic means is just around the corner.
    
    Was that a one-off lapse in judgment, I wondered. A quick and dirty
    publicity stunt? Why would the BSA suddenly become concerned with
    cyberterror? Are they developing some software-based national-defense
    panacea? I found it puzzling enough to solicit readers for insight and
    theory. I thank everyone who contributed their ideas, but I must say
    that even with their help I couldn't quite add it all up.
    
    But now the BSA is at it again, repeating its bizarre performance, and
    it's all suddenly making sense.
    
    Consider that the Bush Junior Administration and Congress are moving
    to entrust considerable cyber-defense powers to the new Department of
    Homeland Security, a proposed national Gestapo with a budget of $37
    billion and exemptions from the Freedom of Information Act (FOIA) and
    other privileges.
    
    And of course that spells pork -- big, juicy, fat gobbets of pork. No
    wonder the BSA is at it again, saying essentially the same thing while
    using nothing better than hearsay for its standard of evidence.
    They're tossing out empty soundbites for Congresspersons to mimic in
    their little speeches on the floor, as they pretend to agonize over
    the safety of innocent Americans at the hands of demonic IP warriors.
    
    "The sobering results of these surveys underscore the need for
    Congress and the Administration to ensure that the security of our
    nation's information networks is a top priority in homeland security
    legislation now being debated on Capitol Hill," BSA President Robert
    Holleyman whines.
    
    "While Y2K was a one-time event, cyber attacks represent persistent
    threats that need to be treated with the same concerted urgency that
    successfully averted Y2K disasters," he goes on. "We think it is
    important that the government take a strong lead like it did for Y2K
    and set a tone that business will follow."
    
    All right, when you get an industry lobby pretending to solicit
    government 'leadership', you know something stinks. Big Software likes
    this legislation, ergo the man in the street is going to hate it. And
    they've got a frightened lapdog, House Energy and Commerce Chairman
    Billy Tauzin (Republican, Louisiana), to serve as their pitch man.
    
    "Ninety percent of the nation's most important critical
    infrastructures are privately owned and operated; that's why it is
    crucial that we make sure the public and private sectors are working
    together to protect the information networks that increasingly impact
    nearly every aspect of our daily lives," the BSA quotes Tauzin as
    saying.
    
    'Working together' indeed. That means government contracts – billions
    in public funds, vast hunks of corporate welfare, just so some script
    kiddie has a slightly harder time defacing Uncle Sam's Web sites. It
    also means 'upgrading' to the latest and greatest database and office
    software, and of course the very finest in operating systems.
    
    And on the return trip, it means blessed secrecy for software giants
    and other major IT companies, all of whom desperately want FOIA
    exemption on the hollow pretext that they could then share information
    about cyber-attacks and in this way selflessly contribute to the
    national anti-terror brain trust and the public's safety. Of course
    the truth there is a good deal simpler: companies want secrecy
    regarding cyberattacks because they're embarrassing, and because the
    public would probably stop dealing with hundreds of them if they found
    out how poorly-defended their data really is. An FOIA exemption of
    that sort would be the Mother of all security-through-obscurity
    programs, but it has not been forthcoming on the Hill, and probably
    won't materialize as part of the Gestapo legislation.
    
    Perhaps the new Homeland Defense Office will be able to extend the
    umbrella of its own freedom from information act (FFIA) as a partial
    shield. And that may well pass; recent proposed amendments would limit
    public access to corporate records only if they're submitted to
    Gestapo Headquarters, and then only the bits dealing with security
    would be exempt. Of course there's a lot of wiggle room there. Pretty
    much anything can be said to have security implications, as Kafka
    often noted.
    
    This happy alliance will also likely mean closer government
    cooperation in fighting the evils of software piracy. Clearly the
    BSA's patrons regard the FBI as their own personal 'piracy 911'. No
    doubt enhanced access via the new department is anticipated, and high
    hopes of further influencing national law-enforcement priorities
    entertained.
    
    So what we have is a bid for Homeland Security pork using hearsay and
    FUD, cleverly disguised as something serious. But what else would you
    expect from an organization that routinely lies about piracy, slickly
    including open source products in their 'loss' statistics? 
    
    BSA members include Adobe, Apple Computer, Autodesk, Bentley Systems,
    Borland, CNC Software/Mastercam, Dell, EDS, Entrust, HP, IBM, Intel,
    Intuit, Macromedia, Microsoft, Network Associates, Novell, Sybase, and
    Symantec. [Wow, some of the world's biggest defense contractors. We're
    impressed. --ed]
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Jul 26 2002 - 04:38:11 PDT