Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Businesses Government Security United States Politics IT

Proposed Law Would Give DHS Power Over Privately Owned IT Infrastructure 300

CelticWhisper writes "H.R. 3674, the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PRECISE Act), would allow the U.S. Department of Homeland Security to require improved security practices from those businesses managing systems whose disruption could prove detrimental to critical life-sustaining or national-security initiatives." As the article points out, this is just "one of 30 or so such bills currently percolating on the Hill."
This discussion has been archived. No new comments can be posted.

Proposed Law Would Give DHS Power Over Privately Owned IT Infrastructure

Comments Filter:
  • by Lumpy ( 12016 ) on Tuesday February 07, 2012 @12:19PM (#38955905) Homepage

    Republicans all scream for "smaller government" yet they happily sign any bill that gives away rights to the Gubment for "fighting TERRORISIM"

    Bunch of hypocrites they all are.

    It seems that nothing but evil comes out of washington DC anymore.

    • by MitchDev ( 2526834 ) on Tuesday February 07, 2012 @12:22PM (#38955969)
      Republicans have NEVER been for smaller government actually, they just want THEIR rules in place, rather the ones the Democrats want.
      • by tripleevenfall ( 1990004 ) on Tuesday February 07, 2012 @12:39PM (#38956297)

        Sorry, are Democrats like the Obama-led White house or the Obama-appointee-led DHS against this bill?

      • It's probably fairer to say that post-Reagan Republicans haven't been for smaller government. These days, they just disagree with Democrats on what the expansion should cover.

      • by shoehornjob ( 1632387 ) on Tuesday February 07, 2012 @01:12PM (#38956847)

        Republicans CLAIM that they are for smaller government actually, they just want THEIR rules in place, rather the ones the Democrats want.

        And they are just as bad as the democrats. If both parties don't start working together eventually the american people will kick all the lazy bastards in congress out.

        • by Medievalist ( 16032 ) on Tuesday February 07, 2012 @01:57PM (#38957629)

          If both parties don't start working together eventually the american people will kick all the lazy bastards in congress out.

          Voting machines have effectively eliminated any pretense of public control over government. Your choices are limited to the corporate-approved labels on the buttons.

          And no matter what buttons you push, the tallies from the voting machines will say what the controllers of the voting machines want them to say. You have no way to check the validity of those tallies so they are incredibly unlikely to be valid - there's too much power at stake for such an obvious control point to be left uncorrupted.

          Lately some states don't even bother to count write-in ballots any more, and most of them are looking into removing the write-in option from their machines.

          We're leaving the Republic stage and entering the Imperial era. If we keep following the classical pattern, the next step is civil war, although hopefully long after you and I are both dead.

          "That's not the way the world really works anymore," [Rove] continued. "We're an empire now, and when we act, we create our own reality. And while you're studying that reality - judiciously, as you will - we'll act again, creating other new realities, which you can study too, and that's how things will sort out. We're history's actorsâ¦and you, all of you, will be left to just study what we do."

          • by pixelpusher220 ( 529617 ) on Tuesday February 07, 2012 @03:16PM (#38958821)
            There are audits and verifications of vote counts...for physical vote records.

            *Electronic* Voting Machines are the avenue by which the process will be wholly taken over. Without the backing of paper records, electronic records are forever changeable and now you're left with custody chains of things that are microscopic in size and able to be tampered with remotely. Or just plain erasable....
    • by earls ( 1367951 ) on Tuesday February 07, 2012 @12:23PM (#38955981)

      ...is how you win elections.

      • Comment removed (Score:5, Insightful)

        by account_deleted ( 4530225 ) on Tuesday February 07, 2012 @12:41PM (#38956335)
        Comment removed based on user account deletion
      • But

        is

        this what people want to hear? I know many Americans don't really care that much about civil liberties in the abstract, but they do care about things that might affect their own lives. The TSA was popular for a year or two after 9/11, but most Americans hate it now. The average man (or woman) on the street cares a lot more about the bad economy than about vague threats of terrorism.

    • Now you're getting it!
    • by SaroDarksbane ( 1784314 ) on Tuesday February 07, 2012 @12:28PM (#38956063)
      "Small government" is just a ruse Republicans use to win elections, much like "reducing corporate influence" is for the Democrats.

      Red Team/Blue Team? There's only one team, and it's the Big Government/Big Corporations Purple Team.
    • Buzzz...try again (Score:3, Informative)

      by sycodon ( 149926 )

      It's the Democrats that are trying to raise SOPA from the dead. [dailycaller.com]

      But don't let that spoil your primitive tribal reaction.

    • by rilian4 ( 591569 ) on Tuesday February 07, 2012 @12:42PM (#38956349) Journal

      Bunch of hypocrites they all are.

      So are the Democrats. If you are going to make these comments, be an equal-opportunity commenter.

      It seems that nothing but evil comes out of washington DC anymore.

      Agreed. This is why I am supporting Ron Paul for President. He's the only candidate willing to do what it takes to clean out Washington DC.

    • Don't really have anything against them requiring "improved security practices". As long as those practices aren't needlessly and pointlessly expensive and complicated. And as long as those "improved security practices" don't include providing a backdoor to the DHS.

      So, what we can expect to be actually implemented in this bill is probably a bad idea.

    • Don't blame politicians. It's all human fault. There is a 37 year old song on this subject saying "cold comfort for change".

      The history of humanity is trading independence for comfort. If you look at all the revolutions, vast majority of them is about this trade went wrong.

    • I always get a bit antsy when people bandy the word 'evil' about whenever the federal government imposes some new (and admittedly intrusive) regulations in the name of state security and public safety.

      Annoying it is, but evil it isn't. At least, not always.

      It's an unfortunate fact of life that individual freedom works best when the consequences of being stupid also (mostly) fall unto the individual responsible. As long as that's the case, I'm in favour of giving people lots and lots of freedom. It's amu

  • by Brad1138 ( 590148 ) <brad1138@yahoo.com> on Tuesday February 07, 2012 @12:22PM (#38955973)
    Even as a Democrat, I am getting very tired of our ever expanding Government. However, requiring critical systems like power and transportation etc... to have upgraded security is kind of a no-brainer.
    • by fish waffle ( 179067 ) on Tuesday February 07, 2012 @12:31PM (#38956143)
      The thin edge of the wedge here is in the definition of a "critical system". Things important to sustaining lives and ensuring national security make sense from a high-level perspective, but the grey areas around that can be extended to fit the goals of whoever is in control of the definition.
    • by TheCarp ( 96830 )

      Yes a no-brainer as in, you would have to not have any brains to think its needed.

      That tends to be the problem with security... people are willing to let it cost whatever it does, and expanding it always makes some amount of sense... its nearly always possible to dream up more, to find gaps etc.

      The thing is...where is the problem you are trying to solve? Do you claim that public transit is currently not safe? Really? Based on what? Where is the actual problem?

      I am on the staff list for a Sci Fi Con where pe

    • Even as a Democrat, I am getting very tired of our ever expanding Government. However, requiring critical systems like power and transportation etc... to have upgraded security is kind of a no-brainer.

      Actually, when they say "those businesses managing systems whose disruption could prove detrimental to critical life-sustaining or national-security initiatives." I think they are referring to iTunes, Amazon, Facebook, etc. /sarcasm

    • by PortHaven ( 242123 ) on Tuesday February 07, 2012 @12:45PM (#38956425) Homepage

      Twitter has repeatedly been used in life saving situations. Therefore, we the .gov, must ensure it's ability to function.

      Hi, please insert these tentacles into the Twitter system and relay every message through Langley. OKay THANX...

      I CAN HAV MORE TAXBURGER NOW?

  • by Anonymous Coward

    does the DHS even have the necessary expertise in IT security ?

  • by account_deleted ( 4530225 ) on Tuesday February 07, 2012 @12:24PM (#38955995)
    Comment removed based on user account deletion
  • by atchijov ( 527688 ) on Tuesday February 07, 2012 @12:26PM (#38956033)
    So now instead of pitching your IT security related technology to the customer (competing with other vendors), you just need to get really good friends in DHS and they will mandate use of your tehnology?
    • by SJHillman ( 1966756 ) on Tuesday February 07, 2012 @12:33PM (#38956175)

      You need to upgrade all of your Linux servers to Windows. Our friends in Redmond assure us this is an improvement of utmost importance.

    • by Sir_Sri ( 199544 )

      That's pretty much how lots of other businesses work. Your product will have to meet some sort of standards board approved set of metrics, and then you advertise that when you sell it.

      You shouldn't be able to buy electrical equipment that doesn't meet standards (I'm not 100% sure what those are in the US), and you shouldn't be able to install equipment that didn't meet those standards in a building. At least for legal compliance. The same applies to telecoms equipment, medical equipment etc. Regulatory

  • OK, so... (Score:2, Interesting)

    Can we please get rid of patents on cryptography? There are a lot of cryptosystems out there whose deployment is being hampered by patents on the underlying mathematics, and which could go a long way toward improving the state of computer security. This would not be a bad place to start repealing software patents:

    http://www.voltage.com/technology/patents/index.htm [voltage.com]

    Here too:

    https://en.wikipedia.org/wiki/ECC_patents [wikipedia.org]
  • have it's own lobbying organization now?

  • Overdue (Score:5, Insightful)

    by onyxruby ( 118189 ) <onyxruby@ c o m c a s t . net> on Tuesday February 07, 2012 @12:28PM (#38956077)

    This is really overdue and your a fool if you think it isn't inevitable. We accept regulation for critical infrastructure like electricity and gas distribution. Why should IT be any different than any other piece of infrastructure?

    I've worked with ITIL, SOX, HIPAA, SEC and a number of other regulations or standards for years. They are also largely similar in what they require, once you learn one the others are a quick learning curve. Mostly they are nothing more than attempt to codify best practices that you should be following anyways.

    It's like the rail companies that cried foul when regulations required that they install safe coupling mechanisms in the 1800's. The railroads cried foul at the new expenses until they discovered that the regulations ended up saving more in labor than they can cost in parts.

    • by dpilot ( 134227 )

      How dare you attempt to say something sensible hear? This is Slashdot - reasonable opinions are usually strongly discouraged, particularly when politics are involved!

      • The problem is -always- in vague wording as to what could be "detrimental to ... national security"

        Should power plants have regulated security, both physical and technical? Sure. Should 3rd party power plants that run factories be subject to the same? Is the loss of a small ISP detrimental to national security?

        -Most- laws dont have bad intentions, but over time bad people abuse them, both corporation, lawyers and governmental agencies.

      • I didn't here anything? Did ewe?
    • Re:Overdue (Score:4, Insightful)

      by na1led ( 1030470 ) on Tuesday February 07, 2012 @12:42PM (#38956363)
      This is not the same thing is a million ton of steel hurdling toward you at 60 mph. No one's lives are at stake here, and the Internet has been working fine without Governments interfering. Besides, it's the responsibility of businesses and individuals to secure their own network or computers; it's not the Government's responsibility. What's next, they come to my home and tell me my computer is not secure? It's totally BS!
      • What's next, they come to my home and tell me my computer is not secure? It's totally BS!

        Yes, that is the logical next step. After all, there's no legal distinction between businesses and private citizens anymore (Thanks, SCOTUS fucks).

        This sort of legislation passing is akin to hosing the slippery slope with a nice thick layer of Teflon.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      ...and SOX and the SEC helped us avoid the banking disaster.

    • It is not the regulation part that I have a problem with it is their utter incompetence along with their ability to take over. If you honestly believe that they will make good regulations like keep your shit off the internet they you must be woefully ignorant of their past decisions [threatpost.com].
    • Comment removed based on user account deletion
      • The thing you seem to be missing is that while there is an ISO 27001 standard covering IT, what reason do you have for the power company, water company, transportation or any other important industry to use it? Businesses won't self-regulate unless it costs them money.

        As GP stated most of the regulatory frameworks are similar, all of them are step-children of the Common Criteria and all of them have requirements that can be mapped to each other.

  • by Anomalyst ( 742352 ) on Tuesday February 07, 2012 @12:29PM (#38956087)
    does DHS have for doing this? Despite flushing billions of our tax dollars paying Hamburger University dropouts for irradiating and/or groping the American public with not a single no-so-scarist being caught. As effective as the crystal my dotty Aunt wears around her neck to keep them away and far cheaper. The U.S. gov cant event get their own house in order IT security-wise as department after department fail their audits and fail to meet their mandates, How effective can they be trying to remotely administrate the IT infrastructure of independent businesses/institutions? There is absolutely no evidence that the have the expertise or management skills to perform this function.
  • The United States of America comprehended the fairest part of the earth, and the most civilized portion of mankind. The frontiers of that extensive republic were guarded by ancient renown and disciplined valor. The gentle but powerful influence of laws and manners had gradually cemented the union of the states. Their peaceful inhabitants enjoyed and abused the advantages of wealth and luxury. The image of a free constitution was preserved with decent reverence: the American people appeared to possess the so
  • by Turken ( 139591 ) on Tuesday February 07, 2012 @12:35PM (#38956213)

    What is it with politicians insisting on giving their bills the most inane titles possible, just to spell out some mildly related acronym? We're electing and paying these people to write LEGISLATION, not commercial branding!

    • by Skapare ( 16644 )

      That's the only way to get people to support it. They're not going to actually read the bill to see what's in it.

    • Because citizens tend to react differently when the nightly news says congress is trying to pass a bill called "Stop Online Piracy Act" instead of "Rights Aborted by Pushy Executives..."

  • Isn't this the same DHS that re-classed some security issues [slashdot.org] as not bugs? Don't worry I am sure they won't screw this up.
  • And why the volatile title. Other than that his is Slashdot.

    "Proposed Law Would Give DHS Power Over Privately Owned IT Infrastructure".

    Requiring improved security is not much different than making sure that a company that makes toasters aren't making toasters that burn your house down.
    Or cars having seatbelts. Do we say that the government has "power" over privately owned Car companies because they must abide safety or security concerns?

    I have not read the full details of any planned law yet, but as state
  • by HexaByte ( 817350 ) on Tuesday February 07, 2012 @12:46PM (#38956437)
    Both parties are at fault here, not Just Republicans or just Democrats. The problem is that we no longer have a class of "Citizen Legislator" but instead have professional legislators who will do anything in their power to stay in power.

    This includes buying votes from the masses by telling them they will get everything free at the expense of someone else - even though our national debt is now so large you could confiscate all the wealth of all the millionaires and still not pay it off - and also letting themselves be bought buy the highest bidder - er - best paying lobbyist.

    Of course, to keep it under wraps, you have to both dumb down the general populace, and control all means of dissent. Shut down internet sites that oppose your viewpoint, call anyone who disagrees with you a terrorist and lock them away without any rights, and threaten the livelihood of anyone else who may be bold enough to get around your restrictions.

    The only way to stop such non-sense it to VOTE THEM ALL OUT!

    Al least it will take a new batch a few years to get so corrupt!
  • by Phoenix666 ( 184391 ) on Tuesday February 07, 2012 @12:47PM (#38956459)

    is corruption and problems. They ought to be excised and punished as a rogue state. Note, I'm not a right- or left-wing partisan, just an American who grew up when this country was known as the "Land of the Free and the Home of the Brave."

    The TSA ought to be expunged as the totalitarian body they are. The Department of Homeland Security ought to be dissolved and its members stripped of their citizenship and exiled to North Korea on the basis of the name of their agency alone.

    The FBI, CIA, NSA, DIA, and their attendant bodies need to be spanked firmly for violating the constitutional rights of all Americans over the last 20 years. That means, their Directors and employees who issued and obeyed illegal orders ought to go to prison for the rest of their lives.

    If that happened, I'd reckon the integrity of the Republic to have been preserved. But I'm not naive, and I know that that will never happen.

    As such, the only answer is for American citizens to bring the government and its backers to justice by force. As a man of peace and a father, I don't relish that at all. But neither do I want my kids to grow up as slaves.

    It's sobering indeed to contemplate another 20 years loving and nurturing my family in an increasingly totalitarian country vs. a personal life-ending confrontation with tyranny in the name and cause of freedom. But in my heart I can't see any other way. I was raised a patriot. In my mind and heart I meant the oath we all took to uphold and defend the freedom America stood for. But now the unthinkable has happened and the political entity known as the United States has so far departed from the premise of the oath we took that we cannot possibly reconcile the two; we can either support the path of freedom, or we can uphold the United States.

    I know that enough of my compatriots, supposed "left" and "right," share that conviction to make a difference. I know that the subversion of our freedom is not yet widespread enough and deep enough to reverse that bedrock faith. I know that despite the prevalent apathy, supported and abetted by those in power, there is not enough corrosion to avert the will of the American people to assert their freedom.

         

  • by roman_mir ( 125474 ) on Tuesday February 07, 2012 @12:51PM (#38956521) Homepage Journal

    As always, always, with government involvement expect these (in no particular order)

    • Increased costs and thus prices
    • Decreased competition and thus quality
    • Increased corruption, thus more laws, fewer choices, higher prices
    • More licensing, all sorts of licensing and all sorts of certifications, all with more fees, all with less competition, all with higher prices
    • Decreased security, not increased security. Decreased security, especially FROM government officials themselves
    • Eventual crash of the system

    The only 'redeeming' quality of this just maybe creation of alternative Internet infrastructure driven by user demand, outside of normal channels, but this will happen much later.

    • Oh, and probably more criminal charges and more people accused of things that weren't crime before, and using any of this for creating the fake war on terror and war on drugs, more racism, more of everything that should be decreased, not increased.

      All brought to you by your government.

  • Three words: "Military Industrial Complex". It's a headless beast now. Eisenhower warned us.
  • Is it just me or does anyone else think congress people spend way too much tax-payers money coming up with these bill names.

    I mean, come on: PROTECT IP, PRECISE, etc etc. It almost seems as if they would get together to discuss the naming instead of the actual bill content.

    No?

  • by Registered Coward v2 ( 447531 ) on Tuesday February 07, 2012 @01:20PM (#38956991)

    Now that I have your attention listen to my argument before you mod...

    Regulations provide businesses with cover when sorting goes wrong. The argument goes "we did exactly what the rules required so we can't be liable for what happened;" and thus making an argument for mitigating the cost (to them) of the damages.

    In addition, regulations add to the cost of doing business, helping shield companies from too many competitors by raising the barriers to entry.

    The only "bad" regulation is one that makes it hard for a company to make more profits or opens them up to additional liability.

  • by ElVee ( 208723 ) <[elvee61] [at] [gmail.com]> on Tuesday February 07, 2012 @01:32PM (#38957217)

    I'm in one of these "critical" industries that will be most likely be included under the benevolent government security umbrella provided by this bill. I've gotten pretty good at predicting how our loving, caring government is likely to respond to this type of challenge, to wit:

    After a competitive bid involving only Cisco, Oracle and Microsoft, they will likely hire Cisco, Oracle and Microsoft to tell them what's needed. Unsurprisingly, the solution will include the requirement to purchase lots of expensive products from Cisco, Oracle and Microsoft.

    This new regulatory function will obviously need oversight by the government. The government will expand (bloat?) the bureacracy by hiring an excessivly large number of underqualified, overpaid people to monitor compliance with their byzantine rules, which will constantly change to suit their whims. There will be minor incidents, which will be blamed on laziness and non-compliance by the industry. More regulations will be drafted, new equipment will be purchased and the bureacracy will expand even further.

    At that point, we commence the never-ending circle of more regulation, more money paid to a select group of "certified" vendors and the unceasing growth of the bureacracy.

  • by ThatsNotPudding ( 1045640 ) on Tuesday February 07, 2012 @01:34PM (#38957257)
    that criminalizes assigning lame-ass, lying acronyms to bills.

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...