<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
So votes are coming up for <a
href="http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act">CISPA</a>
and I think it's a good time to look into the state of the "Cyber
Politico Arena". In other words, Lieberman had a bill that actually
SOLVED A PROBLEM. It was focused on critical infrastructure
protection, gave DHS the ball, and told everyone to help them run
with it.<br>
<br>
That said, it was one of those "immensely expensive" things, and
people don't really have much faith in DHS to carry technical balls
around, so it failed completely. Probably also worth mentioning that
the Republicans are going to vote on an administration bill only at
gunpoint this year. McCain in particular took a bee in his bonnet
about how it didn't give the NSA enough power. <br>
<br>
Now we're left with CISPA, which is essentially <a
href="http://www.microsoft.com/security/msrc/collaboration/mapp.aspx">Microsoft
MAPP</a> for the US Government. That's it. It's pretty simple, and
the reason Symantec <a
href="http://www.nytimes.com/2012/03/27/technology/symantec-dissolves-alliance-with-huawei-of-china.html">dropped
their Huawei partnership</a>. There are some interesting clauses
in it relating to the government being able to give US Companies
information about ongoing attacks even disregarding clearance
requirements it seems. But overall, it's "<a
href="http://twitter.com/#%21/daveaitel/statuses/165260367323336704">DNI</a>
- please go set up MAPP for us!" and that's it. <br>
<br>
It goes both directions of course - the US Government will also be
able to take in information, and this probably includes information
about US Citizens and network traffic. It gets trickier here to
figure out what will and won't be allowed, but the general theme is
"The Chinese and Russians are owning every company - and we have
information that can help, so let's coordinate on that."<br>
<br>
But they're selling it terribly. It's not SOPA. <a
href="http://en.wikipedia.org/wiki/Anti-Counterfeiting_Trade_Agreement">ACTA</a>
is much more like SOPA - and it's interesting that <a
href="http://www.washingtonpost.com/blogs/the-fix/post/who-is-hilary-rosen/2012/04/12/gIQA2zFHDT_blog.html">Hilary
Rosen</a> (who was the RIAA CEO when they were suing kids and
trying to shut down Napster) is in the news for controversy as a
democratic strategist, but it's not controversial how close the
Obama administration is to the RIAA and MPAA. There's an opening
here team Romney if they decide to go for "digital rights" among the
demographic that shares files (aka, everyone under 30). <br>
<br>
-dave<br>
<br>
<br>
<br>
<br>
<pre class="moz-signature" cols="72">--
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
<a class="moz-txt-link-abbreviated" href="http://www.infiltratecon.com">www.infiltratecon.com</a>
</pre>
</body>
</html>