A break from the norm

| | Comments (5)

While this isn't a post directly related to my latest random technological fiddlings, I still feel it's important to raise here.

A bill is making it's way through the United States Senate spear-headed by West Virginia Democratic Sen. John Rockefeller, the head of the Senate Committee on Commerce, Science, and Transportation, and Sen. Olympia Snowe, a Republican. This piece of legislation would, in effect, give the president the authority to shut down any network in the U.S. they so chose. The bill dresses all this in a nice suit of "Oh wait, only for national security reasons".

What's scary is that what exactly constitutes a national security concern has always been somewhat ill-defined. During the 1960s, any organization that spoke against the government could be monitored under exactly that same justification. During the McCarthy era, countless individuals, organizations, and businesses were monitored and sometime hauled in front of congress to answer questions about their political beliefs, often at the expense of common sense and decency.

The idea that these individuals might have communist leanings was all the justification that was needed to declare them a potential threat to national security and all by kill them.

As more and more bits of information (well, there's Rush Limbaugh, too) are being placed at the fingertips of the world, this becomes a more sweeping proposal with each passing second. The internet has grown and evolved in a way no one could possibly have predicted and simply switching it off would be chopping off the national arm.

The bill doesn't simply stop at essentially switching off the U.S. edge devices though. It would give the president the ability to also power down private networks and dictate how those systems are configured. As is well and widely known, the open source movement is a critical part of the internet, from a security standpoint as well as from one of it's overall development. I for one, am none too keen on the idea of a body of officials (one of whom famously once described the internet as 'a series of tubes') dictating to me how I can and can't configure the router sitting on the floor of my room.

One of the bill's provisions is to create a licensing requirement for people who want to work in computer security. There are driver's licenses, and I still got rear-ended by someone who didn't know (by her own admission) that she didn't know that wet surfaces increased breaking distance. Creating a certification could be a beneficial bullet on anyone's resume, but having a mandatory license will have the same effect that teaching anything else seems to; directing people to one way of thinking and academically punishing you for not learning something precisely the way it's taught.

The danger also lies in that a license is bound to make people think they know what they're talking about. We all know that there are plenty of idiots out there with college degrees, and I seriously doubt that the Senators have a four-year study program in mind; best-case scenario, it turns out exactly the same type of people.

Imagine the security products vendors could sell with "U.S. Government Approved!" stickers on the box. Creating a mandatory license will only serve to give credence to the voice of people just studious enough to pass it and in the eyes of those who recognize that, diminish the value of the license of the people who are competent.

One of the most effective ways to learn something is to be burned by NOT knowing it at a key moment, and that's how a lot of people know a lot of things. As some of you may know, I spent about eight years in the United States Marine Corps (and no, I don't feel that makes me inherently a bad-ass); there's a apropos expression: "No combat-ready unit has ever passed inspection and no inspection-ready unit has ever passed combat". There is no way that training can compensate for experience.

After graduating from an intensive Arabic language program, I rapidly found out that what I knew was perfect for a laboratory situation, but completely unsuited for something as simple as a coffee shop.

The first thing to learn is how to learn what you need to forget.

The Rockefeller/Snowe bill, quite simply, must not be allowed to pass.


Do you have a reference to the bill (and/or to the analysis that says the bill gives the executive that power?)

I see two bills for the current session of congress that might be what you're referring to (S.773 and S.778, but the Library of Congress doesn't have the full text of either online yet).

http://edge.networkworld.com/graphics/2009/0402%20Rockefeller%20cybersecurity%20bill.pdf is the draft of the bill - despite the fact that it was introduced two days ago, it's sadly very real. As it is a draft it doesn't yet have a S.xxx number.

While it's good to pay attention, I don't think a draft that hasn't yet been assigned to committee is worth getting all excited about (other than to be watchful for the actual text when it appears).

It's bill 773.

You can find it on thomas.loc.gov.

Thanks for the heads up Phil.

Thanks for drawing this to our attention. Surely they would not worry about my web sites since they are a blog on ecology & green Real Estate and on Austin, TX real estate only.

PS- are we related? My family name is the same as yours- R√ĄTZSCH was the original German spelling of Raetzsch. There was an umlaut over the a.

About this Entry

This page contains a single entry by Philip Ratzsch published on April 2, 2009 6:49 PM.

I really hope /bin/mail did this... was the previous entry in this blog.

Nginx site loading functions is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.