US Plans Cyber Shield For Private Companies and Utilities 178
wiggles writes "The federal government is launching an expansive program dubbed 'Perfect Citizen' to detect cyber assaults on private companies and government agencies running such critical infrastructure as the electricity grid and nuclear-power plants, according to people familiar with the program. The surveillance by the National Security Agency, the government's chief eavesdropping agency, would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack, though it wouldn't persistently monitor the whole system, these people said. How do we feel about NSA spyware in all of our infrastructure?"
Spyware? Really? (Score:4, Informative)
When zealots can't distinguish between legitimate security and illegitimate spying, it hurts the credibility of civil liberties, not the NSA.
Re:Surveillance (Score:5, Informative)
I'm no tinfoilhatter (see my post history) and I can easily state that the government does and has been monitoring communications of citizens since before the PATRIOT Act.
Google any of the following:
Project Echelon
FBI Carnivore
FBI NarusInsight
This isn't fear mongering against the government. Those are actual programs/projects the government uses to watch those they want to watch. Actively, passively, whatever it is it doesn't change the fact that the government has the means and the will to watch those it finds worth watching.
Now, to think that the new system will watch international connections only is short sighted. All you have to do is argue that an "enemy" could bounce through an internal (to the US) proxy and the government would have wholesale reason to peek at _every_ connection, foreign or domestic.
Ahhh... (Score:4, Informative)
Also, they might have wanted to pick a less dr-strangeglove-sounding name. But maybe the NSA geeks have a sense of humour too?
Re:Concerns that don't involve tinfoil hats. (Score:3, Informative)
>>>there's the age old... "they put something called linux on it, and it looked like something a hacker might use" problem
Like that poor kid who was given detention. His crime? Demonstrating Linux on his personal laptop during study hall, and handing out free CDs of it to friends. The teacher assumed the kid was a pirate and punished him. She even went so far as to contact the guy who created the original CD, and scold him too! "I don't know why you are handing-out these CDs but I play to consult with lawyers and if necessary prosecute. We cannot allow you to corrupt our children." (Quoted from memory)
Fortunately a teacher has no real power, but imagine this story is the "teacher" was replaced with "NSA enforcement officer" knocking at your door and arresting you for illegal acts, such as handing out free copies of Ubuntu Linux OS. (And yes cops really are that fucking stupid. Go watch some vids on youtube.)
Re:Kiss Open Systems Goodbye (Score:4, Informative)
You do know they're talking about doing this to water, electric, utilities, gas and railroad infrastructure, right? "Critical infrastructure", such as traffic control centers, the power grids, gas grid and the like. You aren't critical infrastructure. WoW certainly as hell shouldn't be running on critical infrastructure. Traffic in those network SHOULD be watched and coordinated. The companies can either let the NSA do it or purchase the equipment and do it themselves.
Last I knew, those "proprietary systems" (example here [narus.com]) were Linux-based using libpcap but on screaming fast hardware. Proprietary analysis software is used to baseline traffic patterns and look for anomalies.
Re:Surveillance (Score:3, Informative)