"What this partnership will not do is start breaking boundaries that we have around privacy and personal data"
Would she care to name the protections that exist and the instances of them being upheld?
GCHQ, the UK's signal intelligence agency, may get an expanded role in preventing attacks against the networks of key private firms under new government plans. The Communications-Electronics Security Group (CESG) at the UK's Government Communications Headquarters (GCHQ) has historically only provided best practice guidance and …
Mr. Mori Arinori arrives in Belgravia at a quarter past four, driving a new-model Zephyr gurney leased from a commercial garage in Camden Town, just as Charles Egremont is departing for Parliament and a most important speech.
Egremont's body-guard, on assignment from the Central Statistics Bureau's Department of Criminal Anthropometry, a machine-carbine slung beneath his coat, watches as Mori descends from the Zephyr, a diminutive figure in evening-clothes.
Mori marches straight across the new-fallen snow, his boots leaving perfect prints upon the black macadam.
"For you, sir," Mori says and bows, handing Egremont the stout manila envelope. "Very good day to you, sir." Donning round goggles with an elasticated band, Mori returns to his Zephyr.
"What an extraordinary little personage," Egremont says, looking down at the envelope. "One hasn't seen a Chinaman, got up like that…"
Under the pretext of preventing hacking, an expanded national cyber-security hub at GCHQ would monitor network traffic from "major communications, power and transport providers". The real reason being to expand spying by the state security apparatus on their own population.
And of course no mention of the computing 'ecosystem' that isresponsible for the vast majority of security breeches. GCHQ would be better employed in designing 'computers' that don't get visues ...
There is an important distinction between malware somehow getting into the computer and executing, and malware being restarted on every session due to internal infection. Currently, most effort is directed at stopping malware from getting in, but malware does get in, and if it can infect, it can run in hundreds of future sessions. We need to stop the infection.
We need to prevent malware from modifying the operating system, boot data, and all other data which executes upon startup, including user apps. Currently, OS software tries to prevent this, and if that worked, we would have no problem, yet the problem persists. What we need is improved hardware to protect the boot process and data from being changed by malware.
Various schemes are possible, but in security, simple is king. The example that everybody loves to hate is the Linux LiveCD, but it is at least an existing, generally practical example of a system which is difficult or impossible to infect. Since over 99 percent of current malware is designed for Microsoft Windows, just using Linux is a big help, but that does not prevent infections from Linux malware (which does exist). It is the CD which protects against infection, but practical use does require updates.
As far as I know, of all the LiveCD distributions, only Puppy Linux supports updates by allowing the user to save new and changed files back to a multisession boot DVD as another session. I manually update immediately after booting, once every couple of weeks or so, on a DVD+RW. Various versions of the same file may exist on the DVD, but only the latest is loaded into RAM during booting. The system runs completely in RAM, and the DVD can be removed after boot.
A lot of things are not ideal about using a LiveCD. However, it is an actual practical example of serious malware protection (supporting browsing in Firefox with security add-ons), and the improvement over current systems is in the system hardware, not the usual add-on software or patches. Once we realize the harm our current hardware design has caused and look into fixes, a wide range of alternatives exist. Yet how many of us realize that our equipment needs to change?
In the US, I would ask for the FCC to type-accept all computation equipment, including routers and smart phones, and require it to be "difficult or impossible" to infect. Manufacturers should be required to provide tools to certify any particular installation of their system as uninfected, and thus ready for online commerce. A formal, Windows-like LiveCD from Microsoft would greatly assist online banking (even if an external DVD writer would be needed), but soon we will have to deal with those smartphones.
For more, find my page, articles and comments using: "Terry Ritter" malware
The Peoples Liberation Army who are asking, oh wait they already are. So it's fine for them to do it, but not GCHQ.
Think about this people, do you really think that if GCHQ want to listen to you they can't already, but do you know, I think they probably have better things to do with their time.
GCHQ is supposed to be catching all those imaginary spies and terrorists and it is failing at that.
Where and how is it going to get the manpower or equipment to do this in these days of cutbacks?
Cut the pensioners again?
"...as well as the Stuxnet worm.."
Didn't this Stuxnet thing come from state sponsored groups infiltrating organisations and planting stuff in them; oh hold on, NOW I'm getting it...
If government really thought that private organisations can't be trusted to sort themselves out, they should run it all as nationalised infrastructure.
"Didn't this Stuxnet thing come from state sponsored groups infiltrating organisations and planting stuff in them; oh hold on, NOW I'm getting it..." .... BristolBachelor Posted Tuesday 8th March 2011 13:58 GMT
Err, yes, well, you could say that, although in another parallel universe ...... http://cryptogon.com/?p=20897
Didn't we have a lot of that in the '80s before it was all flogged off?
What exactly is the reality of the threat? I mean, is it viable to panic over the risk of threats to the electrical network? If so, the question is not to spy on everybody "for signs of hacking", but rather to devise a way of the electric network to be fault tolerant, along with enhanced systems in order to mean that one compromised machine isn't automatically authorised to do whatever it wants within the system.
GCHQ is a government body paid for by UK tax payers
Using GCHQ staff to protect big UK companies, is effectively tax subsidies to UK big business (oh dear >BUZZ< violated EU and WTO regs)
If only certain big companies can get this protection, then this putting the other UK and EU businesses at a competative disadvantage (oh dear >BUZZ< violated EU regs)
For further details tax subsidies and WTO, look up the usual Boeing Airbus mud slinging contests.
please can we have one government a century that doesn't try to operate by press release, and does actually come up with thought through coherent and legal plans and legislation.
"Government fears, in the UK and elsewhere, centre on concerns that hostile powers might cripple communication or banking systems or disrupt the delivery of utilities."
Oh please, what utter poppycock and juvenile balderdash is that? They surely cannot be serious whenever quite sublime and remote anonymous takeover of all such systems is so very much quietly facilitated by the Great Game and Really SMART Players.
Of course, what GCHQ will never need to deny, for they are duty bound as defenders of the realm and therefore oft obliged to suggest is perfectly true, is that they have Really SMART Players on Great Game Teams, which is ......... well, an Astute Active Application for Stealthy Programming Protocols into Controlling and Countering Rogue Power Bases .... and Freelancing Chancers.
And whether 'tis a Falsehood would be Need to Know, which is a paradigm shift in the theory of needs that require information classification feeds ...... from knowing what is true, and presumably then real, to knowing what is false, and therefore really virtual ...... in every world?
"The UK plans are comparable to critical national infrastructure "Perfect Citizen" project conceived by the National Security Agency (NSA), GCHQ’s US counterpart, last year and opposed by critics as a move that would give the signals intelligence agency the ability to spy on private communications. The NSA firmly denied any such intention."
You can be perfectly sure though that any such intention was not denied, for it cannot be so denied, a distinct available possibility, and therefore in every likelihood, a guaranteed probability for the temptations and rewards in knowing and/or in thinking that you know of everything that is going on and therefore, with phorming analysis, what is likely to happen in the future, is just too rich a prize to use and abuse and leave to/with/for others.
"BT, in particular, is likely to oppose any expanded role for GCHQ in the private sector." ..... Well, of course they will, as they have had first sniff at the cherry since the beginning because do they not supply the lines of communication to practically everyone, through myriad third parties and internetworking service providers.
However, once you have access to all current information,for viewing and clever analytical extrapolation of future rogue intent, and let us assume that there is presently an authority or agency or application which does have that facility/utility, then are they wholly responsible for any future chaotic and destructive disorder because of their inability to act on the information which they are hosting.
All in all, that is very much the exact same tale as did for Uncle Sam with 9/11, for was not the situation the same then too, and with no one SMART enough to connect all the dots and create a different picture, did the present chaos unfold and prosper.
So whose connecting all the dots to create Better Beta Future Big Picture Promotions? Anyone SMARTer Enabled with greater situational awareness?
Under the cutting of public services, sorry - big society - shouldn't we ruin GCHQ instead of the other way around?
If neighbourhood watch in Reading were given the feeds from all the electronic inteligence gathering then they could have predicted the democracy movements in N. Africa, the Iraqi WMD and the fall of the Berlin wall in the same way as GCHQ but cheaper
My work network uses MS Forefront Threat Management Gateway which does man in the middle on the fly ssl decryption by installing a company certificate on your PC. All SSL is blocked unless it goes through the gateway. It's there as viruses and threats often use SSL, so easy to justify on a corporate network, and seeing as most people use personal email at work, all that lovely data can be slurped up if required. If you're using IE you wouldn't even be aware it was happening.
This is difficult for GCHQ to do on the ISP to home network, but on a corporate network, all your secure personal email are belong to them.
"They were "Mastering the internet" .... How much more "expanded" a role can you get?" ...... John Smith 19 Posted Tuesday 8th March 2011 18:38 GMT
Err yes, well, that just get you started and only so far, John Smith 19 .... whereas alien proposals would allow them to Master Pilot IT with it, and that is a much more expansive and HyperRadioProActive role, for such as those SMARTer Players and Legionnaires mentioned earlier [Tuesday 8th March 2011 14:37 GMT]
It is certainly such like that they face, and would need to match and/or better, for any sort of effective leadership with control of power in the operational field and virtual domains. Until then will they always be struggling and playing catch-up, effectively light years behind the curve.
all your network are belong to us. Can we have access to your internal process for defending against attack too so that we can align our process with yours to be able to draw up best practice solution against the cyber attacks that originate from our enemies like "China"?.
This ^ will soon happen.
Last time I read, the backdoor left in Google's network was used by attackers to penetrate their network. I may be wrong here but isn't more backdoors there already?
Biting the hand that feeds IT © 1998–2021