posted April 23, 2013 12:34 PM            

------------------
Passion, Lust, Desire. Check out my journal

posted April 23, 2013 05:24 PM            

But what is CISPA and why is it creating such a ruckus? Why is it being compared to SOPA and PIPA? Let's break it down.

What is CISPA? CISPA stands for Cyber Intelligence Sharing and Protection Act (CISPA).

What does it do? CISPA would allow for voluntary information sharing between private companies and the government in the event of a cyber attack. If the government detects a cyber attack that might take down Facebook or Google, for example, they could notify those companies. At the same time, Facebook or Google could inform the feds if they notice unusual activity on their networks that might suggest a cyber attack.

Sounds OK. What's the problem? Backers argue that CISPA is necessary to protect the U.S. against cyber attacks from countries like China and Iran. But opponents said that it would allow companies to easily hand over users' private information to the government thanks to a liability clause. This, according to the Electronic Frontier Foundation, "essentially means CISPA would override the relevant provisions in all other laws—including privacy laws."

Is that true? The bill's sponsors, Reps. Mike Rogers and Dutch Ruppersberger, say no. But amidst backlash over the vague wording in the bill, the congressmen introduced an amendment that would require the government to anonymize any data it turns over to a private company.

Did that do the trick? Not exactly. The White House has threatened to veto CISPA, in part because it does not require private companies to do the same and anonymize the data they hand over to the government. That would impose an onerous burden on private companies and perhaps deter them from participating in this voluntary program, backers claim.

What type of personal information are we talking about? According to the EFF, "CISPA is written broadly enough to permit your communications service providers to share your emails and text messages with the government, or your cloud storage company could share your stored files." Bill sponsors, however, argued that CISPA is needed to keep that data safe, pointing to foreign hackers who have hit U.S. companies in an effort to steal information. The ability to share data about incoming cyber attacks as quick as possible could thwart the improper use of that data, they said.

What's the difference between CISPA and SOPA/PIPA? SOPA and PIPA targeted websites that trafficked in counterfeit goods, from fake purses to software. The bills would have allowed for copyright owners to file a complaint against offending websites and have them pulled from the Web. SOPA/PIPA were aimed at "rogue" overseas sites, but it prompted concern that legitimate websites here in the U.S. would be taken offline. Major firms like Google and Facebook expressed concern with the bills, which were ultimately tabled after a Jan. 2012 Internet blackout day.

Is the same thing happening with today's CISPA blackout? The idea is the same, but the support is a bit more tepid. The list of sites going dark in protest of CISPA is not exactly a who's who of major tech firms. When CISPA was first introduced, Facebook actually voiced its support, though it backed off a bit this year.

What changed? With SOPA and PIPA, tech firms were concerned about having their websites taken offline for no reason, which would have cost them millions of dollars. So there was a big incentive to see it defeated. CISPA, however, goes after cyber attacks - which also cost those firms money. If there's a way to get a heads up about a cyber attack, these companies are probably going to take it. The backlash against CISPA from the privacy/consumer groups means the support for CISPA is somewhat muted, but there are some big names on the bill's list of supporters, including AT&T, Comcast, HP, IBM, Intel, Time Warner Cable, and Verizon.

Didn't we hear about CISPA last year, too? Yes, the House passed CISPA in April 2012. But it never made it through the Senate, and the White House threatened a veto back then, too, so it died.

So why take it up again? The bill sponsors claim that with the increased number of attacks from countries like China, the ability to stop them before they happen is imperative. Rogers and Ruppersberger admitted that as originally crafted, CISPA would likely not pass the Senate or get President Obama's signature. So they have introduced a number of amendments - in committee and on the House floor last week - to calm some of those fears.

What type of amendments? More than a dozen proposals were approved, but among the highlights: companies can only use information they receive for cyber-security purposes, not to help their business; the feds can't hold on to shared data and use it for "national security purposes"; clarification that CISPA does not authorize hacking; and a rule that incoming cyber data will be handled by the Homeland Security Department and the Justice Department.

What's next? CISPA now moves to the Senate, where senators can consider the bill as crafted, or write their own cyber-security legislation. If the Senate passes a bill and it differs at all from the House version, the two sides must hash it out together "in conference." But the White House also needs to be on board.

So there you go; a quick primer on CISPA. If you have any other questions, let us know in the comments.

posted April 23, 2013 05:53 PM            

------------------
Passion, Lust, Desire. Check out my journal

posted April 24, 2013 11:22 AM            

We are in the last moments of a great legal battle, a battle civil libertarians, it seems at present, will lose. The Cyber Intelligence Sharing and Protection Act (CISPA) has just passed the house and will enable the Federal government unprecedented authority in accessing information without any warrants.

If Obama reneges on his vow to veto the bill, we will be living in a virtualpanopticon where everything online will be scrutinized and where the government has, as the panopticon’s conceptual architect Jeremy Bentham describes, “a new mode of obtaining power of mind over mind, in a quantity hitherto without example.” This post, however, is not going to solicit political activism (see my previous blog post); instead, I will make the case that we can render CISPA an empty fantasy even if it passes.

The hard reality is, as Patri Friedman points out, that “folk activism broadly corrupts political movements. It leads activists to do too much talking, debating, and proselytizing, and not enough real-world action. We build coalitions of voters to attempt to influence or replace tribal political and intellectual leaders rather than changing system-wide incentives.” If CISPA passes, libertarians should retreat from our failed attempt to garner a coalition of voters to protect anonymity and legal privacy on the Internet and instead actually begin protecting our information and ability to communicate.

The integrity of social communication is being threatened by the unwanted eavesdropping of government, cataloging each of our conversations on Facebook, Gmail, Twitter, etc. under cataloged identities. In Identity Crisis: How Identification Is Overused and Misunderstood, published by CATO, Jim Harper explains “the connections or relationships that are created by identification can hinder the exercise of civil rights like free-speech. Anonymity is a core tool of free peoples.” There is a strong tradition of anonymous discourse in US history (Secret Fraternities, Cato’s letters, The Federalist Papers, The Anti-Federalist Papers, The Kentucky and Virginia Resolutions) that is being threatened. However, secure communication can only take place with sophisticated and secure identification architecture, historically reserved for kings with intricate ringed signets that were pressed on wax, clay, and paper seals. However, in the digital age, we now have public-key cryptography where the “private key in public key encryption… is functionally similar to a signet ring,” and elevates anyone who uses public key cryptography to an equal footing with the monarchs of old (Harper).

David Friedman explains, “[a] major theme in discussions of the influence of technology on society has been the computer as a threat to privacy. It now appears that the truth is precisely opposite. Three technologies associated with computers, public key encryption, networking, and virtual reality, are in the process of giving us a level of privacy never known before,” and all these tools are free for download online and are so sophisticated that the “FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.” There is not means more practically available to render warrantless seizures of information useless than cryptography.

Here is a list of the legal, free, open-source cryptographic tools that I currently use, none of which require extensive knowledge of either computers or cryptography:

Tor Browser – Anonymized Internet browswer
TrueCrypt – Encryption technology for files and hard drives
Bitcoin – Encrypted, distributed accounting protocol and currency
RetroShare – Encrypted, distributed social network
Crytpocat – Encrypted chat application
Jabber/XMPP – Instant messaging protocol that can be encrypted and off-the-air
MEGA – Encrypted cloud storage

I am not here to discourage folk activism or unencrypted communication, because I engage in both as well; however, actually using cryptography is more effective in securing your privacy and anonymity online than changing your Facebook profile picture to raise awareness of CISPA (even though that’s probably still a good idea). By sharing these technologies on campus we can bypass the political process and immediately achieve the full reality of free speech online and preemptively sidestep the looming panopticon.

The only way to deal with an unfree world is to become so absolutely free that your very existence is an act of rebellion.

– Albert Camus

via intellihub.com

Delivered by The Daily Sheeple

posted April 24, 2013 11:48 AM            

I seriously doubt, especially since a friend who has worked for internet security companies has confirmed my suspicions,that you csn keep the gov out of your affairs even eith encryption...

posted April 24, 2013 11:56 AM            

------------------
Passion, Lust, Desire. Check out my journal

posted April 24, 2013 05:18 PM            

quote:

---

Originally posted by katatonic:
But they are already spying on us anyway, doesn't ghe patriot act cover them for that?

I seriously doubt, especially since a friend who has worked for internet security companies has confirmed my suspicions,that you csn keep the gov out of your affairs even eith encryption...

But i don't know for sure...

---

Good luck, I've worked several years in government IT as an intern for different departments.

If the Department of Defense and Canada's equivalent Department Of National Defense are both incapable of defending there own networks from Chinese hackers that says enough.

There is a serious lack of IT talent in the government. Most of the young students are the ones keeping the government staff up to date with things.

Anonymous and young talent will always be one step ahead. If I was finished school I wouldn't want to be there.

I doubt they will be able to enforce it fully, they may make a law but enforcement is a different story. They will most likely rely on your service provider for almost everything.