Posts RSS
Subscribe via Email
Government-Wide Monitoring? ‘Bout Time.
Posted April 8th, 2008 by rybolov
Good, I’m glad we’re finally doing this.
For those of you watching the other initiatives, this does have something to do with the Trusted Internet Connections initiative–if you can choke traffic down into 50 “sets of tubes” to watch, then it’s easier to watch them.
Expect to see more over the next year, the pieces are starting to fall into place.
Similar Posts:
Posted in Technical, What Works | 
1 Comment »
April 27th, 2008 at 5:43 pm
Actually, this is *not* a good idea.
1. It does not require minimizing internet connections to get visibility. It is much easier to solve this with many sensors then with few connections.
2. Most of the agencies don’t know what to do with the data now, you’re going to aggregate this data and it gets better? Perhaps a few more incompetent contracts who can overpromise and then deliver seven year olds to send emergency warnings on snort alers.
3. Some agencies (DOE, NASA, NIH) have bandwidth and collaboration demands that make the idea laughable.
4. Five letters: US-CERT. You think they know what to do with this traffic? They are nice enough, but no way are they competent enough to do anything useful with it. Ditto DHS. NSA is competent enough, but they don’t want to be anywhere near this project (because they are smart).
5. All these resources could be used to improve security and agency responsibility for it – instead, OMB is diverting energy away from security towards radical centralization with limited theoretical usefulness, and no proven usefulness whatsoever.
6. 50 interconnects = Denial of Service against whole Federal Government becomes totally plausible. Perhaps I can get the list via FOIA. Oh wait, all I have to do is do a traceroute.
7. This is equivalent to having cross-agency visibility into citizen web surfing across the entire .gov space and possibly beyond. You think anyone is going to think that’s ok?
Worst. Idea. Ever.