CISPA: Congress wants to create unlimited Internet spying powers - KILL THIS BILL! KILL IT WITH FIRE!


17 Responses to “CISPA: Congress wants to create unlimited Internet spying powers - KILL THIS BILL! KILL IT WITH FIRE!”

  1. anon0mouse says:

    This is your elected (and re-elected and re-elected) government. [sigh]

  2. Silver Fang says:

    One term and out! Get some fresh blood in.

  3. austinhamman says:

    “the Obama White House has taken an uncharacteristically progressive stance on privacy this time around, and has threatened to veto the bill.”
    obama has threatened to veto bills before, and then when push comes to shove he backs down and signs it into a bill. this got me wondering: has obama ever vetoed a bill.
    thus far he has vetoed: 2 bills. he has vetoed far fewer bills than bush who was regularly lambasted for not vetoing bills.
    obama will sign this if it gets to him, guarantee it. and if people go thinking it’s a done deal and dead in the water because the president said he would veto it it definitely WILL get to him

    • blissfulight says:

      Obama likes to chicken out.  He is nothing if not a moral coward, who telegraphs all the positions that he plans to abandon in advance, so why should his opponents even bother negotiating with him if they know he’ll cave?  

  4. tim schreier says:

    Obama has said he will veto

  5. Cowicide says:

    The scumbags at IBM have been lobbying really hard to push it through… let IBM know how much you like them doing this.


    Contact IBM:

    • Dennis Smith says:

      IBM, the company that made the WWII genocide adding machines for logging who had been gassed, burned or shot for Hitler?

  6. You can always count on one of the supporters of such insane bills to produce a ridiculous soundbite, providing meme fodder to the online efforts to defeat them.

  7. I wish someone who cared was in a position to ask these people why the internet in America should be more like it is in China, Iran or under the Assad regime’s on live TV. 

  8. mrgreenfur says:

    Why is this guy selling flags that have “been flown over the capital”? I don’t understand any of this.

    • Antinous / Moderator says:

      Why is this guy selling flags that have “been flown over the capital”?

      Because there’s no market for plenary indulgences anymore.

  9. greggman says:

    Copied from HN but this makes me feel like people are blowing stuff out of proportion here

    What did you think happened when law enforcement investigated serious computer crimes? If a financial institution has a key database popped and the Secret Service is called in to investigate, was it your expectation that the victim was required to carefully anonymize and blind all the data in that database? How could any criminal investigation work if that was the requirement? (Cliff’s Notes: That’s not the requirement).The bill as written, even before the narrowing amendments, acknowledges the risk this subthread discusses. It does that by trying to define “cyber threat information”, as information directly implicated in an attack. In the sponsor’s notes on the bill on the House site, they explain that the definition of “protected entity” was changed specifically to prevent individual people from being considered as entities, so that person-specific data couldn’t be handed over under CISPA authority.
    The basic problem the bill addresses is this: large companies are under continuous attack. Let’s stipulate that attacks come in two flavors: DDOS and targeted malware.
    In both cases, there is clear utility in allowing companies to collaborate with other companies and with the government.
    In the DDOS case, you want to share NetFlow information with your upstream ISPs and with DDOS trackers, because those are the organizations that generate black-hole and IP filtering rules, and they all work better if they have lots of different vantage points to work from. At the very least, you want to push sources back up to your immediate upstream providers so they can soak them up on their infrastructure rather than saturating your uplinks.
    In the malware case, you want to share forensic information that would help identify (a) the vulnerability the malware exploits, (b) the C&C system the malware is using, (c) any evidence of the source of the malware, and (d) forensic information that would help investigators discern the intent of the malware.
    In both cases, your company’s general counsel is apt to inform you that the legal risk of sharing just that information is potentially unbounded, because nobody can predict exactly what claims could be made under ECPA, SCA, DPPA, HIPAA, FERPA, &c; nobody even knows what traces of information, overt or statistical, might be lurking in NetFlow.
    So the situation we have today is that there is information sharing when attacks happen, but much of it is sub rosa, and you have to be in the right clubs to get access to the right sharing networks.
    It does not make intuitive sense to me that electronic privacy should mean that basic low-level systems information incident to a real attack should incur unbounded legal risk when shared with other companies directly involved in mitigating those attacks.You might disagree, and that’s fine. But the notion that CISPA is actually intended to allow NSA to read your email is just not supported by the language of the bill, by any advocacy for the bill, or by any of the bill’s amendments, and the problem the bill is addressing is a real problem (I have some limited professional exposure to it)”

Leave a Reply