Group items tagged

The House of Representatives go for the second round of Cyber Intelligence Sharing and Protection Act as it passed legislation on Thursday. The newly granted powers are intended to stop computer security threats against a company's rights and property. But the definitions are broad and vague. The terms allow purposes such as guarding against "improper" information modification and ensuring "timely" access to information, functions that are not necessarily tied to attacks. Once handed over, the government is able to use this information for investigating crimes that are unrelated to the underlying security threat and, more broadly, for "national security" purposes, which is a poorly defined term that includes "threats to the United States, its people, property, or interests" and "any other matter bearing on United States national or homeland security." The bill's vague definitions like "cybersecurity purpose" and "cybersecurity system" also raise the frightening possibility of a company using aggressive countermeasures. If a company wants to combat a threat, it is empowered to use "cybersecurity systems" to identify and obtain "cyber threat information." But the bill does not define exactly how far a company can go, leaving it open to the possibility of abuse. The bill drew support from House Democrats, passing on a bipartisan vote of 288-127, although the White House repeated its veto threat on Tuesday if further civil liberties protections are not added. Some lawmakers and privacy activists worry that the legislation would allow the government to monitor citizens' private information and companies to misuse it. U.S. authorities have recently elevated the exposure to Internet hacks and theft of digital data to the list of top threats to national security and the economy. Though thousands of companies have long been losing data to hackers in China and elsewhere, the number of parties publicly admitting such loss has been

http://hassassociates-online.com/articles/2013/04/23/house-passes-cybersecurity-bill-as-privacy-concerns-linger/ The House of Representatives go for the second round of Cyber Intelligence Sharing and Protection Act as it passed legislation on Thursday. The newly granted powers are intended to stop computer security threats against a company's rights and property. But the definitions are broad and vague. The terms allow purposes such as guarding against "improper" information modification and ensuring "timely" access to information, functions that are not necessarily tied to attacks. Once handed over, the government is able to use this information for investigating crimes that are unrelated to the underlying security threat and, more broadly, for "national security" purposes, which is a poorly defined term that includes "threats to the United States, its people, property, or interests" and "any other matter bearing on United States national or homeland security." The bill's vague definitions like "cybersecurity purpose" and "cybersecurity system" also raise the frightening possibility of a company using aggressive countermeasures. If a company wants to combat a threat, it is empowered to use "cybersecurity systems" to identify and obtain "cyber threat information." But the bill does not define exactly how far a company can go, leaving it open to the possibility of abuse. The bill drew support from House Democrats, passing on a bipartisan vote of 288-127, although the White House repeated its veto threat on Tuesday if further civil liberties protections are not added. Some lawmakers and privacy activists worry that the legislation would allow the government to monitor citizens' private information and companies to misuse it. U.S. authorities have recently elevated the exposure to Internet hacks and theft of digital data to the list of top threats to national security and the economy. Though thousands of companies have

In late 2011 and early 2012, activists, progressive politicians and Internet companies led in part by Internet freedom advocate Aaron Swartz came together to defeat the Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA). Advertised as measures against copyright infringement, the bills would have opened any website that contained copyrighted material it was not authorized to publish on any of its pages to a forced shutdown. A site that unknowingly held a copyrighted image in a comment section, for instance, would have been eligible as a violator. Virtually everyone was susceptible to closure. The Cyber Intelligence Sharing and Protection Act (CISPA) followed SOPA and PIPA in April 2012. CISPA was worse than its predecessors, proposing that private companies be allowed to share user information, a provision that would have violated many privacy protections of the Internet. Recognizing this, Swartz fought again. "It sort of lets the government run roughshod over privacy protections and share personal data about you," he said of the bill at the time. Again, he prevailed. Now, a year and a half after Swartz killed himself, there is the Cybersecurity Information Sharing Act. CISA is a lot like CISPA, but could end up being even worse. Privacy and civil rights groups including the ACLU and the Electronic Frontier Foundation are standing up to fight it. In an article about the bill, the ACLU's Sandra Fulton wrote: CISA "poses serious threats to our privacy, gives the government extraordinary powers to silence potential whistleblowers, and exempts these dangerous new powers from transparency laws."

We all live in public, at least as far as the US National Security Agency is concerned. As Internet users and global citizens become more aware of surveillance activities that the US and other countries are doing on the World Wide Web, there are those who seek to ensure that privacy and personal freedoms aren't trampled upon. Tor technology aims to help appease privacy advocates and offer a way in which the Internet can be enjoyed without the prying eyes of surveillance programs or other tracking software. This free piece of software has certainly become mainstream in light of recent events, but what is Tor and why does it matter to you, your family, neighbors, co-workers, and the rest of the Internet? Peeling back the onion layers It might surprise you that the Tor Project, originally an acronym for The Onion Router Project, was initially funded by the US Naval Research Laboratory and helped launch the development of onion routing (anonymous communication over a computer network) on behalf of DARPA. It had also received the backing from the Electronic Frontier Foundation. When users installed Tor software onto their computers, it would conceal their identity and network activity from anyone spying on their behavior. This was accomplished by separating the identification and routing information. The data is transmitted through multiple computers via a network of relays run by like-minded volunteers - almost like how users installed SETI software to look for extraterrestrial beings. Tor isn't the only service that helps you hide in the shadows away from the prying eyes of the federal government, or any other person who would do it for malicious purposes. However, some say that it's better because it works at the Transmission Control Protocol stream level. Full post: http://thenextweb.com/insider/2013/10/08/what-is-tor-and-why-does-it-matter/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+TheNextWeb+(The+Next+Web+All+Stories)

Book a flight online, perform an internet banking transaction or make an appointment with your doctor and, in the not-too-distant future, the 'Internet of Services' (IoS) will come into play. A paradigm shift in the way ICT systems and applications are designed, implemented, deployed and consumed, IoS promises many opportunities but also throws up big challenges - not least ensuring security and privacy, issues currently being tackled by EU-funded researchers. IoS is a vision of the future internet in which information, data and software applications - and the tools to develop them - are always accessible, whether locally stored on your own device, in the cloud, or arriving in real time from sensors. Whereas traditional software applications are designed largely to be used in isolation, IoS brings down the barriers, thereby lowering costs and stimulating innovation. Building on the success of cloud computing, IoS applications are built by composing services that are distributed over the network and aggregated and consumed at run-time in a demand-driven, flexible way. This new approach to software will make the development of applications and services easier - so that new and innovative services, not possible today, can be offered. It is likely to make a huge contribution to the EU's strategy to make Europe's software sector more competitive. You might want to read: http://hassbiggerprice.wordpress.com/tag/hass-associates-online-cyber-review-scam-du-jour-theyre-creative/ IoS services can be designed and implemented by producers, deployed by providers, aggregated by intermediaries and used by consumers. Anybody who wants to develop applications can use the resources in the Internet of Services to develop them, with little upfront investment and the possibility to build upon other people's efforts. In many ways IoS solves the challenges of interoperability and inefficiency that can plague traditional software systems, but it can also create new vulnerabilities. Ho