Dailydave mailing list archives
CISPA == MAPP
From: Dave Aitel <dave () immunityinc com>
Date: Tue, 17 Apr 2012 13:34:50 -0400
So votes are coming up for CISPA <http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act> and I think it's a good time to look into the state of the "Cyber Politico Arena". In other words, Lieberman had a bill that actually SOLVED A PROBLEM. It was focused on critical infrastructure protection, gave DHS the ball, and told everyone to help them run with it. That said, it was one of those "immensely expensive" things, and people don't really have much faith in DHS to carry technical balls around, so it failed completely. Probably also worth mentioning that the Republicans are going to vote on an administration bill only at gunpoint this year. McCain in particular took a bee in his bonnet about how it didn't give the NSA enough power. Now we're left with CISPA, which is essentially Microsoft MAPP <http://www.microsoft.com/security/msrc/collaboration/mapp.aspx> for the US Government. That's it. It's pretty simple, and the reason Symantec dropped their Huawei partnership <http://www.nytimes.com/2012/03/27/technology/symantec-dissolves-alliance-with-huawei-of-china.html>. There are some interesting clauses in it relating to the government being able to give US Companies information about ongoing attacks even disregarding clearance requirements it seems. But overall, it's "DNI <http://twitter.com/#%21/daveaitel/statuses/165260367323336704> - please go set up MAPP for us!" and that's it. It goes both directions of course - the US Government will also be able to take in information, and this probably includes information about US Citizens and network traffic. It gets trickier here to figure out what will and won't be allowed, but the general theme is "The Chinese and Russians are owning every company - and we have information that can help, so let's coordinate on that." But they're selling it terribly. It's not SOPA. ACTA <http://en.wikipedia.org/wiki/Anti-Counterfeiting_Trade_Agreement> is much more like SOPA - and it's interesting that Hilary Rosen <http://www.washingtonpost.com/blogs/the-fix/post/who-is-hilary-rosen/2012/04/12/gIQA2zFHDT_blog.html> (who was the RIAA CEO when they were suing kids and trying to shut down Napster) is in the news for controversy as a democratic strategist, but it's not controversial how close the Obama administration is to the RIAA and MPAA. There's an opening here team Romney if they decide to go for "digital rights" among the demographic that shares files (aka, everyone under 30). -dave -- INFILTRATE - the world's best offensive information security conference. April 2013 in Miami Beach www.infiltratecon.com
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- CISPA == MAPP Dave Aitel (Apr 17)
- Re: CISPA == MAPP allison nixon (Apr 17)
- Re: CISPA == MAPP Richard Bejtlich (Apr 18)
- Re: CISPA == MAPP allison nixon (Apr 17)