NSA to Monitor Private-Sector Networks

Quel surprise!, as the French would say...

http://www.washingtonpost.com/wp-dyn/content/article/2009/07/02/AR2009070202771.html

http://www.inteldaily.com/news/172/ARTICLE/11207/2009-07-08.html

http://www.infopackets.com/news/government/2009/20090710_nsa_to_monitor_private_sector_networks.htm

>>
"We're looking for malicious content, not a love note to someone with a dot-gov e-mail address," a senior Bush administration official said. "What we're interested in is finding the code, the thing that will do the network harm, not reading the e-mail itself."
>>

Yeah, right...

>>
In keeping with the tradition of his predecessor, President Obama lied about protecting privacy rights and discontinuing Bush-era illegal spying programs and has given the NSA the go-ahead to implement massive surveillance of the Internet, using the Einstein program, something billed as a cyber-security intrusion detection system for federal computer systems and networks. Some say the intent of Einstein is to initially monitor the email and web surfing activities of federal employees, citizens and contractors, not protecting government computer systems from outside intrusions.
>>

 

The've alrrady got so much data, they don't have anywhere near enough competent people to analyise it ALL correctly etc. So more data centers etc are exactly what they need, err, NOT !

 

This whole thing is a red herring -- a cover story if you will. Let's recap what the government seems to be saying:

"Hey guys, we have had a bunch of our websites cracked so we are spending billions of dollars on a giant supercomputer running SNORT so that we can detect the "signatures" before they ever get on our networks. We promise all we are doing is looking for malicious packets."

This nonsense will fool a lot of non-technical people who don't know anything about computer security -- people like those in the media. The media loves to sensationalize all of these "cyber attack" stories that we have heard a lot about recently. Indeed we have seen attacks on various government websites in numerous countries. Scary, huh?

Well, what they don't tell you (because they are ignorant and/or don't care) is that attacks on websites are nothing more than a nuisance. Do you think our government stores military secrets on its whitehouse.gov web server? Does anyone here really think that the defacing of a *public* website is a threat to national security? Moreover, does anyone really think that these "threats" require us to spend billions of dollars on a TOP SECRET data center in Utah that uses 65MW of power?

If the government really wanted to beef up its cyber security it would start with some pretty simple measures. For one, it would take all critical systems off the public Internet. Two, it would build its own private (and encrypted) network for remote packet switching communications. Oh wait, they already have this. In fact, they have three of them: SIPRNet, NIPRNet, and JWICS.

So, one can only conclude that this has very little to do with cyber attacks (unless perhaps you want to count the U.S. planning its own cyber attacks, which no doubt will happen). Instead, any rational person can only conclude that it's about data mining. Period. That's what the NSA was created to do and it's why they are going to be running this operation.

This is why everyone should begin encrypting all possible Internet communications with 256 AES. It may not stop them forever, but at least we can run up their power bill in Utah.