TOKYO MASTER BANNER

MINISTRY OF TOKYO
US-ANGLO CAPITALISMEU-NATO IMPERIALISM
Illegitimate Transfer of Inalienable European Rights via Convention(s) & Supranational Bodies
Establishment of Sovereignty-Usurping Supranational Body Dictatorships
Enduring Program of DEMOGRAPHICS WAR on Europeans
Enduring Program of PSYCHOLOGICAL WAR on Europeans
Enduring Program of European Displacement, Dismemberment, Dispossession, & Dissolution
No wars or conditions abroad (& no domestic or global economic pretexts) justify government policy facilitating the invasion of ancestral European homelands, the rape of European women, the destruction of European societies, & the genocide of Europeans.
U.S. RULING OLIGARCHY WAGES HYBRID WAR TO SALVAGE HEGEMONY
[LINK | Article]

*U.S. OLIGARCHY WAGES HYBRID WAR* | U.S. Empire's Casino Unsustainable | Destabilised U.S. Monetary & Financial System | U.S. Defaults Twice A Year | Causes for Global Financial Crisis of 2008 Remain | Financial Pyramids Composed of Derivatives & National Debt Are Growing | *U.S. OLIGARCHY WAGES HYBRID WAR* | U.S. Empire's Casino Unsustainable | Destabilised U.S. Monetary & Financial System | U.S. Defaults Twice A Year | Causes for Global Financial Crisis of 2008 Remain | Financial Pyramids Composed of Derivatives & National Debt Are Growing | *U.S. OLIGARCHY WAGES HYBRID WAR*

Who's preaching world democracy, democracy, democracy? —Who wants to make free people free?
[info from Craig Murray video appearance, follows]  US-Anglo Alliance DELIBERATELY STOKING ANTI-RUSSIAN FEELING & RAMPING UP TENSION BETWEEN EASTERN EUROPE & RUSSIA.  British military/government feeding media PROPAGANDA.  Media choosing to PUBLISH government PROPAGANDA.  US naval aggression against Russia:  Baltic Sea — US naval aggression against China:  South China Sea.  Continued NATO pressure on Russia:  US missile systems moving into Eastern Europe.     [info from John Pilger interview follows]  War Hawk:  Hillary Clinton — embodiment of seamless aggressive American imperialist post-WWII system.  USA in frenzy of preparation for a conflict.  Greatest US-led build-up of forces since WWII gathered in Eastern Europe and in Baltic states.  US expansion & military preparation HAS NOT BEEN REPORTED IN THE WEST.  Since US paid for & controlled US coup, UKRAINE has become an American preserve and CIA Theme Park, on Russia's borderland, through which Germans invaded in the 1940s, costing 27 million Russian lives.  Imagine equivalent occurring on US borders in Canada or Mexico.  US military preparations against RUSSIA and against CHINA have NOT been reported by MEDIA.  US has sent guided missile ships to diputed zone in South China Sea.  DANGER OF US PRE-EMPTIVE NUCLEAR STRIKES.  China is on HIGH NUCLEAR ALERT.  US spy plane intercepted by Chinese fighter jets.  Public is primed to accept so-called 'aggressive' moves by China, when these are in fact defensive moves:  US 400 major bases encircling China; Okinawa has 32 American military installations; Japan has 130 American military bases in all.  WARNING PENTAGON MILITARY THINKING DOMINATES WASHINGTON. ⟴  
Showing posts with label Keith Alexander. Show all posts
Showing posts with label Keith Alexander. Show all posts

September 15, 2015

Latest CyberSec News & Related

Article
SOURCE
as indicated





Universal Music
abusing the DMCA
ie #Copyright Act
rightsholders MUST consider FAIR USE
prior take-down issues
http://boingboing.net/2015/09/14/eff-scores-a-giant-victory-for.html


#India IT security
1.2 billion in 2016
http://www.consultancy.uk/news/2591/indian-IT-security-market-reaches-12-billion-next-year

#Microsoft
signs landmark agreement with #NATO
re govt #cybersecurity
/ solidification relationship
http://www.neowin.net/news/microsoft-signs-agreement-with-nato-to-bolster-government-cybersecurity

Intel in #cybersecurity - auto-mobiles
auto security board set up:
Automotive Security Review Board (ASRB)
Intel Security (formerly McAfee)
published a whitepaper
re automotive security best practices
http://forexreportdaily.com/2015/09/14/6873-intel-in-cyber-security-driving-seat-sets-up-connected-auto-security-board/


NSA Recruiting / Scholarships
USA Colleges
vie to entice w. NSA cyber program
scholarship stipulation
= NSA job on degree
http://fedscoop.com/colleges-vie-to-entice-students-with-nsa-cyber-program


USA + China
meet re #cybersecurity - White House
Kerry, Rice + Homeland Sec. Jeh Johnson
> comm. competition blocks

USA whining that the following
 stop US competing on level playing field in China:
  • fines
  • opaque regulatory system
http://www.lidtime.com/u-s-chinese-officials-meet-on-cyber-security-issues-white-house-5652/

University of Texas at San Antonio
grant puts city on centre #cybersecurity stage
emerging cybersecurity + tech hub
/ expressnews (subscipt)


#cybersecurity #hacker
Millennial Gen / Gen Y
born post 1980
social media over-sharing / lax security
http://www.afr.com/technology/a-third-of-millennials-warned-by-employers-over-social-media-posts-norton-20150914-gjlw1h

Cybersecurity Bill  |  CISA   |  USA
Cybersecurity Information Sharing Act (CISA)
Light on Security
legal immunity for sharing cyber-intel with govt
PRIVACY implications
/ poised to pass

http://foreignpolicy.com/2015/09/14/a-cybersecurity-bill-light-on-security-heavy-on-corporate-

Jeb Bush
wants USA Internet gov.
against transfer of  ICANN oversight to multistakeholders

Following Presidential candidates also get a mention re cybersec:
  • Rubio - Marco Rubio
  • Fiorina - Carly Fiorina
http://fedscoop.com/jeb-bush-unveils-cybersecurity-plan


Clinton appears to be 
the CYBERSEC & MILLENNIAL candidate

#Clinton2016
'Best Choice' Cybercrime
Wakefield Research poll - 42%
over half millennials Dems better
http://www.inc.com/will-yakowicz/poll-hillary-clinton-most-qualified-presidential-candidate-for-cyberattack.html


Hackers hit the Kremlin  #Russia
target: election commission website
sounds like DDoS
http://thehill.com/policy/cybersecurity/253609-hackers-hit-the-kremlin


#cybersecurity #banking #cloud
x4 US banks
agreement w/ regulators
re 'guaranteed data deletion' issues

Symphony
= service created thru consortium
of 14 financial instutions
  1. Goldman Sachs
  2. Deutsche Bank
  3. Credit Suisse
  4. Bank of New York Mellon
= guaranteed data deletion
/ hinder regulators + prosecutors to investigate misconduct?
Does use of Symphony re communications
= regulators avoidance?
[ I'm not clear on that]

http://www.stockhouse.com/news/newswire/2015/09/14/four-us-banks-reach-agreement-with-regulators-on-guaranteed-data-deletion-issues

#Russia
Yuri Ushakov
fmr career diplomat
fmr deputy Foreign Minister
PhD:  history
2008 appointment Putin deputy chief staff
foreign-policy + international economics
[various sources - incl. Foreign Policy]

#cybersecurity
DECEPTION SOFTWARE 
/ HONEYPOT SOFTWARE

Deception to Catch #hacker
fake network component, server or database
to study their behaviour

DECEPTION cybersecurity aims:
1. ID intruders / share info
2. drains hacker resources until aware duped
3. study hackers
Deception
has long been part of the art of war
WWII, USA & British armies
set up fake camps
to dupe Germans
/ Penny Crosman {cybersec}

Honeypot software
= fake system
= sits on network
= exposes fake or real services to the attacker

new gen. honeypot software
= called 'deception software'
centrally managed, integrated w/ other security software

deception software
popular with:  financial services

x4 layers  (ie "deception stack"):
  1. network
  2. endpoint
  3. application
  4. data

each layer of x4 deception software
= has deception capabilities

deception layers:
eg. fake credentials in browser caches
of decoy workstations, phony files & data sets.

deception layers:
eg. endpoint set up to look like it runs eg Windows,
when is a Linux machine.

deception layers:
eg. fake OS = deceive malware into attacking
vulnerabilities OS does not have.

deception strategy:
once intruder detected
/ continue to 'entertain'
*find out what intruder knows re system

decoy documents
eg fake 'new product designs'
= embedded w/ tracking element
= knowing when & where opened
deception software
hidden tech in documents
= beacon calling 'home'
= info re intruder

DECEPTION software providers:
  • Attivo Networks
  • TrapX Security
  • Allure Security Technology
  • CyberTrap
  • Cymmetria
  • ForeScout
  • GuardiCore
  • Hexis Cyber Solutions
  • LogRhythm
  • Percipient Networks
  • Rapid7
  • Shape Security
  • Specter
  • TopSpin Security

DECEPTION software LIMITATIONS
If the hacker:
1) obtained correct credentials re system
2) knows where to look
ie ... if not rummaging, knows where to go & where to get it, deception software ineffective
Deception software
= not foolproof
= but significantly raises odds of detection & lowers false positives

http://www.americanbanker.com/news/bank-technology/deception-may-be-the-best-way-to-catch-cybercriminals-1076667-1.html

#cybersecurity
US Dept Commerce
rethinking proposed rule controlling 
EXPORT of hacking TOOLS / intrusion software
b/c stifles research
source (subscription)
http://www.law360.com/articles/702478/commerce-to-revise-cyber-rule-said-to-hamper-research

#cybersecurity #hacker
Cisco routers vulnerable to new attack
attacks replace OS used in network Cisco equip.

Cisco router attacks
= x14 instances of router implants found in:
  • India
  • Mexico
  • Philippines
  • Ukraine
http://www.reuters.com/article/2015/09/15/us-cybersecurity-routers-cisco-systems-idUSKCN0RF0N420150915


Malvertising
#cybersecurity #hacker

Malvertising Campaign Rages Undetected For 3 Weeks
/ manipulate ad networks' chain of trust
Malvertising
= number of new tactics to make attackers harder to track down
eg use domain names registered years ago w/ BBB

#Hacker
= look like legit bus. using real-time bidding
= ads clean
= ads redirected to point for download malicious code

ads  thru
encrypted HTTPS channel
= lets third party directly serve up content
+ encrypt comm.
/ no inspect.

Malvertising
attackers used Google URL shortener in redirects
Malwarebytes + Google working to solve

Malvertising hits, incl: http://ebay.co.uk  http://drudgereport.com  http://answers.com

Malvertising
compromised various small ad networks
+ major ad networks, incl DoubleClick, AppNexus + ExoClick

Malvertising hits, adult, incl:
nuvid.com
upornia.com
eroprofile.com

very low-cost intro packages
= attacker opportunity for short campaigns w/ small investments
http://www.darkreading.com/attacks-breaches/malvertising-campaign-rages-undetected-for-3-weeks/d/d-id/1322169

#cybersecurity
National Cyber Security Hall of Fame
2015 INDUCTEES
Thu 29th Sept
x5 - listed
http://news.sys-con.com/node/3456101

#cybersecurity - REPORT - Insurance
PWC
Insurance 2020 & beyond: Reaping the dividends of cyber resilience
http://www.pwc.com/gx/en/industries/financial-services/insurance/publications/insurance-2020-cyber.html

#cybersecurity #insurance
market to reach $7.5 billion annual premiums by end 2020
& min.  $5 billion by 2018
insurance co's may MITIGATE risks by
partnering w/ technology co's
+ data sharing b/w insurance co's

Insurer mitigation also by:
conditional regular risk assessments
of client ops & required remedies re reviews
http://www.pymnts.com/in-depth/2015/cyber-insurance-market-to-thrive-triple-by-2020/

#military
DOD - Overhaul of Military Ground Systems
in favour of single UNIFIED system for satellite networks

Satellite networks
multiple siloed ground systems
aka “stove-piped”
=  inhibits security, resiliency, agility & affordability

stovepiped / single ununified systems
=  op systems each functioning w/ unique proprietary software from contractors

#military ground systems
- USG wants to move away from reliance original contractor
/ own tech baseline
/ free up competition

DOD overhaul aim:
  • *control interfaces + standards
  • *no limits interface / proprietary s/w
  • *no contractor control architecture

DOD overhaul of military ground systems goals
 *agility
 *automation
 *security
 *resilience
 Cost savings = inherent result

cybersecurity
= too many interfaces + incongruous software:
*multiple cyber attack surfaces
*must be defended individually
Enterprise Ground System (EGS)
/ DOD interested in using #cloud tech for EGS
/ type undecided
/ Airforce favours private (b/c physically reside w/in operation centres)
http://www.satellitetoday.com/regional/2015/09/14/dod-prepares-for-overhaul-of-military-ground-systems/


NYSE
STUDY by Veracode
2015 Survey
#cybersecurity in the Boardroom - 8pg PDF
https://www.veracode.com/sites/default/files/Resources/Whitepapers/cybersecurity-in-the-boardroom-whitepaper.pdf

Associated article:
Boardrooms and cyber security http://thetandd.com/news/boardrooms-and-cyber-security/article_5edccb5b-aed1-5e88-b2e4-0dd396d5540d.html


Twitter
hired a trio of firms
/ first outside lobbyists to work DC
spent $160K / first-half
http://www.odwyerpr.com/story/public/5332/2015-09-14/twitter-enters-dc-lobbying-fray.html


quantum encryption
quantum random number 
generator | Entropy Engine
/ 200 million random Nos.
http://www.santafenewmexican.com/news/health_and_science/science-on-the-hill-for-cybersecurity-in-quantum-encryption-we/article_2ce4c8bb-78fa-5dbc-826f-ffdd33501ae3.html

WEBINAR - cybersecurity
Former NSA Tech. Dir.
Jim Penrose
cyber ops expert
subtle traces compromise detection
http://www.bankinfosecurity.com/webinars/view-from-inside-intelligence-driven-approaches-to-cyber-detection-w-764

#Germany #cybersecurity
new IT Security Law
July 24, 2015
foresees admin fines
4-yr evaluation
*overview & links
http://www.natlawreview.com/article/what-you-need-to-know-about-germany-s-cybersecurity-law

#cybersecurity #hacker
9 FBI Warnings
/ risks posed by Internet of Things ('IoT')
x10 device examples
http://www.defenseone.com/threats/2015/09/fbi-department-homeland-security-warnings-internet-connected-everyday-objects/120905/

IronNet
fmr  NSA Director Keith Alexander
raised $7.5 million in equity
re IronNet #Cybersecurity
pt  $25-m Trident Capital financing

IronNet Cybersecurity
funds to go to:
*cybersecurity products
*building the company’s workforce
http://www.bizjournals.com/baltimore/blog/cyberbizblog/2015/09/keith-alexander-led-ironnet-cybersecurity-raises-7.html

#cybersecurity
digital tax fraud 
skyrocketed over last year
/ data breaches
PROPOSED bill re notices ID theft

almost half USA states
= reported spikes in electronic filing fraud
= Minnesota stopped accepting some electronic returns

http://thehill.com/policy/cybersecurity/253542-senate-committee-will-mark-up-digital-tax-fraud-bill


#cybersecurity
new chip developed by Xerox
= self-destruct on command
Gorilla Glass / shattering chip

Potential use:   storage device for encryption keys

https://www.siliconrepublic.com/enterprise/2015/09/14/self-destructing-chip-xerox

Korean-based SK Telecom
+ Greenville USA co.
to develop vehicle cybersecurity
/  Quantum Cryptography

... securely distributes a secret key to legitimate parties. Here, a key is a table of random numbers shared by legitimate users in such a way that the information is known only to them, and secure means secure against any possible eavesdropping, which is the highest level of security. The system is expected to enhance security of critical network infrastructure.

Currently, most systems, including the connected vehicle ecosystems, use software-based pseudo-random number generators for encryption, meaning that they can fall vulnerable to hackers who decrypt the sequence of digits. Once developed for commercial use, SK Telecom’s technology will eliminate such concerns for security as it generates true random numbers based on hardware.
http://gsabusiness.com/news/55654-greenville-center-korean-firm-to-develop-vehicle-cybersecurity

#cybersecurity
E-ZPass
vulnerable to hackers, ID thieves + govt spying
/ not using encryption
E‑ZPass
= electronic toll-collection system
=  tolled roads, bridges, & tunnels USA
http://www.whdh.com/story/30022568/report-e-zpass-vulnerable-to-hackers-identify-thieves

#SouthAfrica #law
proposed bill too broad
consequences beyond remit
/ state cyberwarfare
/ warrantless seizure

#SouthAfrica
/  penalties - to 25 years in prison
/  has until Nov 30 to submit comment on proposed bill.

http://www.zdnet.com/article/south-africa-gets-first-look-at-cybercrime-bill-that-comes-with-25-year-jail-terms/

#Tor
.onion domain
= formal recognition granted
security certificates available to site admins
http://www.cbronline.com/news/cybersecurity/business/regulators-give-tors-onion-domain-name-special-use-status-4669709

USA Dept Energy
DOE REPORT linked
US #Energy Tech
Exports
= cybersecurity risks - b/c rely on digital tech
http://www.theepochtimes.com/n3/1751096-global-energy-growth-could-disrupt-americas-grid-security-doe-report-says/

---------------------- ꕤ ----------------------
COMMENT

Bunch of random stuff I looked at.

It all seemed very exciting ... at the time.  Now, I'm not so sure.  lol

The onion domain news and the self-destructing chip is exciting, I guess.

I'm no techie, so the 'internet of things' doesn't bother me.  I like everything manual, if I can help it.  lol

Twitter hiring Washington lobbyists is kind of exciting.  Wonder why?

The US military proposed overhaul of ground satellite communications (if I understand correctly), is pretty cool.

Surprise that it has taken them until 2015 to come up with those ideas, when they're in the business and should know what they're doing when it comes to multiple contracts and software applications etc.

It doesn't sound too efficient at the DOD.

Digital tax fraud sounds boring.  I don't even know what the point of it is.  lol  People pretend to be someone else ... but then what?

Oh, the best news it the Ninth Circuit Court ruling regarding copyright!

Take that, Universal Music a#@!@#s!


July 24, 2015

Bill Blunden - 'Mass surveillance is all about money and power'





SOURCE
http://www.arabamericannews.com/news/news/id_10801/Mass-surveillance-is-all-about-money-and-power.html
Mass surveillance is all about money and power
By Bill Blunden | Wednesday, 07.22.2015, 01:37 PM
“We are under pressure from the Treasury to justify our budget; and commercial espionage is one way of making a direct contribution to the nation’s balance of payments” -Sir Colin McColl, former MI6 Chief.

For years, public figures have condemned cyber espionage committed against the United States by intruders launching their attacks out of China. These same officials then turn around and justify America’s far-reaching surveillance apparatus in terms of preventing terrorist attacks. Yet classified documents published by WikiLeaks reveal just how empty these talking points are.

Specifically, top-secret intercepts prove that economic spying by the United States is pervasive, that not even allies are safe and that it’s wielded to benefit powerful corporate interests.

At a recent campaign event in New Hampshire, Hillary Clinton accused China of “trying to hack into everything that doesn’t move in America.” Clinton’s hyperbole is redolent of similar claims from the American Deep State.

For example, who could forget the statement made by former NSA director Keith Alexander that Chinese cyber espionage represents the greatest transfer of wealth in history? Alexander has obviously never heard of quantitative easing (QE) or the self-perpetuating “global war on terror” which has likewise eaten through trillions of dollars. Losses due to cyber espionage are a rounding error compared to the tidal wave of money channeled through QE and the war on terror.

When discussing the NSA’s surveillance programs Alexander boldly asserted that they played a vital role with regard to preventing dozens of terrorist attacks, an argument that fell apart rapidly under scrutiny.

Likewise, in the days preceding the passage of the USA Freedom Act of 2015 President Obama advised that bulk phone metadata collection was essential “to keep the American people safe and secure.” Never mind that decision makers have failed to provide any evidence that bulk collection of telephone records has prevented terrorist attacks.

If American political leaders insist on naming and shaming other countries with regard to cyber espionage perhaps it would help if they didn’t sponsor so much of it themselves. And make no mistake, thanks to WikiLeaks the entire world knows that U.S. spies are up to their eyeballs in economic espionage. Against NATO partners like France and Germany, no less. And also against developing countries like Brazil and news outlets like Der Spiegel.
These disclosures confirm what Ed Snowden said in an open letter to Brazil: terrorism is primarily a mechanism to bolster public acquiescence for runaway data collection. The actual focus of intelligence programs center around “economic spying, social control, and diplomatic manipulation.”

Who benefits from this sort of activity? The same large multinational corporate interests that have spent billions of dollars to achieve state capture.

Why is the threat posed by China inflated so heavily? The following excerpt from an intelligence briefing might offer some insight. In a conversation with a colleague during the summer of 2011 the EU’s chief negotiator for the Trans-Pacific Partnership, Hiddo Houben, described the treaty as an attempt by the United State to antagonize China:

“Houben insisted that the Trans-Pacific Partnership (TPP), which is a U.S. initiative, appears to be designed to force future negotiations with China. Washington, he pointed out, is negotiating with every nation that borders China, asking for commitments that exceed those countries’ administrative capacities, so as to ‘confront’ Beijing. If, however, the TPP agreement takes 10 years to negotiate, the world–and China–will have changed so much that that country likely will have become disinterested in the process, according to Houben. When that happens, the U.S. will have no alternative but to return to the WTO.

American business interests are eager to “open markets in Asia” and “provide the United States with unprecedented opportunities for investment.” At least, that’s how Hillary Clinton phrased it back when she was the Secretary of State. China represents a potential competitor and so American political leaders need an enemy that they can demonize so that they can justify massive intelligence budgets and the myriad clandestine operations that they approve.

The American Deep State wishes to maintain economic dominance and U.S. spies have been working diligently to this end.
Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics and institutional analysis. This story originally appeared on CounterPunch.org

SOURCE

http://www.arabamericannews.com/news/news/id_10801/Mass-surveillance-is-all-about-money-and-power.html

----------------------
COMMENT

Really enjoyed this article.

How hypocritical is Hillary Clinton and the US?

Interesting to see that intel agencies need to earn their keep.

So, Snowden's comment re surveillance being pretty much about:

“economic spying, social control, and diplomatic manipulation.” 

sounds about right.
And it's all for the sake of 'powerful corporate interests' that control the state.

August 07, 2014

US PASSING SNEAKY CYBER SECURITY LAWS TO GIVE NSA MORE POWER ... & NSA STAFF GO PRIVATE



Ex-NSA chief defends his profitable cyber-security business
Published time: August 06, 2014 10:05
Edited time: August 06, 2014 12:43


As the marriage between surveillance and non-governmental cyber-security firms comes under the spotlight, former NSA chief Keith Alexander fends off criticism of his new lucrative business, which he claims will revolutionize cyber-security.

Alexander, who recently announced work on a number of “game-changing” patents to propel cyber security forward, sees nothing improper in the practice, as he revealed in a Tuesday interview with the AP.

The former NSA head also stands to answer why he failed to share some of his groundbreaking ideas in his time as a government employee. But for Alexander, this seems to be a straightforward pursuit of doing business and making a living.
...

The business was rumored to be bringing him a cool $1 million a month, but Alexander has brushed off the figure as inflated.

Explaining further why IronNet Cybersecurity is different to how the government uses information, Alexander said that the NSA only had authority to defend secret government networks, whereas his work will be focused on the private sector.

The tools and technical reach are at this point unknown, but "If it actually works, this will be worth a lot," he said of his new “behavioral model,” which purports to use sophisticated techniques to catch unconventional hackers.

Critics see a number of issues with Alexander’s new venture, IronNet Cybersecurity. Apart from the generally disliked idea of government officials cashing in on sensitive information learned and tools retained from public service, people worry that any type of access to sensitive information by private firms using high-tech tools is not good. Only recently there was a private sector initiative to pool top officials from eight US government agencies to create a council that would defend the banking industry from cyber-attacks.

Indeed, the Securities Industry and Financial Markets Association (SIMFA), the Wall Street group that proposed the council, has retained Alexander’s services. That agreement and others have raised concerns among those who’ve said Alexander may be in the business of disclosing state secrets for any company with a budget big enough to afford his services[Conflict of interests? - May have moved on from public service, but does it form a 'conflict of interest' type of problem from mixing it up in the private sector?]

Last month, The Senate Select Committee on Intelligence voted overwhelmingly to approve the new controversial cyber security bill – the Cybersecurity Information Sharing Act (CISA), which SIMFA endorses. Privacy advocates are naturally opposed to the legislation, which lawmakers have been trying to push through for years. They believe that codifying a program to share digital data between the government and private sector would open the private sector up to sensitive information pertaining to millions of Americans.

One scornful comment illustrating this came from the World Socialist Website’s Thomas Gaist, who says that “CISA clears the way for virtually unrestrained information sharing between the US government and corporations.”

The criticism is not unique to rights groups – government officials occasionally also voice concern.

...
Although Alexander’s move into private business has caused concern in some circles, he is traveling an already paved road, being the latest in a line of government, intelligence and security officials who go on to private sector work after an illustrious government career. Some examples include the first secretary for homeland security, Tom Ridge – he now has his own firm; the second homeland security secretary, Michael Chertoff, also has one; just as the NSA’s previous director, Michael Hayden, who now works with Chertoff.
...




The thing that struck me most in this article is the cyber security bill was voted for approval by the 'Senate Select Committee on Intelligence'.

As Thomas Gaist says, the Cyber Security Information Sharing Act (CSIS) exposes the public to 'unrestrained informatin sharing between the US government and corporations'.  That's creepy.

New to looking at politics and unfamiliar with US politics, but I believe the next step is back to the House of Representatives and to Senate, before a finally rubber stamping by Obama and bringing the proposed legislation into being as law.

...........................................................................
Discussion Draft of CSIS proposed Bill - here.

Wikipedia - CSIS proposed Bill - here.

The Guardian - says Senate giving more powers to NSA in secret - here.

Wikipedia on, former NSA head, Keith Alexander - here.  Military background (now retired).  Introduced the 'collect it all' approach:
believed by Glenn Greenwald of The Guardian to be the model for the comprehensive world-wide mass archiving of communications which NSA had become engaged in by 2013.

Note also:  'stockpiling of zero-days'. Not really sure what this means specifically, but it relates to exploiting unpatched (and unknown) software vulnerabilities ... for spying.

Wired reported:

“In almost all instances, for widely used code, it is in the national interest to eliminate software vulnerabilities rather than to use them for US intelligence collection,” the report reads. “Eliminating the vulnerabilities–’patching’ them–strengthens the security of U.S. Government, critical infrastructure, and other computer systems.”

Obama’s response to his advisers’ review, however, added a major loophole, allowing any zero-day vulnerabilities to be exploited if they have a “clear national security or law enforcement” application.


.. read the article - here - if interested.

Hey, following the Wired link, found this:


This, of course, gives the government wide latitude to remain silent on critical flaws like the recent Heartbleed vulnerability if the NSA, FBI, or other government agencies can justify their exploitation.

A so-called zero-day vulnerability is one that’s unknown to the software vendor and for which no patch therefore exists. The U.S. has long wielded zero-day exploits for espionage and sabotage purposes, but has never publicly stated its policy on their use. Stuxnet, a digital weapon used by the U.S. and Israel to attack Iran’s uranium enrichment program, used five zero-day exploits to spread.

The stuff about US and Israel hacking(?) Iran is pretty interesting.  Why doesn't Iran hack right back?

Anyway, I'm not sure what the fuss is about because it stands to reason that they'd use ANYTHING they can to their advantage.  Why is this surprising?