Está en la página 1de 5

Techdirt Wireless News Innovation Case Studies Startups Net Neutrality

Sign In Register Preferences


Insider Shop Insight Community Step2
Search Techdirt Search
Main Submit a Story RSS
Spy(ware) Vs. Spy(ware): Indictments For One... >> << Funniest/Most Insightful Comments Of The Week...
Privacy
by Mike Masnick
Mon, Oct 6th 2014
3:50am
0


Filed Under:
angus king, cisa,
congress,
cybersecurity,
hacking, privacy
Companies:
jp morgan
Permalink.

If you liked this post, you may also be interested in...
Washington Post's Clueless Editorial On Phone Encryption: No Backdoors, But How About A Magical 'Golden Key'?
Spy(ware) Vs. Spy(ware): Indictments For One Creator, Law Enforcement Plaudits For The Other
California Governor Shoots Down Warrant Requirement For Law Enforcement Drone Usage
Bloomberg Reporters Had Full Access To Customer Usage Logs, Including Help Transcript Logs
Store Payment Info In Your Online Store? Watch Out For Patent Infringement Lawsuits
7.0
6.3
6.0
Privacy
Piracy: The Intellectual Property Warsfrom
Gutenberg to Gates
Adrian Johns (Paperback - Apr 30, 2011)
$14.18
The Pirate'sDilemma: How Youth Culture Is
Reinventing Capitalism
Matt Mason (Paperback - May 5, 2009)
$15.42
The GridlockEconomy: How Too Much
Ownership WrecksMarkets, StopsInnovation,
and CostsLives
Michael Heller (Paperback - Feb 23, 2010)
$1.99
On Internet Freedom
Marvin Ammori
Follow Techdirt
Advertisement
SECURITY
Awareness 101
bridgefront.com/security
Training for Medical Employees.
Protect Your Patient Records.
Essential Reading
Hot Topics
5,000 Domains Seized Based On Sealed
Court Filing; Confused Domain Owners
Have No Idea Why
Washington Post's Clueless Editorial On
Phone Encryption: No Backdoors, But
How About A Magical 'Golden Key'?
Politicians Cynically Using JP Morgan
Hack To Try To Pass Laws To Diminish
Your Privacy
New To Techdirt?
Explore some core concepts:
Step One To Embracing A Lack Of Scarcity:
Recognize What Market You're Really In
How Being More Open, Human And
Awesome Can Save Anyone Worried About
Making Money In Entertainment
Saying You Can't Compete With Free Is
Saying You Can't Compete Period
read all
Techdirt Reading List
1 2 3 4 5 >
Techdirt Insider Chat
Politicians Cynically Using JP Morgan Hack To Try To Pass
Laws To Diminish Your Privacy
from the you're-doing-it-wrong dept
So, as you probably heard last week, JP Morgan revealed more details of how it had been hacked,
noting that the number of households impacted shot up to 76 million, thus impacting a pretty
large percentage of Americans. The hack involved getting access to customer names, addresses,
phone numbers and emails. It doesn't appear to have gotten anything else, but that's plenty of
information to run some sophisticated phishing attacks that could lead to some serious problems.
It's expected that the fallout from this could be quite long lasting.
Almost immediately, politicians leapt into action... but not in any good way. They're cynically
using this as an excuse to push questionable cybersecurity legislation. Specifically, Senator
Angus King used it to push CISA, a bill that actually undermines privacy, rather than protect it,
by giving companies incentives to share info more freely, opening up greater opportunities for
leaks and breaches. CISA gives those companies a blanket get-out-of-jail-free card by taking away
any liability in sharing such info.
What no one explains is how something like CISA would actually have helped stop the JP Morgan
hack. That's because it wouldn't have helped. Congressional supporters of cybersecurity legislation
keep playing the "something must be done!" card, without ever bothering to explain how the
something (CISA) will actually help. They just make vague promises that by somehow letting
companies share info without liability, we'll magically all be better protected. Given the recent
revelations about how government has regularly abused access to information, it's hard to accept
the "just trust us" explanation for why companies should just hand over more information.
Even worse is that King went for the FUD-based "cyber Pearl Harbor" claim -- one that's been
trotted out regularly, usually by intelligence community folks who just want access to your data,
when the reality is that even James Clapper has admitted that there's little real chance of such a
thing happened. But that doesn't stop King:
Congress must work to pass legislation that will improve our capabilities and
protect us against more attacks like these, King added. The next Pearl Harbor
will be cyber, and shame on us if we're not prepared for it.
Okay, sure. Shame on us if we're not prepared, but how will this law help us prepare for it? This
is a question that no one in Congress seems willing to answer. They just insist we have to "do
something."
King wasn't the only one:
Sen. Ed Markey called the hack yet another example of how Americans most
sensitive personal information is in danger.
"It is time to pass legislation to protect Americans against these massive data
breaches, he added.
Rep. Yvette Clarke tweeted that the U.S. must keep up on cybersecurity.
Right, but again, how will the proposed law actually help? The problem is that no one answers
because the truth is that it's unlikely to actually help keep companies and your data secure, though
it might just make it easier for the intelligence community to get their hands on your data.
28 Comments | Leave a Comment
Tweet Tweet 76 64 Like Like 397 points
converted by Web2PDFConvert.com
insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

Reader Comments (rss)
(Flattened / Threaded)
1. Anonymous Coward, Oct 6th, 2014 @4:06am
I wonder why the government isn't investigating JPM or trying to pass laws that would legitimately strengthen the
security of finan- ohhh now I get it
[ reply to this | link to this | view in thread ]
2. Anonymous Coward, Oct 6th, 2014 @4:17am
Perhaps laws put in place that protect white hat hackers and punish companies for not responding to white hat
hackers that report flaws in their systems are what's needed.
[ reply to this | link to this | view in thread ]
3. Anonymous Coward, Oct 6th, 2014 @4:34am
The only difference is that this time, the criminals accessing private data have a badge.
[ reply to this | link to this | view in thread ]
4. Bt Garner (profile), Oct 6th, 2014 @4:35am
Re:
I do not think that anyone in the US Government is savvy enough to distinguish between a white hat and black hat
hacker. They hear these terms and all they can think of is "ZOMG, a cyberterrorist with different colored hats!"
[ reply to this | link to this | view in thread ]
5. Anonymous Coward, Oct 6th, 2014 @4:41am
What is the governments recovery plan for when, as will likely happen, Bluffdale is hacked into?
[ reply to this | link to this | view in thread ]
6. That Anonymous Coward (profile), Oct 6th, 2014 @4:41am
It is a shame there are no journalist left to ask the Senator to explain exactly how this bill would make us more
secure.
I think it would be amazing to see his brain freeze up and try to spit out catch phrases to bypass the question and
a real journalist saying, but this bill does not do this in the text and point out what it allows for.
Shame we don't live in a free country with a free media that can actually get answers for citizens.
[ reply to this | link to this | view in thread ]
7. Anonymous Coward, Oct 6th, 2014 @5:05am
Re:
That makes sense and won't make money for corporations. So it's bad.
[ reply to this | link to this | view in thread ]
8. Anonymous Coward, Oct 6th, 2014 @5:09am
Because of the risks of falling in bathtubs we are introducing a law that will make bathrooms safer. We plan to
outlaw hot water and soap in the bathroomenvironment and put up camera's to see if you use your bathroom
properly...
[ reply to this | link to this | view in thread ]
9. Bengie, Oct 6th, 2014 @5:20am
Simple issue
"Congress must work to pass legislation that will improve our capabilities and protect us against more attacks like
these, King added. The next Pearl Harbor will be cyber, and shame on us if we're not prepared for it."
The problemisn't the law, it's idiots and laziness causing the issue. Congress should just outlaw being stupid and
lazy for important positions like programmers and sysadmins.
[ reply to this | link to this | view in thread ]
10. orbitalinsertion (profile), Oct 6th, 2014 @5:22am
Re:
That's classified: Top Stupid.
[ reply to this | link to this | view in thread ]
1: How long have they been working? If the
difference in time is negligible, then the 2nd
question pops up: Did either of them ask for a
wage raise?
If the answer to the 2nd question is "no", then
there's some problems.
I mean, if I work at a place for 3 years, I'd expect
my wages to be higher than someone who just
started, even if we do the same work,
regardless of gender.
http://i.imgur.com/TZifQjG.jpg
Violynne: @ssc: wage merits are not required
by law (though should be). One can ask, but
one can also hear "No" many times.
Christopher Best: I thought Discordianism was
about accepting chaos as it is
Get the Insider Chat!
Advertisement
Recent Stories
Monday
10:22 5,000 Domains Seized Based On Sealed Court
Filing; Confused Domain Owners Have No Idea
Why (24)
09:15 Washington Post's Clueless Editorial On Phone
Encryption: No Backdoors, But How About A
Magical 'Golden Key'? (24)
07:58 Documents Released In Silk Road Case Add More
Evidence To The 'Parallel Construction' Theory
(19)
05:53 Spy(ware) Vs. Spy(ware): Indictments For One
Creator, Law Enforcement Plaudits For The
Other (26)
03:50 Politicians Cynically Using JP Morgan Hack To Try
To Pass Laws To Diminish Your Privacy (28)
Sunday
12:00 Funniest/Most Insightful Comments Of The Week
At Techdirt (43)
Saturday
12:00 This Week In Techdirt History: September 28th -
October 5th (10)
09:00 Awesome Stuff: Great Graphics (0)
Friday
19:39 Ferguson's Strategy Regarding Journalists:
Charge Insane Fees For FOIA Requests (48)
18:13 The NSA's Clearance Rack Goes Public, Offering
An Assortment Of Declassified Patents For Use In
The Private Sector (23)
More
Advertisement
converted by Web2PDFConvert.com
insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report
11. Anonymous Coward, Oct 6th, 2014 @5:26am
Re: Simple issue
"The problemisn't the law, it's idiots and laziness causing the issue."
But solving actual problems is too hard (some would even decry it as "big government" while ignoring or even
supporting blatant fascism) and won't make the highest bidder any richer.
"Congress should just outlaw being stupid and lazy for important positions like programmers and sysadmins."
Like Congress would even dare try to sign anything that would criminalize themselves.
[ reply to this | link to this | view in thread ]
12. Anonymous Coward, Oct 6th, 2014 @5:27am
Re:
...and make it easy to share the videos with other companies, the highest bidding criminals, etc. without liability.
[ reply to this | link to this | view in thread ]
13. Anonymous Coward, Oct 6th, 2014 @5:33am
What does this legislation, or others like it, do to encourage corporations to protect the information they are
being entrusted with?
Nothing? Yeah, that's what I thought.
It is a ruse and an excuse to implement additional draconian measures.
[ reply to this | link to this | view in thread ]
14. Matthew A. Sawtell, Oct 6th, 2014 @5:53am
Good grief... even Angus?
It was Angus that said this? The Independent-ist Senator fromMaine? Aw nuts... Bad enough when both sides of the
aisle acts like this, but the center as well?
[ reply to this | link to this | view in thread ]
15. Anonymous Coward, Oct 6th, 2014 @6:06am
Some suggestions:
1) Don't trust big corporations or the government with sensitive personal data. They haven't earned trust and have
actively earned mistrust in many cases.
2) Avoid mass centralized storage of sensitive personal data. The more data that are stored in one place the higher
value it becomes as a target.
3) Don't pass any security undermining trojan horse BS like CISPA. Do the opposite and pass law to protect data and
shut down the data theft free-for-all that has developed over the past 15 year.
4) Don't let corrupt, ignorant fools like Anus King anywhere near "cyber" policy.
[ reply to this | link to this | view in thread ]
16. Anonymous Coward, Oct 6th, 2014 @7:04am
One way that increased sharing could provide greater prevention of hacks like this
Shield the companies fromall liability for disclosing information, then encourage themto preemptively post
everything they know to their public web sites. Ta da. No more hacks, because now you can get whatever you
want without breaking in anywhere. There's also no privacy, but hey, at least with my way, even stalkers who
couldn't hack their way out of a paper bag can get in on the action. Bonus, it'll make companies look silly and/or
suffer massive fraud if they keep up with the stupid idea that knowing a SSN, mother's maiden name, etc. somehow
proves the knower is the person he/she claims to be.
[ reply to this | link to this | view in thread ]
17. Anonymous Coward, Oct 6th, 2014 @7:08am
Re: Re: Simple issue
Since when is Congress an important position? Isn't it just the training programfor lobbyists?
[ reply to this | link to this | view in thread ]
18. Anonymous Coward, Oct 6th, 2014 @7:21am
business as usual
Isn't this just another case of "the facts being fixed around the policy" - as the leaked Downing Street Memo
eloquently put it. People like King (and his supporters) might seemlike raving idiots spewing nonsense, but usually
PC Matic Antivirus
pcmatic.com
As Seen on TV-PC Matic Download.
Fast, Stable & Secure - Buy Now!
converted by Web2PDFConvert.com

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

insightful funny report

they're crafty as foxes and know exactly what they're doing.
[ reply to this | link to this | view in thread ]
19. Anonymous Coward, Oct 6th, 2014 @7:31am
Re:
And by punish I obviously mean civil, not criminal. If a company gets warned of a flaw, fails to correct it, a customer
is later injured due to the flaw, they can successfully sue.
[ reply to this | link to this | view in thread ]
20. Just Another Anonymous Troll, Oct 6th, 2014 @7:33am
Re:
"4) Don't let corrupt, ignorant fools like Anus King anywhere near "cyber" policy."
I was about to warn you about the typo, but then I realized it was probably intentional.
[ reply to this | link to this | view in thread ]
21. Anonymous Coward, Oct 6th, 2014 @7:41am
Re: Good grief... even Angus?
Corporate interests don't see "sides", they see "pockets"...
[ reply to this | link to this | view in thread ]
22. Ninja (profile), Oct 6th, 2014 @8:00am
It was expected. Why point at the incompetency of JP when you can tout your totalitarian agenda?
[ reply to this | link to this | view in thread ]
23. Anonymous Coward, Oct 6th, 2014 @8:18am
If these corps insist on keeping my private info, they should be liable when they loose it. But the slap on the wrist
just doesnt push theminto really protecting fromthese hacks.
[ reply to this | link to this | view in thread ]
24. Matthew A. Sawtell, Oct 6th, 2014 @8:52am
Re: Re: Good grief... even Angus?
Yes, I should have remembered Milo's words when it comes to this topic:
http://www.thecomicstrips.com/store/add.php?iid=78377
[ reply to this | link to this | view in thread ]
25. Anonymous Coward, Oct 6th, 2014 @9:24am
Well, if "something must be done", why don't they go and do a poo?
[ reply to this | link to this | view in thread ]
26. Stosh (profile), Oct 6th, 2014 @9:49am
Government: "Just give US all your personal, financial and medical data and we'll keep it safe for you"
[ reply to this | link to this | view in thread ]
27. Anonymous Coward, Oct 6th, 2014 @10:04am
the NSA must love these politicians. Every time there is an incident they try to shovel more citizens private data
into NSA servers.
Data sharing would only give the NSA more exploits to use upon Americans and everyone else. It would not protect
anyone.
We don't need more offensive weapons we need defensive ones.
[ reply to this | link to this | view in thread ]
28. tomczerniawski, Oct 6th, 2014 @10:10am
The government we trusted to keep us safe is becoming a metastasizing cancer. Soon, it will have to be excised.
[ reply to this | link to this | view in thread ]
Add Your Comment
converted by Web2PDFConvert.com
Company
About Us
Advertising Policies
Privacy
Contact
Help & Feedback
Media Kit
Sponsor/Advertise
Submit a Story
Tools & Services
Twitter
Facebook
RSS
Techdirt for Mobile
Research & Reports
More
Insight Community
Step2
Insider Shop
Spy(ware) Vs. Spy(ware): Indictments For One... >> << Funniest/Most Insightful Comments Of The Week...
Have a Techdirt Account? Sign in now. Want one? Register here
Name
Email Get Techdirts Daily Email
URL
Subject
Comment
Options
Save me a cookie
Submit Preview
Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>

Brought to you by Floor64
converted by Web2PDFConvert.com

También podría gustarte