Links on states’ recent activities in internet security  29.11.09

UK cybersecurity centre starting operations in March –
Administered by Cabinet Office; staff partly to be recruited from GCHQ, should have hacker mentality; “primarily … a defensive role “, cyberattack as “last resort”.UK also has an Office of Cyber Security (OCS), set up last summer. UK launches dedicated cybersecurity agency – Gordon Brown: “we … have to secure our position in cyberspace in order to give people and businesses the confidence they need to operate safely there”
As UK is at it: Digital Economy Bill passed:

Britain’s new Internet law — as bad as everyone’s been saying, and worse. Much, much worse. – Boing Boing Including 3-strikes, stricter video-game ratings, ISPs forced to deliver data with content industry, business secretary gets carte blanche to come up with stricter regulations.
“It’s a declaration of war by the entertainment industry and their captured regulators against the principles of free speech, privacy, freedom of assembly, the presumption of innocence, and competition.” (BoingBoing)

The cyberwar plan, not just a defensive game – Nextgov
Stupid headline – who would think that cyber-warfare is about defense only.
„Computerized tools to penetrate an enemy’s phone system“, „computer viruses and malicious software programs that can disable electrical power systems, corrupt financial data, or hijack air traffic control systems“, „cyber-intruders have probed our electrical grid“ (no, not the squirrel terrorists), “we’d have cadres of people who’d know how to do that”, “Military forces fight for the ownership of that domain [cyber-battlefield]”, “Defense Department graduates only about 80 students per year from schools devoted to teaching cyber-warfare”, ” proposed building a military “botnet,” an army of centrally controlled computers to launch coordinated attacks on other machines”. “The risk of losing control of a weapon provides a powerful incentive not to use it”

See also: National Journal Magazine – The Cyberwar Plan

Who’s in Big Brother’s Database? – The New York Review of Books
Degree of surveillance measured in electricity bills: 70 millions per year

Information Security News: NIST Drafts Cybersecurity Guidance
“tackling criticism that federal cybersecurity regulations have placed too much weight on periodic compliance audits”; “more onus on applying risk management throughout the lifecycle of IT systems”. Yawn.

[ISN] Inside the Ring – Chinese, Russian cyberwarfare
Like nuke-counting in the eighties.
Noteworthy: a new Cyber Security Alliance 14 tech firms form cybersecurity alliance for government — Government Computer News

Australian government overhauls national cyber security arrangements – Government & Policy “against increasing online espionage and attacks on critical infrastructure”, new CERT Australia, Cyber Security Operations Centre (CSOC), details undisclosed

Automated Social Networking Surveillance Systems Statebook is going to be developed!?

How the Internet Ruined Newspapers, TV, Music, Movies, Microsoft – Newsweek 2010, The Internet: A Decade of Destruction – Internet Use/New Technologies „wherever companies were profiting by a lack of transparency or a lack of competition, wherever friction could be polished out of the system, those industries suffered“ – What about national political institutions (in the wider sense) then?

Public knowledge brokering services vs. plutocratic demoracy  28.11.09

An interesting  development is currently happening in German politics. It’s still in its infancy, but it could well become an important social experiment. Hopes have been high that the Internet and social media will not only revolutionize business models and business processes but also boost individual influence on decisions that are more or less out of control of voters.

The legitimacy of the parliamentary democracy stems partly from the problem of aggregating individual interests into societally binding decisions. Technology might act as a game changer here. Moreover, the potentials of social technologies appear to be so enormous and presumably inline with majorities interest, that it is hard to envisage how the the currently predominant political system in western societies, representative liberal democracies, will remain unchanged. That is unless no massive backfiring by plutocratic interests—in opposite to democratic interests—will set in. Which will, dead certain, happen or better: does happening right now. Even mainstream media is starting to get it: Germany’s conservative daily FAZ (Frankfurter Allgemeine Zeitung) had an article today titled: „The state is reclaiming the net“ (in German, though). Baseline: There is a global trend driven by states to get the internet into their hands. Indeed. But that’s only one part of the story.

Wikileak has just published 10,000 pages of one of the best hidden secrets in German politics in the last couple of years: the contracts between the Federal Republic of Germany and Toll Collect, a joint-venture of Daimler-Chrysler, Deutsche Telekom and Cofiroute. Toll Collect had developed a fully automatized system to collect tolls payable for utility vehicles on the German autobahnen. The system consists of integral boxes with GPS receivers and obligatory for any utility vehicle driving on highways, a system of physical bridges receiving information from the boxes as well as holding cameras with OCR technology to identify potential free riders.

(In the Netherlands, there is currently a debate about a comparable toll-collect system for any vehicle. The early promises that the foto&OCR system would only and exclusively be used for toll-collection purposes have long been forgotten. By now, it also serves as a public surveillance technology.)

While the system by itself is a solid piece of engineering, it has been criticized for its non-pragmatical, overly ambitious and expensive approach. The biggest burden for federal finances however was caused by a delayed roll-out of Toll Collect’s solution, as billions of toll revenues didn’t made their way to federal accounts. While one would assume that a decently brokered contract would provide indemnifications by the service provide for the purchaser, this hasn’t allegedly been the case with Toll Collect. While politicians ranted about Toll Collect’s failure, the federal government acted as if it didn’t really want to get compensations from Daimler-Chrysler and Deutsche Telekom. In addition, the secrecy of the contracts for the operation of the toll collect system has aroused suspicion from the onset.

Wikileaks has become a major obstacle for those who are in favour of a plutocratic interpretation of democracy and it’s proneness to behind-the-curtain deals. Some private-public partnership and cross-border leasing deals would have had more difficulties in passing legislation if municipal, state or federal parliaments had known the contracts beforehand and been able to understand them. Regulatory capture precludes secrecy and intransparency of bureaucratic and managerial activities., a Bertelsmann subsidiary product, has called Wikileaks the „Robin Hood of the Internet“ (German). His popularity and his fate are legend.

While a lot has changed since those times, post-noble dukes still don’t like being ridiculed by mere peasants. These days, business interests feel plagued by flash-mobs and are weakened by the ability to organize labour interests by social technologies, maneuverability of national governments is reduced by the abililty to instant vet governmental activities (if public knowledge brokering services like Wikileak continue to grow), and mass media has suffered some dents in their credibility by their reduced use of investigational methods and easy alignment with business and government interests. These actors are those who a are set on a slippery slope, who are in descent. For them, the biggest problem is three-fold: technically enhanced trooping and rallying by like-minded interests, social motivation, the ease of achieving transparency by, say, Wikileak, and the ability of social investigation. But then, state institutions dominate the spheres of law and law enforcement. Laws and law enforcement are the tools for vested interests to make their wills publicly binding. We might very well see legislation upcoming that would go beyond some kind of Prohibition on the internet. Some vested interests would rather prefer thick digital walls and high barbicans.

blog, research, interests  23.11.09

Security of the internet isn’t provided by a hierarchical, secretive and central organisation. There is no global internet police, and there is no internet defence corps. Internet security is the result of the collaboration of diverse types of actors such as internet service providers, technical experts, police and law enforcement, governments and academics. These actors make a dense, highly complex internet security governance network in which each type of actor is characterized by its own organisational idiosyncrasies while at the same time being part of the overall governance structure.

My focus currently is on bottom-up processes to provide internet security, like task-forces and working groups that are set up in an ad-hoc manner to tackle with the lates security phenomenon. Academics, engineers, experts and geeks from all over the world collaborate to provide. The way in which they are addressing security problems resembles what could be called peer production of internet security. My interest is to learn to what extent this mode of security provisioning is used, the settings in which we can observe it and whether this mode is sustainable or not. And how this all relates to internet security and the overall structure of internet security in general.

The internet is a tool that already has fundamentally changed business processes and business models. It is too early to tell what its long-term impact on societies and politics will be. Debates about ‘freedom’ on the internet have been going on for a while, such as if and how the internet fosters freedom of expression, or how authoritarian internet governance approaches could suppress individuals’ rights. The practices of internet security provisioning will have decisive consequences for the shape of ‘freedom’ on the internet.