Mozilla Stand Against CISPA, Saying The Bill Will Infringes on Our Privacy

Mozilla Stand Against CISPA, Saying The Bill Will Infringes on Our Privacy

 

When almost 99% of leading IT Industry, software giant like Microsoft, Facebook, AT&T, Intel, Verizon has been either silent or quietly supportive of the controversial bill HR 3523 Act dubbed the Cyber Intelligence Sharing and Protection Act (CISPA). But here we get one exception late Tuesday, Mozilla’s Privacy and Public Policy lead sent me the following statement:-
"While we wholeheartedly support a more secure Internet, CISPA has a broad and alarming reach that goes far beyond Internet security. The bill infringes on our privacy, includes vague definitions of cybersecurity, and grants immunities to companies and government that are too broad around information misuse. We hope the Senate takes the time to fully and openly consider these issues with stakeholder input before moving forward with this legislation."

CISPA’s official supporters include Facebook, Microsoft, IBM, Intel, Oracle and Symantec among others–carriers including AT&T and Verizon have signed on, too. Despite reports that Microsoft had backed off its support for the bill citing privacy, a Microsoft spokesperson Monday told reporters that the company’s supportive position on CISPA remains “unchanged.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Mozilla Stand Against CISPA, Saying The Bill Will Infringes on Our Privacy"https://www.voiceofgreyhat.com/2012/05/mozilla-stand-against-cispa-saying-bill.html</a>

Controversial Cyber Security Bill CISPA Passed Again By The US House

Controversial Cyber Security Bill CISPA Passed Again By The US House

Couple of months ago we reported that the White House is planning for an executive cyber security order, from some official sources it has also come to know that the U.S. President Mr. Barack Obama has a special plan to re-introduce the Cyber Intelligence Sharing and Protection Act (CISPA). Today that deceleration get executed as the US House of Representatives has passed the controversial Cyber Information Sharing and Protection Act. This is the second time when CISPA have been passed by the White House, first it was rejected by the Senator while saying that the bill did not do enough to protect privacy. But yet again with the initiative of Obama and a substantial majority of politicians in the House backed the bill. Though there is a huge chance of getting rejected. According to some relevant sources it has been came to light that, this time also CISPA could fail again in the Senate after threats from President Obama to veto it over privacy concerns. Sources are saying that the main reason of re-introducing CISPA is the the President Barack Obama expressed concerns that it could pose a privacy risk. The White House wants amendments so more is done to ensure the minimum amount of data is handed over in investigations.  The law is passing through the US legislative system as American federal agencies warn that malicious hackers, motivated by money or acting on behalf of foreign governments, such as China, are one of the biggest threats facing the nation.  "If you want to take a shot across China's bow, this is the answer," said Mike Rogers, the Republican politician who co-wrote CISPA and chairs the House Intelligence Committee. 

On the other hand CISPA has also secured the backing of several technology firms, including the CTIA wireless industry group, as well as the TechNet computer industry lobby group, which has Google, Apple and Yahoo as members. By contrast, some other big names like Mozilla, Reddit has been vocal in its opposition to the bill. In the beginning the social networking giant Facebook supported CISPA but later they took back its support. The American Civil Liberties Union has also opposed CISPA, saying the bill was "fatally flawed". The Electronic Frontier Foundation (EFF), Reporters Without Borders and the American Library Association have all voiced similar worries.

-Source (BBC)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Controversial Cyber Security Bill CISPA Passed Again By The US House"https://www.voiceofgreyhat.com/2013/04/Controversial-Cyber-Security-Bill-CISPA-Passed-Again.html</a>

Anonymous is attacking US Chamber of Commerce website

In protest of the "PROTECT IP" bill, hacker group Anonymous plans to attack the US Chamber of Commerce website Monday evening. Hacktivist group Anonymous plans to launch attack the US Chamber of Commerce website today at 8pm EST, according to a flier posted to 4chan.org and Reddit.com, which urges Internet users to join in the fight. The distributed denial of service (DDoS) campaign is an act of protest against a piece of supposed anti-piracy legislation proposed by Sen. Patrick Leahy (D-VT) known as the “Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property” bill, or “PROTECT IP.” Anonymous, known for its campaigns against both corporations and governments around the world who the group believes stifle the free flow of information, argues that, if passed, PROTECT IP “would allow the US Government to force [Internet service providers] and search engines to censor websites they do not like under the guise of ‘copyright protection.’” The online protest was first announced Sunday in a statement released by the group, which reads:

“As pioneers of this new world, it’s our duty to resist and fight those who attempt to stop us. Whether you’re a journalist or blogger, or a participant of Anonymous, or the activists on the ground who protest against these corporate thugs and oppressive regimes and risk everything for freedom of information and speech, we are all in this battle together and we have a responsibility to protect our civil liberties.

“This attack tomorrow will send yet another message to the pigs that run the state that we will not be another cog in the f****d up clock that these corporate entities attempt to preserve through their political puppets in Washington.

“This is our world now and we will fight for it. Take it or leave it.” 

The PROTECT IP bill, a reiteration of the failed COICA bill, would give the US Justice Department broad powers to shut down access to websites it deems “dedicated to infringing activities.” As Anonymous accurately describes, these powers include forcing ISPs to block access to targeted websites, and even requiring search engines, like Google and Bing, to completely remove the websites from their search indexes. Perhaps even more troubling, the bill would also give private citizens — i.e. copyright holders — the ability to request that the government block a websites’ ability to display advertising, or process payments. Anonymous says that, rather than reduce piracy, the bill simply “endangers the free flow of information,” through the use of “domain seizures, ISP blockades, search engine censorship, and the restriction of funding to accused websites,” says Anonymous. All of this, they say, “takes Internet censorship to the next level.” The hacker’s interpretation of the bill, a summary of which leaked online last week, is echoed by a variety of other privacy advocates, who say the legislation is woefully misguided, and will result in rampant government censorship. “Protecting copyright and trademark are of course important objectives,” writes author and technology expert Larry Downes in an analysis of the bill posted to CNet. “But doing so by trampling due process rights, tinkering dangerously with the mechanics of the Internet, and impressing into police duties an expanding set of Internet service providers, hardly seems the best solution.” Anonymous first came into the world spotlight after launching a series of similar attacks on the corporate websites of PayPal, Master Card and Visa, all of which stopped processing donation payments made to whistle blowing website WikiLeaks. Most recently, members of the group were accused by Sony of initiating (or, at least, facilitating) an attack on its PlayStation Network, which resulted in the theft of nearly 13 million user credit cards, and could cost the company upwards of $170 million in damages. Those who wish to join in the DDoS attack — which simply overloads a website’s servers with an overwhelming amount of traffic, causing it to go offline — can join other Anons in the #OperationPayback IRC channel, where countless supporters have gathered to coordinate the attack. 


Anonymous Message on IP ACT

To read a full summary of PROTECT IP  CLICK HERE

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anonymous is attacking US Chamber of Commerce website"https://www.voiceofgreyhat.com/2011/05/anonymous-is-attacking-us-chamber-of.html</a>

Homeland Security Approved Cyber security Bill "PRECISE" (H.R. 3674)

Homeland Security Approved Cyber security Bill "PRECISE" (H.R. 3674)

The House Homeland Security Committee approved H.R. 3674, the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act of 2011 (the PRECISE Act) by voice vote, after a lengthy mark-up session that saw the bill’s scope scaled back. This Cybersecurity bill was approved on April 18 aimed at securing federal information systems and helping private sector critical infrastructure owners/operators, but key committee members complained that its watered-down provisions weren’t adequate. The bill, originally introduced by Rep. Dan Lungren (R-CA) in February had aimed to create a national information sharing organization to oversee the cyber protection of critical infrastructure, but will now only authorize the National Cybersecurity and Communications Integration Center (NCCIC) at the Department of Homeland Security (DHS).
The committee’s ranking member, Rep. Bennie Thompson (D-MS), bitterly objected to the changes, saying they essentially gutted the bill. In a statement following the bill’s mark-up, he said it “bears little resemblance to the measure that the Cybersecurity Subcommittee approved in February.” He said key provisions that promoted information sharing between and among the private sector and government and privacy protections were removed behind closed doors by the committee’s leadership.

-Source (Govt. Security News)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Homeland Security Approved Cyber security Bill "PRECISE" (H.R. 3674)"https://www.voiceofgreyhat.com/2012/04/homeland-security-approved-cyber.html</a>

Anonymous Targets Australian Govt Sites Over Internet Privacy Laws

Anonymous Targets Australian Govt Sites Over Changes in Internet Privacy Laws

The Australian Government has became the latest victim of international hacker collective group Anonymous. At least 10 of the country's government websites were sent offline in a series of attacks over proposed changes to Internet privacy laws. The first attacks were conducted in conjunction with Prime Minister Julia Gillard's online Q&A session this weekend, Anonymous. So far, the only targeted sites are run by the Queensland State Government. 

Site List:- 

sunshinecoast.qld.gov.au

regions.qld.gov.au

sd.qld.gov.au

dtrdi.qld.gov.au

science.qld.gov.au

createitmakeitliveit.qld.gov.au

smartawards.qld.gov.au

tourism.industry.qld.gov.au

workliveplay.qld.gov.au

lib.qld.gov.au

If an Australian online security bill gets passed into law, it could require ISPs to store user activity for a period of two years, allowing Web users' every online move to be watched by the government.

In response, the Australian arm of Anonymous threatened to continue its attacks on ".gov.au" sites until the bill is halted.

Anonymous said  the sites were specifically chosen because the group had “proof” that small to medium businesses, education departments, student and personal accounts had been tracked by the State Government. “The Australian Government is attempting to strip away its citizens’ internet rights by forcing them to surrender passwords and internet usage data,” Anonymous Australia said via email. “Unless the Government starts acting in the best interest of its people, it will continue to bring the noise.” The hackers said the attacks were in response to changes being discussed by the Parliamentary Joint Committee on Intelligence and Security (PJCIS). 

Not only Internet privacy but also Anonymous confirmed that its actions were also in response to recent denials of Australian-born WikiLeaks founder Julian Assange's extradition. 

A Department of Defence spokesperson said the department was aware of the reports of Australian attacks but did not publicly comment or discuss details of cyber incidents. "Defence, through the Cyber Security Operations Centre, works with affected government agencies, as required, to help mitigate threats to information security," the spokesperson said. A spokesperson for Federal Attorney-General Nicola Roxon said it was critical Australia's national security capability could keep up with technology and global security. "We must always stay a step ahead of terrorists, cyber criminals and organised criminals who threaten our national security," the spokesperson said.

This is not the first time, earlier the world have seen several protest generated from all over the world against Internet censorship. In case of SOPA, PIPA & ACTA hackers from different part generated massive cyber attack. Even Wikipedia go dark for 24 hrs. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anonymous Targets Australian Govt Sites Over Internet Privacy Laws"https://www.voiceofgreyhat.com/2012/07/AnonymousTargetsAustralianGovtSites.html</a>

Salt Lake City Police Department Hacked By Anonymous (#OpPiggyBank)

Salt Lake City Police Dept. Hacked By Anonymous (#OpPiggyBank)

Hacktivist Anonymous take responsibility for hacking into Salt Lake City Police official website. Two hackers from Anonymous named CabinCr3w & ItsKahuna was behind this hack. The hackers hacked into the database of the Salt Lake City PD and exposed confidential information such as Full name of the Employ, Address, Phone Number, email-id, password hash and so on. All the exposed information can be found on a pastebin release. After this security breach the site was kept down for maintenance as shown in the picture below.

According to a news release from police, the hacker group says the attack is a response to an anti-graffiti paraphernalia bill being sponsored by state Sen. Karen Mayne, D-West Valley City. Currently, the bill in its amended state, prohibits any person to possess any instrument, tool or device with the intent of vandalizing an area with graffiti. Offenders would be guilty of a class C misdemeanor. Depending on the extent of the vandalism, the crime could be boosted to a felony. 

Press Release Of Anonymous:- 

"=================================================                                #OpPiggyBank
                           @CabinCr3w & @ItsKahuna
 =================================================                             
Dear Salt Lake City Police Department,

We took note http://fur.ly/0/MaynePlot that Senator Karen Mayne has put forth a bill SB107 - http://fur.ly/0/MaynePlotBill that tries to resolve an inconvenience with a flamethrower. Regardless whether the messages spray painted are disturbing, this bill sets an attitude that will down the line lead to invasions of privacy in people's homes and raids at 6 am over spray paint. We know that law enforcement functions as a mindless machine led by InfraGard, PERF, and other domestic civil intelligence (so marches the security state) networks. We know there's money to be made in the "just doing my job" compartmentalized economy. Therefore we know that regardless of the intent of Karen Mayne's haphazard lawmaking, this will end in corporations selling miniature drones to police offers chasing 13 year olds. We will act now as we have seen other "well-meaning" legislation open the door to tyranny and financing of oppression. There is no denying where this will end in 3 to 5 years or perhaps sooner.

Has your Senator Karen Mayne watched Minority Report too many times? A law prohibiting ownership and use of purchased products based on suspected intent? Is she kidding? The purpose of the law is not to prevent crime, but to manage it. The public gets the benefit of the doubt. A little too zealous wethinks. Perhaps a little pre-emptive action will drive the point home. As the foot soldiers for this bill, you get a taste of Mayne's witch hunt mentality. There are plenty of means to prosecute defacement of both private and public property in a general way. There's also the fact that some of this behavior may fall under civil rather criminal context.

A felony has a serious effect on a person's liberties after serving sentences, including loss of second amendment rights. And is this really the way to handle it? Perhaps Karen Mayne should be looking into why your neighborhoods are drawing this kind of behavior? Not acknowledging grievances and social issues such as poverty can lead to communities forming their own identities separate from their leaders. If all the senator has to offer is a policy that will lead to a self-righteous escalation of enforcement, consider this our deterrent.

We are Anonymous
We are Legion
We do not forgive
We do not forget
Expect us..."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Salt Lake City Police Department Hacked By Anonymous (#OpPiggyBank)"https://www.voiceofgreyhat.com/2012/02/salt-lake-city-police-department-hacked.html</a>

Google Added Do Not Track (DNT) Facility in Chrome (User Privacy Implemented)

Google Added Do Not Track (DNT) Facility in Chrome Web-Browser (User Privacy Implemented)

Few months ago Microsoft made Do Not Track (DNT) facility available by default in Internet Explorer 10. So here comes the turn for Chrome. In February internet giant Google has agreed with the White House's Consumer Privacy Bill and here comes the result. Google has implemented the Do Not Track (DNT) header in its Chrome web browser, while promising to respect DNT headers set by visitors to its web site. 

First it was Mozilla who proposed the Do Not Track mechanism, later it has been garnered support from all major browser makers and a majority of the technology industry. 

Users who want to take advantage of the new DNT capabilities in Chrome will have to install the latest "bleeding edge" developer build in the form of the Chrome Canary branch. However, this version is not recommended for use in production environments. Users who are running a stable version of the browser will have to wait some months for the feature to arrive in the mainstream version.

"Do Not Track" is a tool that allows browser users to restrict advertisers from collecting information about their online Web activities. It has the backing of the U.S. Federal Trade Commission. Browsers with "Do Not Track" turned on don't block cookies but send a message to advertisers that the user does not want to be tracked. Companies voluntarily decide whether to comply with "Do Not Track," much as they currently decide whether to comply with the "Do Not Call" registry. Microsoft's announcement that it would turn on "Do Not Track" by default in IE10 angered advertisers. "The Digital Advertising Alliance, a coalition that counts Microsoft as a member, said that the decision ran counter to the industry's agreement with the White House announced earlier this year to honor 'do not track' as long as it is not a default setting," many international standards bodies.

-Source (The-H)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Added Do Not Track (DNT) Facility in Chrome (User Privacy Implemented)"https://www.voiceofgreyhat.com/2012/09/Google-Added-Do-Not-Track-DNT-Facility-in-Chrome.html</a>

Cyber Security Bill Has Been Rejected By The US Senate

Cyber Security Bill Has Been Rejected By The US Senate

A cybersecurity bill that had been one of the Obama administration’s top national security priorities was blocked by a Republican filibuster in the Senate on Thursday. Still the topic of cyber security remains controversial in the US Congress. The Senate voted 52 to 46 to cut off debate, falling short of the 60 needed to force a final vote on the measure, which had bipartisan support but ran into a fight over what amendments to the legislation could be proposed.

Soon after the vote, the White House released a statement calling the outcome “a profound disappointment.” White House regretted that the act failed to gain approval, saying that it could have protected the US from "potentially catastrophic cyber attacks". According to the White House, the proposed legislation fell victim to "the politics of obstructionism, driven by special interest groups seeking to avoid accountability". US civil rights campaigners Electronic Frontier Foundation (EFF), on the other hand, are celebrating a "victory over cyber spying". 

However, many further amendments were proposed by senators over the week. Ultimately, many voted in line with their concerns. For instance, in a statement after the vote, Democrat Ron Wyden said that in his opinion the Cybersecurity Act in its current form does not sufficiently safeguard Internet users’ privacy and civil liberties. According to Wyden, the act would not create enough incentive to actually promote the exchange of information. Republican senators mainly explained their rejection by pointing out that, despite the amendments, companies would be made to comply with too many bureaucratic reporting requirements.

The bill called for the government to provide businesses with classified information about cyberthreats and gave companies the option of sharing information about cyberthreats with the government. White House officials said the president opposed that bill because it called for too much information sharing between the government and businesses, which could have led to violations of Americans civil liberties.

-Source (The-H & NYTimes)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Cyber Security Bill Has Been Rejected By The US Senate"https://www.voiceofgreyhat.com/2012/08/Cybersecurity-Bill-Rejected-By-US-Senate.html</a>

Chrome 23 Closes 15 Security Vulnerabilities, Promises Longer Battery Life & Added Do Not Track (DNT)

Chrome 23 Closes 15 Security Vulnerabilities, Promises Longer Battery Life & Added Do Not Track (DNT)

The searching giant Google finally included the Do Not Track (DNT) option into its first stable version of the company's browser which is Google Chrome 23. In February internet giant Google has agreed with the White House's Consumer Privacy Bill and here comes the result. Google has implemented the Do Not Track (DNT) header in its Chrome web browser.  Few months ago Microsoft made Do Not Track (DNT) facility available by default in Internet Explorer 10. Also the Redmond based software giant drew some criticism recently for its decision to enable Do Not Track by default in IE 10. First it was Mozilla who proposed the Do Not Track mechanism, in Firefox in June 2011 when it released Firefox 5. The DNT option is disabled by default in Chrome and in order to turn it on, users need to go to the customization menu in the top right corner of the browser window. Then click on the Settings option in the left side and scroll down to open the Advanced Settings menu. Under the Privacy menu, check the box next to the "Send a 'Do Not Track' request with your browsing traffic" option. Once that option is enabled, the user will see a message explaining what the DNT system will do for them.

Not only DNT, with the release of Chrome 23, Google closes several security holes and promises to improve battery life for some users. For systems with dedicated graphics chips that support Chrome's GPU-accelerated video decoding, version 23 of the WebKit-based browser is said to significantly reduce power consumption. According to Google, batteries lasted on average 25% longer in its tests when GPU-accelerated video decoding was enabled compared to only using a system's CPU when streaming online videos. Version 23 of Chrome also addresses a total of 15 security vulnerabilities in the browser, 6 of which are rated as "high severity". These include high-risk use-after-free problems in video layout and in SVG filter handling, a integer bounds check issue in GPU command buffers and a memory corruption flaw in texture handling; a Mac-only problem related to wild writes in buggy graphics drivers has also been fixed. Eight medium-severity flaws including an integer overflow that could lead to an out-of-bounds read in WebP handling, and a low-risk have also been corrected. As part of its Chromium Security Vulnerability Rewards program, Google paid security researchers $9,000 for discovering and reporting these flaws. The update to Chrome also includes a new version of the Adobe Flash Player plugin which eliminates a number of critical vulnerabilities, all of which were discovered by the Google Security Team. Further information about the new features can be found in the release announcement, while a full list of security fixes is provided in a post on the Chrome Releases blog. Chrome 23.0.1271.64 is available to download for Windows, Mac OS X and Linux users. 

-Source (Google Chrome Blog, The-H & threatpost)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Chrome 23 Closes 15 Security Vulnerabilities, Promises Longer Battery Life & Added Do Not Track (DNT)"https://www.voiceofgreyhat.com/2012/11/Chrome23-With-Longer-Battery-Life-Do-Not-Track.html</a>

White House sends Congress a long-awaited cybersecurity proposal

The White House on Thursday sent Congress a formal proposal for cybersecurity legislation to help Senate lawmakers craft a passable bill from 50-some measures currently pending in both chambers.
The long-awaited framework would formally grant the Homeland Security Department oversight of cybersecurity operations within civilian federal agencies -- a role it has played in practice since last summer. Given the dearth of cyber experts in civilian agencies, the proposal would give DHS the same flexibility the Pentagon currently has to rapidly hire skilled professionals at competitive salary levels, Obama administration officials told reporters during a Thursday conference call.
The guidelines, which were expected to be released later on Thursday, largely rely on industry's know-how and willing compliance to certify their systems are safe and ask for federal assistance when attacked.
The proposal is silent on several sticking points, including cyberwarfare, classified information and the criteria for so-called critical infrastructure -- or systems that, if disrupted, could wreak havoc on national security. Such networks would be subject to greater regulation under a key Senate bill sponsored by the leaders of the Homeland Security and Governmental Affairs Committee. The White House framework also stays clear of a dispute over whether the president should have the power to hit a "kill switch," shutting down the Internet during emergencies.
The guidelines were prompted by a request from Senate Majority Leader Harry Reid, D-Nev., and chairmen of the committees with jurisdiction over computer security for input from President Obama on the various congressional proposals, White House officials said. The HSGAC and commerce panels passed comprehensive cybersecurity legislation about a year ago, while numerous other congressional panels and individual members have introduced their own piecemeal measures. The executive branch took about a year to reach consensus on which provisions agencies would support and what new ones they would propose.
The proposal would make so-called intrusion prevention systems a permanent fixture in the federal government, according to a fact sheet. As opposed to intrusion detection systems, which flag attacks and alert the appropriate responders, prevention software can actively respond by blocking intrusions. The guidelines say DHS should have the authority to supervise all such programs, including the existing "Einstein" tool. Internet service providers also would have to use the applications for any government traffic they manage.
The White House plan touches on one security element of a growth area in government IT: cloud computing. The practice allows organizations to access computer power, storage and software stored on the Internet by a third-party provider, rather than build on-site server farms. Administration officials are concerned that state protectionist measures are hampering the cloud industry, so the proposal would block state governments from requiring that companies in their states build data centers there, unless authorized by federal law, the fact sheet stated.
The guidelines would enable industry to obtain immediate assistance from Homeland Security in responding to an intrusion, if they wish, officials said. Currently, when organizations ask DHS to review logs to determine when a hacker attacked, the department's ability to intervene is slowed by legal uncertainty. To protect individuals, if a firm or local government wants to share such information with DHS, the organization must first strip out identifying information that is irrelevant to the infraction, according to the fact sheet.
Companies and local governments would be granted immunity for sharing information with the federal government about new computer viruses and cyber events that have compromised their systems. Should entities choose to provide such information, their customers' privacy would not be violated, according to the proposal.
White House officials said their proposal focuses on transparency and incentives to ensure companies managing networks for critical infrastructure in industries like energy and banking are accountable for service continuity. The draft bill directs Homeland Security and the private sector to jointly figure out which operations are the most critical and prioritize the most important threats to those services. An outside commercial auditor would assess the company's plans for mitigating such vulnerabilities.
On the consumer side, the proposal would require that businesses notify customers of certain data breaches to reduce the risk of identity theft. Sony recently took heat for not immediately telling customers that perpetrators had infiltrated the company's online gaming and music networks. The administration's plan would loop together a patchwork of 47 state laws on data breach reporting.
Many in the legislative branch and business community applauded the White House plan on Wednesday.
"The Senate and the White House are on the same track to make sure our cyber networks are protected against an attack that could throw the nation into chaos," HSGAC Chairman Joe Lieberman, I-Conn., ranking Republican Susan Collins, R-Maine, and Federal Financial Management Subcommittee Chairman Tom Carper, D-Del., said in a joint statement. The Senate and the administration "both recognize that the government and the private sector must work together to secure our nation's most critical infrastructure, for example, our energy, water, financial, telecommunications and transportation systems. We both call for risk-based assessments of the systems and assets that run that infrastructure."
The trio agreed with the administration that Homeland Security should take the lead in safeguarding civilian cybersecurity. Other lawmakers, particularly in the House, say the Defense Department, with its established expertise and deep pockets, should play a larger role in guarding U.S. networks. Currently, the Pentagon can monitor only the .mil domain and many civil liberties advocates would like to keep it that way.
Commerce Committee leaders also largely praised the proposed measure. "The White House has presented a strong plan to better protect our nation from the growing cyber threat," Chairman John D. "Jay" Rockefeller, D-W.Va., said in a statement. "I look forward to continuing to work with the White House, and my colleagues in the House and Senate, to pass a comprehensive cybersecurity bill this year."
Ranking member Sen. Olympia Snowe, R-Maine, said, "While the administration's delay in providing critical input to the legislative process is regrettable, it is my understanding that the administration proposal parallels many of the objectives, particularly pertaining to modernizing the public-private partnership, that Sen. Rockefeller and I have advocated."
Officials with trade group TechAmerica generally supported Obama's framework but said they had lingering questions about the flexibility the proposal grants firms to tailor their security strategies.
"The administration's proposal is a clear step forward in the process and we hope that it strikes the right balance between accountability and innovation in this shared responsibility between the public and private sectors," TechAmerica President Phil Bond said in a statement.
"We encourage Congress and the administration to draw a bright line between critical and noncritical infrastructure," Bond said. "Industry and government need to work together to make the right determinations for what is critical, and what the implications are for that designation."
Should the government require firms to take certain actions, the law must provide liability protections to shelter companies from any unanticipated consequences, he said.
Given that the Senate has been pursuing cybersecurity legislation in a bipartisan fashion, and both parties in the House last year actually passed elements of the White House proposal, the expectation is that a law could be enacted this year.
Disagreements over engagement in cyberwar or the job of the Pentagon's National Security Agency and the new U.S. Cyber Command likely will be worked out in separate legislation. Pending House defense and intelligence authorization bills, for instance, address cyberwarfare and require the development of systems for detecting unauthorized activities on classified networks.
But talks on the civilian-oriented bill may take months, especially since all sides appear to want industry involved in the vetting process. One item overlooked in the White House proposal that Congress wants -- the creation of a Senate-confirmed cyber czar -- may take some time to negotiate. And Congress has never considered some of the information-sharing measures the White House introduced on Thursday.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">White House sends Congress a long-awaited cybersecurity proposal"https://www.voiceofgreyhat.com/2011/05/white-house-sends-congress-long-awaited.html</a>

President Obama & Congress Will Issue Long Awaited Executive Cyber Security Order

President Obama & Congress Will Issue Long Awaited Executive Cyber Security Order 

Last week we reported that Pentagon has declared that they are moving toward a major expansion of its cyber security force to counter increasing attacks on the nation’s computer networks, as well as to expand offensive computer operations on foreign adversaries. Just one week after this declaration another crucial movement came from the U.S. government.  A secret legal review on the use of America’s growing arsenal of cyber weapons has concluded that President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad. According to sources President Barack Obama will issue a long-awaited cyber security executive order this week. Two former White House officials told the publication that the order is expected to be released after Tuesday night's State of the Union address. 

Given his status as commander-in-chief, Obama seems to be the clear choice, but since cyber warfare is such a new and unknown thing, the government hasn't actually figured out the rules of engagement yet. In the past couple of decades, the power to use America's cyber weapons has been shared between the Pentagon and the various intelligence agencies. With the exception of a series of strikes on the computer systems that run Iran's nuclear enrichment facilities an attack that Obama ordered himself the U.S. hasn't launched any major cyber attacks in recent memory, however. This probably won't be the case in the future. So the government is working on new rules of engagement, as it realizes that the capabilities of cyber weapons are evolving at a startling rate. The rules will be not unlike the set that governs how drone attacks are ordered and who orders them. Cyber warfare certainly stands to affect the average American more, though.  On Capitol Hill this week, Rep. Dutch Ruppersberger (D-Md.) and Rep. Mike Rodgers (R-Mich.) are set to reintroduce the Cyber Intelligence Sharing and Protection Act (CISPA) during a speech at the Center for Strategic and International Studies.

According to an exclusive report the bill would allow the government to share classified cyber threats with the private sector so that those companies can then protect their systems from cyber attacks. The bill was killed last year due to privacy concerns. Civil-liberty groups argued that the bill allows companies to exchange too much personal information back and forth without regulation. 

-Source (Bloomberg, NY Times & Atlantic Wire)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">President Obama & Congress Will Issue Long Awaited Executive Cyber Security Order"https://www.voiceofgreyhat.com/2013/02/Obama-Congress-Will-Issue-Executive-Cyber-Security-Order.html</a>

Worse Than SOPA- CISPA Will Allow Monitoring Any Online Communication (#Censorship)

Worse Than SOPA- CISPA Will Allow Monitoring Any Online Communication #Censorship

In the wake of SOPA and PIPA, there is yet another terrifying bill on the table. The Cyber Intelligence Sharing and Protection Act (or CISPA for short) which is currently being discussed by Congress. The title of this controversial act is H.R. 3523 and it has been dubbed the Cyber Intelligence Sharing and Protection Act. It is feared that CISPA is far worse than SOPA and PIPA in its possible effects on the Internet.
While this paper has been created under the guise of being a necessary weapon in the U.S. war against cyberattacks, the wording of the paper is vague and broad. It is thought that the act could allow Congress to circumvent existing exemptions to online privacy laws and would allow the monitoring and censorship of any user and also stop online communications which they deem disruptive to the government or to private parties. CISPA is described as a “cybersecurity” bill. It proposes to amend the National Security Act of 1947 to allow for greater sharing of “cyber threat intelligence” between the U.S. government and the private sector, or between private companies. The bill defines “cyber threat intelligence” as any information pertaining to vulnerabilities of, or threats to, networks or systems owned and operated by the U.S. government, or U.S. companies; or efforts to “degrade, disrupt, or destroy” such systems or networks; or the theft or “misappropriation” of any private or government information, including intellectual property. CISPA has also been condemned by the Electronic Frontier Foundation, an online advocacy group. The Electronic Frontier Foundation (EFF) adds that CISPA’s definition of “cybersecurity” is so broad that “it leaves the door open to censor any speech that a company believes would ‘degrade the network.’” Moreover, the inclusion of “intellectual property” means that companies and the government would have “new powers to monitor and censor communications for copyright infringement.” According to both CDT and EFF, this means some of the largest corporations in the country, including online service providers like Google, Twitter, Facebook or AT&T could, if pressured, copy confidential information from a user and send this information to the Pentagon, as long as the government believes there is a reason to suspect wrongdoing.
Critics warn that CISPA gives private companies the ability to collect and share information about their customers or users with immunity — meaning we cannot sue them for doing so, and they cannot be charged with any crimes.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Worse Than SOPA- CISPA Will Allow Monitoring Any Online Communication (#Censorship)"https://www.voiceofgreyhat.com/2012/04/worse-than-sopa-cispa-will-allow.html</a>

Operation Great White North - Anonymous Threaten Vic Toews & Every MP Who Voted For SOPA

Operation Great White North- Anonymous Threaten Public Safety Minister Vic Toews & Every MP Who Voted For SOPA 

Infamous hacker group Anonymous called Operation Vic.Tory / Operation Great White North. In a You Tube release they have threatened Public Safety Minister Vic Toews to expose all of his personal information if he does not stop the Internet surveillance bill. In a pastebin release hackers from anonymous posted personal information including email-id, phone numbers of all the MP who have voted on Bill C-11, the Canadian version of SOPA.

In this video release Anonymous said:-

"Hello, Mr. Toews.
We are Anonymous.
We warned you not to force your abhorrent spying legislation onto the Canadian people.
You did not heed our warnings.
Now you will be exposed for the hypocrite that you are: A man who believes registering a lethal weapon is an unfair invasion of privacy, but demands that the public's information be logged for use by the authorities. A man who declares marriage and the family to be sacred institutions, but commits adultery and impregnates his mistress, and then abandons his own child. A man who demands his country spy on the Canadian people's private activities, but demands a parliamentary investigation when fully accessible public records about his own personal life are exposed.
Mr. Toews, you are now literally a joke in the eyes of the internet, the Canadian public, and the world.
You will cease your efforts to defy the will of your own citizens immediately. If you do not, rest assured that public outrage and protests will only grow, and you will soon find yourself not only mocked, but jobless and despised.
A man as deceitful as yourself is bound to have many skeletons in his closet. Some of these have already been brought to light, and we have no doubt that this is only the tip of the iceberg. Rest assured, Anonymous will not allow a politician who allows his citizens no secrets to have any secrets of his own.
Let this be a warning to any politician who attempts to censor, control, or hamper public use of the internet in Canada, or anywhere else on this planet.
Your actions will not stand. You cannot run. You cannot hide. For every one of us you arrest or imprison, a dozen more will emerge to take their place. You have underestimated the power of the internet in the hands of the people. Tyrants have once again created the weapons of their own destruction. You will pry the internet, our most valued and precious weapon against oppression, from our cold dead hands.
In closing, you may champion firearms and despise the freedom of information, but beneath this mask is more than flesh.
Beneath this mask there is an idea, Mr. Toews, and ideas are bulletproof.

We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us."

 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Operation Great White North - Anonymous Threaten Vic Toews & Every MP Who Voted For SOPA"https://www.voiceofgreyhat.com/2012/02/operation-great-white-north-anonymous.html</a>

Security Expert Believes PSN Should Remain Offline

The PSN has been up for a few days now, in most of the world. However, in Japan, the country where Sony calls home, the network has yet to be restored due to governmental blocks in place before it can be separately verified that the new infrastructure is secure. Now at least one security expert in Australia has taken a similar stance.

Bill Caelli, Senior Research Scientist at the Information Security Institute in the Queensland University of Technology, recently spoke with The Australian, a website for the region. He stated that in his opinion the government should have intervened with the restart of the PlayStation Network, to have its new security tested by an outside party. Mr. Caelli begs the question: “Why is it that in the IT industry enterprises certify themselves?” He claims that the average consumer has “no way of assessing the assurances given by the owners of the system themselves.” Australian Privacy Commissioner Timothy Pilgrim stated that an investigation into the incident is currently in progress, and he was also pondering if the commission should seek out more information from Sony.
Have Sony disclosed enough information, or should governments play a more active role in determining if any corporation’s actions are sufficient following a massive data and privacy leak like the one Sony has just gone through? The PSN service is currently up in Australia, but of course we will update you if and when the situation changes.
Roger Thompson, AVG’s Chief Research Officer also recommended holding off inputting your credit card details straight away in an exclusive interview (Part 1, Part 2) with PlayStation LifeStyle during the PSN downtime. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Security Expert Believes PSN Should Remain Offline"https://www.voiceofgreyhat.com/2011/05/security-expert-believes-psn-should.html</a>

T.E.N. Announces 2011 Information Security Executive® (ISE®) Central Awards Nominees

T.E.N., a technology and information security executive networking and relationship-marketing firm, announced that nominations have closed for the ISE® Central Awards 2011. Finalists and winners of the Information Security Executive® Awards for both Executive and Project categories will be announced at the ISE Central Executive Forum and Awards Gala to be held on June 7, 2011 at the Westin Galleria Hotel, Dallas, Texas. 

Executives nominated for the ISE® Central Award in the Executive category are defined as leaders who improve their organization's risk management, data asset protection, privacy and network security efforts while proactively implementing security technology and processes. Judges evaluated these leading nominees based on the following criteria: responsibilities, aligning security with the business, leadership, vision of the future, applying innovation, and building technology partnerships. Nominees include:

• Zulfi Ahmed, CISO, Pepsi
• Joe Bernik, CISO, Fifth Third Bank
• Bill Davis, Data Security Officer, Amarillo National Bank
• Keith Fricke, ISO, Catholic Health Partners
• Doug Jacoby, CISO, Baker Hughes
• Chad Mead, VP & Global Leader: Technology Governance Risk and Control and CISO, Cargill, Inc
• John Petrie, VP & CISO, Harland Clarke Holdings Corporation
• John South, CISO, Heartland
• Kevin Swailes, Director Global IP Protection, COE (Center of Excellence), GE Energy
• Scott Sysol, CISM, CISO and VP of Information Technology, Service Management & Security, CUNA Mutual Group
• Amy Wang, Director, Information Services and Information Security Officer, Henry Ford West Bloomfield Hospital

The ISE® Central Award in the Project category garnered an outstanding range of information security projects that were deployed and completed in the last 12-18 months and have had the greatest positive impact within their organization. Judges evaluate projects based on scope, defined goals, ability to execute and overall results achieved for the organization. Nominees and their project titles include:

• Allstate Insurance: Information Security Risk Management Program
• AT&T: End to End Data Protection, Risk Mitigation & PCI Compliance
• CUNA Mutual: SailPoint Identity IQ Full Suite Implementation
• Electronic Arts: BSOC - Business Security Operation Center
• GE Energy: DLP for IP Protection
• Henry Ford West Bloomfield Hospital: Create a Collaborative Security Culture
• Medical Mutual of Ohio: Symantec DLP (Vontu) Implementation
• Michigan State University Residential & Hospitality Services: Kellogg Center PCI-DSS
• Nationwide: Effective Risk Management = Effective Business Management Enabling the Business Through Effective Risk Management
• Southern Union Company: Network Access Control Project

"We're pleased to announce that the ISE® Programs were chosen as the third most attended programs for IT Security Executives in 2011. They function as an idea incubator, provide a channel for research, education and information sharing, speed knowledge transfer and promote best practices," said Marci McCarthy, CEO and President of T.E.N. Eligible nominees were selected from the U.S. central region including Arkansas, Illinois, Indiana, Iowa, Kansas, Louisiana, Michigan, Minnesota,Missouri, Nebraska, North Dakota, Ohio, Oklahoma, South Dakota, Texas and Wisconsin.

Nominations are sent to T.E.N.'s distinguished panel of ISE® judges for review and scoring. Judges have the final approval in determining whether an executive or project team is qualified to participate as a nominee at either the regional or national level. Finalists and winners are not announced publicly until the evening of the awards.

The ISE® Central Distinguished Panel of Judges for this year's awards include:

• Mark Chamberlain, Executive Director, IT Security Management, USAA
• Chris Leach, SVP and Chief Information Security Officer, ACS, a Xerox Company
• Vickie Miller, Director of Information Security, FICO
• Robert Myles, Assistant Vice President, Information Security, CISO, University of Texas Southwestern
• Gene Scriven, Chief Information Security Officer and Vice President, Sabre-Holdings Inc.
• Tim Stanley, Director, Information and Infrastructure Security, Waste Management
• Julie Talbot-Hubbard, Director of IT Risk and Security Management, Cardinal Health
• Brian Wrozek, IT Security Director, Texas Instruments Incorporated

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">T.E.N. Announces 2011 Information Security Executive® (ISE®) Central Awards Nominees"https://www.voiceofgreyhat.com/2011/04/ten-announces-2011-information-security.html</a>