Mixing Business With Gov't Stupidity: General Clark Tells Congress Why It Should Regulate P2P (And Make Him Richer)

from the all-about-the-money dept

Remember the ridiculous story last month about how some clueless politicians were blaming the fact that some government employees were breaking rules and too stupid to understand how P2P software worked that P2P software needed to be regulated for the good of national security? It turns out that there's even more to this story. Congress called in a "star witness," in former presidential candidate General Wesley Clark, who took the position that P2P must be regulated: "If you saw the scope of the risk, I think you'd agree that it's just totally unacceptable. The American people would be outraged if they were aware of what's inadvertently shared by government agencies on P2P networks. They would demand solutions." And what kind of solutions would those be? Apparently, the kind whereby the gov't regulates P2P providers and requires they build in security. And what kind of security would that be? Why, perhaps the kind of security supplied by a company advised by the very same General Wesley Clark. We won't even bother to name the company here, because it doesn't need any additional free publicity, but its website is full of scary statements about how P2P software is threatening national security.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    bt garner, Aug 14th, 2007 @ 11:05am

    Wow

    Have we as a society become so shallow that stuff like this just happens without the uproar it deserves?

    How about this: Corporate policy the forbids P2P activity. Block the P2P ports on the firewall you are using (you are using a firewall, right? right? RIGHT?) and if anyone is found trying to circumvent and use P2P software, they are terminated.

    That might be a bit extreme, but this is nothing that needs regulatory oversight.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Unknowledgeable Geek, Aug 14th, 2007 @ 11:18am

    This is

    This is such a no-brainer I am sure the gov't will screw it up somehow. I am the network administrator on several dozen networks, you know how easy it is to not allow P2P traffic and monitor for people trying to circumvent? Now, spelling that ain't my fortay. But, stopping P2P (which at the gov't level, I have no clue why this isn't done already) is simple.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Aug 14th, 2007 @ 11:19am

    a HUGE problem is that the good folks in congress don't understand technology - but of course they are qualified to regulate it...

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    CatBandit, Aug 14th, 2007 @ 11:23am

    Flag level officers chase dollars

    Clark is no different than others with high military rank - or high GS ratings - who find ways to "milk" the enlisted people or the public who they are supposed to "lead".

    Look at any military installation for any service. The "civilian" dry cleaners, tailors, restaurants and bars and on and on are owned by senior enlisted or officers - sometimes retired but often not. These guys pass the regulations and then get wealthy providing the goods and services required by those very regulations.

    Clark has just found a technical twist to a very old game.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Matt, Aug 14th, 2007 @ 11:36am

    not to mention something that wouldn't work

    BT Gamer: "block p2p ports" I sincerely hope that is satire. However in the wonderfulness of the internet lets try to add some assumptions that its not. How is that going to work when any bit torrent program can be assigned to any port. Also if you just go around only allowing certain ports (without same lack of knowledge), you'd be amazed at the legitimate things you'd block and/or can't. Also you can't just "block encryption" since torrent programs use encryption as does VPN. It is easy to find a high amount of upstream/downstream coming to 1 pc. But it's equally unlikely anyone torrents for work other than for legitimate reason (universities sharing lectures for one). You're not going to see it visually (minimize the program). And when it all comes down to it, someone can bring a program on a USB drive to get by all the blocking. So it's kinda hard to secure stuff like that.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    GoblinJuice, Aug 14th, 2007 @ 11:50am

    I respect General Clark, but I think he's gone the shill. Sad, very sad.

    A BOFH can handle P2P. A private corp, with a multi-million dollar solution that'll be circumvented quicker than you can google "pr0n", can't.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Chronno S. Trigger, Aug 14th, 2007 @ 12:03pm

    Re: not to mention something that wouldn't work

    You make a valid point. P2P programs are too hard to block so this regulation must be passed. Unless you take into account that firewalls can block or allow specific programs. In a military installation I'd expect to see those firewalls in effect. but then I'd also expect to see some personal restraint on the part of the employees.

    "you'd be amazed at the legitimate things you'd block and/or can't. Also you can't just "block encryption" since torrent programs use encryption as does VPN."

    Again this is a military installation. Please tell me how many places these people need to be other than other military computers that probably already have a dedicated VPN set up in the routers or even a hard line.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Greg Piper, Aug 14th, 2007 @ 12:28pm

    Clark was transparent about the affiliation

    It should be noted that Wesley Clark was up front with the committee about his interest in this security company. His statement isn't on the committee website (odd because everyone else's is), but the print handout at the press table noted his affiliation, on the first page if I remember correctly. You can watch the archived video yourself at the Oversight Committee site.

    http://oversight.house.gov/story.asp?ID=1424

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Aug 14th, 2007 @ 12:31pm

    Re: Wow

    "Have we as a society become so shallow that stuff like this just happens without the uproar it deserves?"

    Yes: Iraq.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    t, Aug 14th, 2007 @ 12:44pm

    not a tech geek, but -- if you don't allow people to install software on their own machines at gov't installations, which seems prudent, then no p2p software should get on the machines. That, along with other reasonable care, including the threat of discipline if personnel are caught using p2p software would seem to make sense.

    I've been at companies with tight security around software installation connecting to anything outside the LAN and use of company computers. The funny thing is, people actually wind up working instead of shopping EBAY, tracking their fantsy foot ball teams or building their music collections.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Fat Tony, Aug 14th, 2007 @ 12:46pm

    Solutions

    The way to block p2p programs is to block installations. Not every idiot in an organization requires rights to install. So restrict those rights and anyone who circumvents the system gets one warning. Second warning = fired
    If you can't respect the rules of your organization you shouldn't be in it.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Dave, Aug 14th, 2007 @ 12:48pm

    groan

    Wow, and I thought that guy was actually reasonably intelligent.

    You know, nothing's constant in the universe except for one thing - politicians are unerringly stupid about regulating technology, and should not be trusted to do so without a HUGE amount of help from smart people. Like that's ever going to happen.

    They'd screw it up even if they weren't listening to lobbyists with an ax to grind.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Aug 14th, 2007 @ 1:10pm

    As plenty of people have stated, blocking p2p traffic, especially in a military institution (shouldn't security be their top priority?) is not that difficult. I've worked in corporate environments where we enforced policies that are apparently 10x more strict than the government/military. Even if someone managed to get a p2p app installed (why oh why can a user install ANYTHING), they wouldn't get through the perimeter defenses.

    Unfortunately I am not surprised by this. Attempting to regulate an 'industry' that's impossible to regulate since anyone with some decent programming knowledge can write and release a p2p app just gives a false sense of security and completely ignores the core issue. Hire some competent infosec admins, listen to their advice and enforce the policies they create. That includes the people at the top of the food chain.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    anonymous coward, Aug 14th, 2007 @ 1:28pm

    I have yet to hear of one single government employee ever being terminated because of a data breach no matter how stupid or avoidable it was.

    You don't penalize everyone because one person does something wrong. You punish that person. If we go down that road, cars should be outlawed tomorrow.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    John, Aug 14th, 2007 @ 2:16pm

    I'm confused...

    Maybe someone can explain it better, but I'm confused about why people in government offices, and who deal with secure data, need p2p software installed on their computers?
    Like one of the posters already said, don't they have a VPN set up? And even if they really, really do need a p2p software program, who installed the program and allowed it share everything on the computer?

    But, it's better to put in government regulations instead of holding the IT people and the government worker accountable for their actions.
    (Yes, that was sarcasm)

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Guy who thinks Clark is a moron, Aug 14th, 2007 @ 3:02pm

    Clark is a moron....

    'nuff said...

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    R3d Jack, Aug 14th, 2007 @ 5:04pm

    Re:

    Or reading TechDirt

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Dragon Spirit, Aug 14th, 2007 @ 5:17pm

    P2P a threat to national security???

    Wouldn't it be cheaper and easier to either A) Train the incompetent government staff in setting up P2P properly, or B) simply block the ports used by P2P software on the Government Servers???

    Why should the entire free world be penalised because of some incompetent government employees? GET REAL!!!!! Teach them how to use it properly, or block them from being able to use the P2P software on Government Computers. SIMPLE SOLUTION, that does not encroach on the rights and civil liberties of everyone else on the planet! Dead set these wankers in Government and politics seem to think that everything is an opportunity for them to bullshit their way in to making more money for themselves, whilst telling us all that "This is for your own good and for national security". What a crock.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    jammerman79, Aug 14th, 2007 @ 6:43pm

    not employees

    If you notice, the security breach examples provided are all from contractors... maybe they should be looking at that.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    eris23, Aug 15th, 2007 @ 1:13am

    Communication is the threat

    Stories of p2p, unsecured ftp sites, etc, being a threat to National Security blind the public to the underlying problem: Communication is the threat.

    To prevent any potential enemy from finding out things all we have to do is make any form of communication illegal. Muzzle mouths, bind up hands, etc.

    With no communication possible, no information can be stolen.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Sanguine Dream, Aug 15th, 2007 @ 6:09am

    Re: Wow

    Well considering a guy can be fired (and sued) if a woman hears him tell a dirty joke (which is not directed at her but she just happens to be in earshot of it) I don't think instant termination for trying to install any restricted software is too extreme. In fact I'll go as far as to say that is one of the few rules that I would support at any company.

    But here's the trick. If a simple rule like that were to be passed and enforced then that means that there's no big corporation getting paid to do a job that they created themselves and we cannot have that.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This