Today, the U.S. military can defend its networks within and at their perimeter, yet it is less able to prevent attacks before they occur. The military is essentially limited to a reactive and forensic posture as opposed to a dynamic and preventive one. The Panel believes the United States must have the ability to defend its critical networks beyond the boundaries of its own infrastructure to forestall catastrophic cyber threats before our networks or the information they contain are damaged or destroyed. We need an active immune system with the capacity and authority to shut down an attack instantaneously at the point of origin. However, this defensive footing is more a matter of the proper authorities than of technology. We need to identify the kinds of attacks we can treat diplomatically as acts of war, and eliminate them.
An active immune system—an automatic, self-healing network—that protects our networks is in some ways a whole new paradigm. The capability should be predicated on a set of standing rules of engagement (SROE) that is sufficiently flexible to respond to myriad threats. These SROEs must account for the expanded event horizon and compressed timeline that characterize operations in cyberspace. The mechanisms, means, and modes the Department uses to render assistance to other departments, agencies, or branches of government is unclear. The Department of Defense should be responsible for cyber security of the
It will be interesting to see what kinds of hacks and attacks will be classified as "acts of war", and how the U.S. plans on a) pre-identifying such kinds of attacks based on either the nature of the instrument used (trojan horse, virus, etc), or possibly on the effect of the attack; b) timely justification an active "immune system" response when the attack originates on foreign soil or in foreign servers that allows for a credible response yet denies the attacker time to escape retribution, and the level of the response to eliminate the threat; and c) the prevention of collateral damage (e.g. how do you take out just portions of a critical server that may be an unsuspecting host to the attack. The QDR Independent Panel report can be found here: http://www.foreignpolicy.com/files/fp_uploaded_documents/100728_QDR%20Ind.%20Review%20Rept.%207.27.10.pdf
hopefully, since this would double my current internet cost.
And now ebook publishers are doing the same thing.
I have an ebook addiction. I am happy to pay for them. I want the publisher and the author to get money, so I can get more ebooks. I even put up with the ebooks having DRM.
But most of the major publishers decided, as of April 1 this year (and no, it wasn't an April Fools), to exert a ridiculous level of control over retailers. Most of the books I want are now "not available in your country". So after spending a good sum of money on ebooks over the last year or so, the publishers have decided my money isn't good enough.
Before April, I had never downloaded a possibly-illegal ebook. Now I have two choices: somehow get over my addiction, or download free non-DRM copies.
Sellers/publishers of electronic stuff, be it ebooks, games, movies, tv shows, music or even software, really need to wake up. If they refuse to sell people what the people want, people will look for other ways to obtain it. And that carries the risk that people will stop paying any attention to what is available for sale.
Understanding is always the understanding of a smaller problem in relation to a bigger problem. -- P.D. Ouspensky
