Will the Feds Control Software Design?

by Crocker on April 5, 2009, 6:43 am

in Law, Politics, Technology

The blogosphere has been buzzing over the Cybersecurity Act of 2009, S 773, sponsored by Jay Rockefeller, et als. Ed Morrissey, Wretchard, Jules Crittenden and others have discussed one aspect of the Act, namely, the president’s ability to take down or degrade portions of the Internet or other systems in a national security situation. I would refer you to these sites for a full discussion of this aspect of the bill. In particular, Wretchard and his commenters explore the nuance in some detail.

But there’s more to this than just switching the Net on and off. What’s more interesting to me are are sections 6 and 7 of the draft bill.

Section 6 directs NIST to develop and implement standards for configuration architecture and specifications for any ’software’ that may be ‘widely used’ by the feds or ‘in private sector owned critical infrastructure information systems and networks’. What constitutes a ‘critical infrastructure information system or network’ is undefined and is presumably in the eye of the presidential beholder.

The draft goes so far as to specify a standard config language and settings for ALL software that may be used in the same ‘critical’ systems, with the requirement that such software must run without changing any of the standard config settings. ‘Software’ is undefined. In the engineering world, there’s configuration at every level of the system – network, OS, application and everything in between. The feds are now apparently going to be writing software specs for the entire industry, because configuration is at core of every system, at every level.

Section 7 creates a mandatory licensing regime for anyone who provides ‘cybersecurity’ services either to the feds or (that definition again) private ‘critical infrastructure information systems or networks’. You won’t be able to do work involving ‘cybersecurity’ without certification and licensing (which, on contemporary systems is just about everything).

So, in one move, the feds regulate – and indeed create – the keys to the software design kingdom (namely, config) and arguably license anyone who comes near it.

And the notion of a ‘critical national infrastructure’ has come up in another context – in the FCC’s control of radio and Internet content.

It’s quite total.

Share and Enjoy:
  • Twitter
  • Facebook
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Sphinn
  • SphereIt
  • Faves
  • Technorati
  • Live
  • Mixx
  • Google Bookmarks
  • Print
  • email

Tagged as: , , , , , , ,

{ 2 trackbacks }

Topics about Technology » Will the Fed Control Software Design?
April 5, 2009, 7:49 am at 7:49 am
Topics about Politics » Will the Fed Control Software Design?
April 5, 2009, 8:18 am at 8:18 am

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post:

Get Adobe Flash playerPlugin by wpburn.com wordpress themes