by Constantine von Hoffman

Senator Backpedaling on Key Part of SOPA

Jan 13, 20122 mins
CybercrimeData and Information SecurityEncryption

Leahy says a provision causing tech problems needs more study. Plenty of other problems still remain.

Vermont Sen. Patrick Leahy, who introduced the Senate version of SOPA, now says “more study” is needed about a provision letting the government get court orders compelling ISPs to block sites’ domain names or Web addresses.

SOPA (“Stop Online Piracy Act”), which is backed by Hollywood studios and other copyright holders, has been under attack since it was introduced last year. Tech companies, human rights groups and Internet engineers all object to it. While the first two groups have sound legal objections, the engineers trumped that by pointing out that the bill has substantial and dangerous technical problems. They said that trying to enforce it could very well “break” the internet. The part of the bill that would do this is what Sen. Leahy is now trying to run away from. A vote to bring the bill to the Senate floor is scheduled for later this month.

Although Leahy claims to have gotten technical advice from “major ISPs” before drafting the bill, there are so many flaws in it that I suspect he got the advice from the marketing departments. Hearings before the House about SOPA raised very real doubts about whether the sponsoring Congressmen had enough technical knowledge to send an e-mail.

Here’s a round up of other IT security news from the week:

·         Stratfor back online after crippling hack attack: The company, which provides intelligence on global business, security and economic issues, was hacked on Christmas eve and the perpetrators later posted names and credit card numbers for 75,000 clients.

·         U.S. expels Venezuelan diplomat over cyber attack charges: Livia Antonieta Acosta Noguera, Venezuela’s consul in Miami, was implicated in an alleged Iranian plot to launch cyber attacks against nuclear power plants.

·         India spy agency may have infiltrated U.S. government networks: Infosec Island says it received proof from hackers who had taken Symantec source code from Indian intelligence agencies.

·         New Zeus malware siphons bank accounts of US victims: “Gameover,” a variant of the Zeus malware, can steal usernames and passwords. It’s being spread through spam e-mails purporting to come from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank and the Federal Deposit Insurance Corporation (FDIC).