SoylentNews is people
SoylentNews
from the what-legislates-in-nevada-stays-in-nevada dept.
Ostensibly, the bill is aimed at enhancing data security. However, many aren't convinced that the provisions of the bill would provide any value at all.
From the USA Today article:
Nevada could become the first state in the nation to mandate the physical route government data takes as it travels the Internet under a bill being considered by the Nevada Legislature.
The bill's sponsors, Assembly Majority Leader Paul Anderson, R-Las Vegas, and Sen. Mo Denis, D-Las Vegas, argue their measure is critical for cybersecurity because it would keep government Internet traffic confined to the state, instead of allowing that data to travel traditional paths that often include out-of-state connection points.
But both critics of the bill and independent Internet security experts said the measure would do just the opposite, creating a single-point bottleneck that could make data more vulnerable to attack and would defeat the Internet's greatest strength, that it is decentralized with an almost infinite number of traffic routes.
The bill has until Friday (4/10/2015) to make it out of committee or it will die.
It's worth noting that the only public supporter of the bill is Switch (better known as Supernap) which would have a lot to gain should this bill pass.
(Score: 0) by Anonymous Coward on Friday April 10 2015, @12:43PM
Someone trying to ensure their traffic stays within a physical boundary runs cable within a physical boundary. It's not rocket science, it's network engineering.
(Score: 5, Informative) by MrGuy on Friday April 10 2015, @01:05PM
Which gets back to my point. If you want to build a custom dedicated physical network to guarantee this, then fine - go nuts.
If you're using a shared network (like, for instance, the internet) which has routes that go many places, some of which are outside your desired geographic boundary, it's difficult-to-impossible to ensure certain packets can NEVER be routed outside a certain physical boundary.
The cables already exist, and they do NOT stop at the border of Nevada.
I'm sure it's possible to accomplish this, but it would probably take custom TCP/IP headers (to identify which packets we care about) and custom routing rules, which every ISP serving Nevada would need to implement on quite a lot of routers.
(Score: 3, Interesting) by edIII on Sunday April 12 2015, @05:41PM
You're completely forgetting about how design considerations being decided by the policy makers wholly trump any arguments from the engineers. I'm from Vegas. This isn't about doing something technically possible about all. It's about Switch (supernap) and Cox communications siphoning tens of millions of dollars of tax payer money. When you're talking about that much money, it starts becoming possible. On a technical level, they could restrict all traffic going from Vegas to Reno & Carson City to a single link. It would be stupid, but it's possible.
This is the state that is so strapped for competency in government networks, that they just gave up, wrote a law, and said citizens were wholly responsible to inform the DMV computer systems of their insurance. Most citizens had no idea for years, and most still don't. It was a response to the costly and ridiculous circus of sending huge magnetic data tapes around from the insurance carriers to the DMV. Their solution? Insurance doesn't need to do anything, regardless of existing IT departments, but citizens need to go to a website now. That wasn't good enough after awhile, and they gave insurance carriers freedom from of all liability. Additionally, they decided that $10 million dollars for a Microsoft based server system and .NET based programming was appropriate for the citizen portal. That was cheaper than setting up some secure tunnels and syncing databases like normal companies do.
The fines against the newly liable, and often ignorant citizen, were fantastic too. Minimum $250, but it could balloon up to $750 really fast if you missed one of their mailings. A lot of people complained bitterly including insurance agencies. Maybe 18 months ago (IIRC) they started with a sane plan to start syncing up their databases every 30 days with files. However, it's still the responsibility of the citizens. Insurance agencies bore their entire brunt of the law and started hours a day (per agent) entering the data into the DMV website by hand through a portal. There was your true cost of the system and how it could function; Pushing 100% of the work and angry customer calls to the agents.
Wait.... it got worse too:) The DMV would often, and arrogantly claim to citizens, that it was the agencies fault entirely. Can't blame the DMV either, as most of their employees thought it was still the carrier's responsibility too being ignorant of their own processes. It's somewhat better now, but this is probably about $50 million dollars later in wasted costs. Those wasted costs of course, ending up with a few people and companies that probably have their executives golfing together.
This will probably be approved (they approved the citizen entering information in a portal for shit's sake), and business as usual in Nevada will get under way... Let's see who gets hurt, and see who gets paid, and it never matters who is getting hurt.
Technically, lunchtime is at any moment. It's just a wave function.