- BlogInfoSec.com - https://www.bloginfosec.com -

Einstein … Say Aaah!

Perhaps the most famous, or infamous, photograph of Albert Einstein is the one showing him irreverently sticking out his tongue in response to a photographer’s request that he smile. Incidentally one of the few original prints of the photograph sold at auction on June 19, 2009 for the princely sum of $74,324. In any event, that image came to mind when I read an article, with the title “Troubles Plague Cyberspy Defense,” by Siobhan Gorman. The article appeared on the front page of the July 3-5, 2009 issue of the Wall Street Journal.

As the article points out, Einstein is the name of the system that the U.S. government has created “… to protect [its] computer networks from cyberspies.” Apparently, the development and rollout of the system “… is being stymied by technical and privacy concerns.” No wonder Einstein is sticking out his tongue. Ironically, the photograph was taken during the McCarthy era, and was seemingly a political statement. Today it can be construed as the Einstein system perhaps mocking those who would quash it. For despite the delays caused by concerns over privacy and unlawful surveillance, the system ploughs forward with a planned Einstein 3 in the offing.

Let’s just go back a little to explain the differences among the three versions of Einstein. In many ways they somewhat parallel infosec’s evolution of firewalls, IDS (intrusion detection systems), and IPS (intrusion prevention systems). According to the article, Einstein 1 merely monitors traffic in and out of federal civilian networks. Einstein 2, which is currently being built, is intended to detect cyberattacks and produce immediate alerts. Einstein 3, which is apparently in the planning phase, will “deflect” security attacks that are detected.

The balance among the privacy of individuals, the security of the nation and the safety of its citizens continues to be very difficult to achieve. We value greatly our right to privacy, including our ability to choose who can access our personal information. Consequently, we get very concerned at even the hint that government might be accessing information about us. Yet it has been demonstrated time-and-time again that we willingly give up personal information on our own for what might be considered trivial rewards. This dual standard can be a source of concern and confusion. Our lawmakers in Congress go to great lengths to try to force the protection of information that identifies us and of which disclosure might result in fraudulent and other nefarious activities. Unfortunately, many of the resulting laws and regulations are usually only minimally effective since they address the ID theft issue at the possible expense of other equally important security initiatives.

In President Obama’s May 29, 2009 speech, he underlines the statement that he will not allow surveillance of citizens’ personal information and intrusions on their privacy. However, this does not appear to allow for the oversight and data-discovery requirements for an effective Einstein program. To the extent that access to sensitive data is generally held to be permitted only on a “need to know” basis, there surely must be a way to protect data regarding law-abiding individuals from inappropriate access by unauthorized persons, while still capturing important information about those perpetrating unlawful acts, and so that someone can act on that information. One has to believe that such technology and procedures exist or can be developed and implemented … so that Einstein can smile once again.