Professional Documents
Culture Documents
Source: CNet
SAN FRANCISCO--Homeland Security and the National Security Agency may be taking a
closer look at Internet communications in the future.
Not much is known about how Einstein works, and the House Intelligence Committee once
charged that descriptions were overly "vague" because of "excessive classification." The
White House did confirm this week that the latest version, called Einstein 3, involves
attempting to thwart in-progress cyberattacks by sharing information with the National
Security Agency.
"I don't think you have to be Big Brother in order to provide a level of protection either for
federal government systems or otherwise," Schaffer said. "As a practical matter, you're
looking at data that's relevant to malicious activity, and that's the data that you're focused
on. It's not necessary to go into a space where someone will say you're acting like Big
Brother. It can be done without crossing over into a space that's problematic from a privacy
perspective."
If Einstein 3 does perform as well as Homeland Security hopes, it could help less-prepared
companies fend off cyberattacks, including worms sent through e-mail, phishing attempts,
and even denial of service attacks.
On the other hand, civil libertarians are sure to raise questions about privacy, access, and
how Einstein could be used in the future. If it can perform deep packet inspection to prevent
botnets from accessing certain Web pages, for instance, could it also be used to prevent a
human from accessing illegal pornography, copyright-infringing music, or offshore
gambling sites?
"It's one thing for the government to monitor its own systems for malicious code and
intrusions," said Greg Nojeim, senior counsel at the Center for Democracy and Technology.
"It's quite another for the government to monitor private networks for those intrusions. We'd
be concerned about any notion that a governmental monitoring system like Einstein would
be extended to private networks."
Some privacy concerns about Einstein have popped up before. An American Bar
Association panel said this about Einstein 3 in a September 2009 report: "Because
government communications are commingled with the private communications of non-
governmental actors who use the same system, great caution will be necessary to insure that
privacy and civil liberties concerns are adequately considered."
Jacob Appelbaum, a security researcher and programmer for the Tor anonymity project, said
that expanding Einstein 3 to the private sector would amount to a partial outsourcing of
security. "It's clearly a win for people without the security know-how to protect their own
networks," Appelbaum said. "It's also a clear loss of control. And anyone with access to that
monitoring system, legitimate or otherwise, would be able to monitor amazing amounts of
traffic."
Einstein grew out of a still-classified executive order, called National Security Presidential
Directive 54, that President Bush signed in 2008.
While little information is available, former Homeland Security Secretary Michael Chertoff
once likened it to a new "Manhattan Project," and the Washington Post reported that the
accompanying cybersecurity initiative represented the "single largest request for funds" in
last year's classified intelligence budget. The Electronic Privacy Information Center has
filed a lawsuit (PDF) to obtain the text of the order.
Homeland Security has published (PDF) a privacy impact assessment for a less capable
system called Einstein 2--which aimed to do intrusion detection and not prevention--but has
not done so for Einstein 3.
The department did, however, prepare a general set of guidelines (PDF) for privacy and
civil liberties in June 2009. In addition, the Bush Justice Department wrote a memo (PDF)
saying Einstein 2 "complies with" the U.S. Constitution and federal wiretap laws.
That justification for Einstein 2 "turned on the consent of employees in the government that
are being communicated with, and on the notion that a person who communicates with the
government can't then complain that the government read the communication," said CDT's
Nojeim. "How does that legal justification work should Einstein be extended to the private
sector?"