Update: Apparently Time Warner has put a "temporary patch" into place while they figure out a permanent solution. [Wired]

Existing plans for a new online defense strategy don't seem particularly bad, except for that first part: defense plans. The professor's idea is to deploy a much more proactive attack strategy:

[Arquilla would] like the US military's coders to team up with network specialists abroad to form a global geek squad. Together, they could launch preemptive online strikes to head off real-world battles.

Armies (even guerrilla armies) are so dependent on digital communications these days that a well-placed network hit could hobble their forces. Do these cyberattacks right-and openly-and the belligerents will think twice before starting trouble. Arquilla calls his plan "a nonlethal way to deter lethal conflict."

The strategy makes the assumption that digital communications are completely vital to enemies big and small, which is generally true, and putting cyberwar directly before more traditional measures like sanctions could have a huge effect: If guerrilla groups can't organize, they won't be too effective; if governments can't use their vital defense networks, they're basically toothless. Wired's posted a few scenarios of how this could actually out, and even if they sound a little naive—they do—they're satisfying cinematic, for whatever that's worth. [Wired]

Credit to Nicholas Thompson over at Epicenter, who spent some quality time with the bill:

[I]n its original form, did have some seriously bad ideas in it. For example, in an emergency, the president could "order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network."

And then, Senate procedure happened. The softened, pared-down language of the current bill would only entitle the President to, "In the event of an immediate threat to strategic national interests involving compromised Federal Government or United States critical infrastructure information system or network" help to "direct the national response" to a crisis, "in coordination with relevant industry sectors." As Thompson notes, nothing scary is granted here, and the President definitely hasn't been authorized to take over private networks, for malign ends, for fun, or otherwise.

In reality, the bill might actually aid transparency, oddly enough: Thompson highlights a theory that, by ensuring the government's digital emergency management powers are kept out of the less accountable hands of the NSA and in the public view, abuses are less likely. So there's that! [Wired Epicenter]

The new version would allow the president to "declare a cybersecurity emergency" relating to "non-governmental" computer networks and do what's necessary to respond to the threat. Other sections of the proposal include a federal certification program for "cybersecurity professionals," and a requirement that certain computer systems and networks in the private sector be managed by people who have been awarded that license.

Section 201 of the bill also seems to imply that the government can reserve the right to regulate "critical" private networks, which could include the disclosure of information.

Probably the most controversial language begins in Section 201, which permits the president to "direct the national response to the cyber threat" if necessary for "the national defense and security." The White House is supposed to engage in "periodic mapping" of private networks deemed to be critical, and those companies "shall share" requested information with the federal government.

Naturally, there has been a lot of debate on both sides of the issue—some are calling the redraft unsettlingly "vague" while others insist that a bill of this nature is essential in order to protect our nation's digital infrastructure. What do you think? Is this crossing the line or should the government have the right to exercise its power over private networks? [CNET]

Moss, also known as Dark Tangent, founded both the DefCon and Black Hat hacker conferences in addition to legit security work—most notably at Ernst and Young, one of those giant corporations that provides auditors, attorneys, brokers, designers, and lots more to other companies. He's a sort of godfather of hackers, a pioneer who uses his underground skills in mostly above-ground ways.

As the Obama administration has been placing a heavier focus on cybersecurity, it's an extremely smart move to ask one of the world's foremost professional hackers to assist on the Department of Homeland Security Advisory Council. He's got enough expertise to really be able to offer some help, but he's also not a dangerous hacker—one analyst called him "as corporate as hiring someone out of Microsoft," meaning that for the hacking world, Moss is hardly a loose cannon. But that's exactly why it's also a smart political choice. Picking a hacker seems like an edgy choice, but Moss is a guy who's worked for Fortune 500 companies, not someone who's working in his basement to bring down the power grid.

We're looking forward to seeing cybersecurity finally advance, and this kind of guy is just what we need to get ourselves back on track. [CNET]

At the moment, cybersecurity is incredibly important (Obama compared it to nuclear and biological weapons in terms of its danger to national security) and, from the looks of it, incredibly badly managed. To start with, the Department of Homeland Security is officially in charge of cybersecurity, except when they aren't. For example, the National Security Agency has been exerting more power and controlling more and more of the cybersecurity efforts, and the Department of Defense sometimes either manages it themselves or contracts it out to private companies.

Some of these private companies aren't so great at it, which is how the last breach happened: A firm in Turkey and one other unnamed ally nation screwed up and allowed the maybe-Chinese-maybe-not hackers to copy terabytes of data on the $300 billion fighter jet project. That's not even getting into the myriad other organizations that run their own separate cybersecurity, from the Air Force to the CIA.

Defense Secretary Robert Gates plans to announce the creation of a Cyber Command to orchestrate all of these separate entities and impose some kind of order and standards on the whole bureaucratic mess. The Cyber Command (we will never get tired of typing that) will be under the umbrella of the Department of Homeland Security, and Homeland Security will probably receive a lot of extra funding for the additional unit.

Likely to head the Cyber Command is current NSA director Gen. Keith Alexander, who recently spoke at a cybersecurity conference promoting a sort of team strategy wherein the NSA would handle certain aspects and Homeland Security certain others.

We know military reorganization isn't as sexy as HACKERS HACK FIGHTER JET (WITH HACKING!) stories, but this kind of work will hopefully get our cybersecurity up to speed so we don't have to worry about the safety of our secret awesome fighter jets. [Wall Street Journal, CNET]