[wolverine876]

Should the military be handling domestic cybersecurity? That seems especially perilous to civil liberties, something out of dystopian sci-fi.

The military's role isn't to provide peace and justice for citizens, it's to kill people and destroy things. That's not an insult to the military, that's what soldiers will tell you; we need to be realistic about it. They should not be operating around civilians in peacetime (except in special circumstances).

[dillondoyle]

Not securing cyber and our infrastructure will kill and destroy things.

What would be an example of a civil liberty violated by for instance standing up a large Brigade or service of tech soldiers who secure, patch, work to shore up our critical infra and services? + a lot of funding; we already prop up the lockheads of the country.

I agree that it seems our Gov. can't be trusted not to intrude into our communications and other civil liberties.

But this is more about industrial control, supply chains, the foundation of software etc.

The gov didn't react or try to stop speech attacks on digital platforms even though they knew it was happening. They didn't even report it was happening because of I think naive political concerns.

Personally I liken it to missile defense and other existing programs which we spend a HUGE amount of money on.

Not securing our infrastructure could have even bigger consequences.

We're already in a growing cold war, personally I think decent potential to go hot within a decade.

Even looking at the little publicly reported easy hacks the, let alone the unknown advanced capabilities of state actors, the first salvo attacks will probably wipe out a huge portion of both sides infrastructure and basic digital necessities to function in our society. At least we're getting more serious about defending space because the military has their owned assets up there.

Maybe MAD would focus these attacks on military targets but I don't trust these nation states, or perhaps our own, to limit the radius. And maybe it's not even possible with how inter connected things are.

[wolverine876]

I completely agree that the infrastructure needs to be secured, and that it requires a lot of funding. I'm saying the military is the wrong organization for domestic operations.

What happens when the military believes an attack is coming from a private citizen? Can they spy on or take action against that person? Can that alleged attacker's computer be seized? On what evidence? What if the military determines that effective security means surveilling a wide area before an attack, or collecting all citizen data to have a source to search for clues in case of an attack? What if they determine, which some already agree, that the best defense is a good offense?

I'm of a mind that the security should be a regulation, and the infrastructure operators have to meet it. The NIST can develop standards and techniques, but the safety of infrastructure is part of the cost of doing business. Your plant can't be a menace to the community due to risk of explosion, pollution, etc. - it seems no different. The operators have gotten away with buying cheap, crappy IT for years. It's time to invest seriously in rigorous, quality engineering.

[dillondoyle]

There are also a ton of scary 'laws' like extra judicial 'border' areas which go wayyy into our country from agencies that are being militarized. Justice doesn't need swat teams...

I would be into a non-military branch. it baffles me we haven't funded this. Regulations are also a good first step, but don't seem enough alone. though HIPA and SOC seem fairly ok at least with low level stuff.

If we're going to spend $2T on infra throw at least $100 billion on this, some more to pay to onshore more critical chip & manufacturing. But Republicans are stuck on cars.