TechViews
A new Internet?
Guy Hoffman
According to a report published in The New York Times, there is a growing belief among engineers and security experts in USA that the only way to fix Internet security is to recreate the Internet from scratch. What a new Internet might look like is being discussed, but one possible solution would create a system in which users would relinquish their anonymity and certain freedoms in return for safety. As more secure networks are created, the current Internet will continue to become an increasingly dangerous area that legitimate users will want to avoid. "Unless we're willing to rethink today's Internet," says Nick McKeown, a Stanford University engineer working on building a new Internet, "we're just waiting for a series of public catastrophes." Last year, a malicious software program believed to have been released by a criminal organization in Eastern Europe infected more than 12 million computers after bypassing the world's best cyberdefenses. Internet security continues to deteriorate globally and even the most heavily protected military networks have proved vulnerable. "In many respects, we are probably worse off than we were 20 years ago, because all of the money has been devoted to patching the current problem rather than investing in the redesign of our infrastructure," says Purdue University professor Eugene Spafford, the executive director of Purdue's Center for Education and Research in Information Assurance and Security. The Stanford University Clean Slate project is developing a system that will allow a more advanced network to be established underneath the current Internet. The new network will be running on eight campus networks around the United States by the end of summer 2009. Two decades ago a 23-year-old Cornell University graduate student brought the Internet to its knees with a simple software program that skipped from computer to computer at blinding speed, thoroughly clogging the then-tiny network in the space of a few hours. The program was intended to be a bit of cybernetic fungus that would unobtrusively wander the net. However, a programming error turned it into a much worse phenomenon, and since then things have gotten even more worse. Bad enough that there is a growing belief among engineers and security experts that Internet security and privacy have become so maddeningly elusive that the only way to fix the problem is to start all over again. As a new and more secure network becomes widely adopted, the current Internet might end up as the bad neighborhood of cyberspace. You would enter at your own risk and keep an eye over your shoulder while you were there. Last year, a malicious software program thought to have been unleashed by a criminal gang in Eastern Europe suddenly appeared after easily sidestepping the world's best cyberdefenses. Known as Conficker, it quickly infected more than 12 million computers, ravaging everything from the computer system at a surgical ward in England to the computer networks of the French military. Conficker remains a ticking time bomb. Conficker could be used as the world's most powerful spam engine, perhaps to distribute software programs to trick computer users into purchasing fake antivirus protection. Or much worse. It might also be used to shut off entire sections of the Internet. But whatever happens, Conficker has demonstrated that the Internet remains highly vulnerable to a concerted attack. "If you're looking for a digital Pearl Harbor, we now have the Japanese ships streaming toward us on the horizon," Rick Wesson, the chief executive of Support Intelligence, a computer consulting firm, said recently. The Internet's original designers never foresaw that the academic and military research network they created would one day bear the burden of carrying all the world's communications and commerce. There was no one central control point and its designers wanted to make it possible for every network to exchange data with every other network. Little attention was given to security. Since then, there have been immense efforts to bolt on security, to little effect. In fact, many computer security researchers view the nearly two decades of efforts to patch the existing network as a Maginot Line approach to defense, a reference to France's series of fortifications that proved ineffective during World War II. The shortcoming in focusing on such sturdy digital walls is that once they are evaded, the attacker has access to all the protected data behind them. "Hard on the outside, with a soft chewy center," is the way many veteran computer security researchers think of such strategies.
For all latest news, follow The Daily Star's Google News channel.
Comments