NNSquad - Network Neutrality Squad
[ NNSquad ] More "The Internet is a Threat" Security Screaming from the Usual Suspects
More "The Internet is a Threat" Security Screaming from the Usual Suspects. --Lauren-- NNSquad Moderator ----- Forwarded message from Dave Farber <dave@farber.net> ----- Date: Tue, 4 Jan 2011 16:41:05 -0500 From: Dave Farber <dave@farber.net> Subject: [IP] Trouble in Cybercity: What Canada Can Do Reply-To: dave@farber.net To: ip <ip@listbox.com> Begin forwarded message: > From: Jeffrey Hunker <hunker@jeffreyhunker.com> > Date: January 4, 2011 4:12:13 PM EST > To: Dave Farber <dave@farber.net> > Subject: Trouble in Cybercity: What Canada Can Do > > For IP if you wish. This op-ed is an extension of my thinking in Creeping > Failure: How We Broke the Internet and What We Can Do to Fix It (McClelland > and Stewart,2010). > > > Globe and Mail 4 January 2011 > http://www.theglobeandmail.com/news/opinions/opinion/trouble-in-cybercity-wh > at-canada-can-do/article1854625/ > > TROUBLE IN CYBERCITY: What Canada Can Do > Jeffrey Hunker > > We have seen the future of the Internet, and it isn't very pretty. > > When WikiLeaks founder Julian Assange announced the release of sensitive > U.S. government documents, he also sparked a vigilante war reminiscent of > the Wild West. Just before the release, the WikiLeaks site was shut down > briefly by denial-of-service attacks. In return, "hacktivist" groups > attacked U.S. government sites, as well as those of Amazon, PayPal and > MasterCard that had distanced themselves from WikiLeaks. > > Whatever one thinks of Mr. Assange's actions, the seemingly blithe > acceptance of hacktivism may be the most troubling sign. Private groups that > seized copies of U.S. newspapers carrying the Pentagon Papers would have > been reviled, but the WikiLeaks cyberattack groups seem to elicit only > indifference. > > In a separate development, there's a new cyber superworm called Stuxnet. > Speculation is that some nation or nations launched Stuxnet to disrupt > Iran's nuclear program, and that Stuxnet did so by damaging nuclear > centrifuges. Stuxnet marks a new era of cyberwar: For years, experts have > warned that any nation's critical infrastructure and industrial processes > are vulnerable to cyberattack. Now we have a visible demonstration. > > Here's what ties WikiLeaks and Stuxnet together: Just as the vigilantes > attacking WikiLeaks-related websites have not been identified, neither have > the Stuxnet perpetrators. Both show that events on the Internet can have > serious consequences, yet are largely outside the framework of > accountability. > > This doesn't bode well for the cybercity we call the Internet. And the > Internet really is a city, with an immense tangle of highways, interchanges > and addresses. Whatever your Internet abode, you pay rents and fees. But the > Internet is not a truly modern city. It's more like the early Industrial Age > London that Charles Dickens described - a place of rapid growth but filled > with garbage, criminals and ineffective governance. London was perilously > chaotic then because the city had grown far beyond the ability to manage > such a sprawl. So it is with our cybercity. > > With vital government and economic activities relying on the Internet, users > need better security and choices about privacy. The Internet won't collapse > if serious reforms don't occur. But its future may come to look like > Detroit, where growth has atrophied, or like Lagos, where runaway growth has > made conditions nearly unlivable for many. > > Reforms need not mean heavy-handed government regulation or the end of free > speech. The way Canada dealt with the Y2K challenge of 2000 provides a > partial model. The federal government didn't spell out what companies had to > do about possible Y2K bugs. Instead, it made clear that such problems > wouldn't be an excuse for violating laws. It was the sense of public > responsibility that encouraged companies to act. > > Today, there's an opportunity for Canada to lead the world in developing a > common framework for accountability. We have a start in the Council of > Europe Convention on Cybercrime, a document signed but not yet ratified by > Canada and many other nations. The convention should be updated, and Canada > could then set an example through speedy ratification. Canada and its allies > also need a coherent doctrine for collective security in cyberspace; NATO > provides a possible framework for Canadian leadership. > > But institutional reforms are only part of the solution. The Internet's > technical foundations need to be rebuilt, as they were never designed to > support security for the massive welter of public and private uses that > constitute today's traffic. A new parallel network should be brought into > service. > > Numerous R&D projects in Canada are already developing "future Internet" > technologies. What's needed is a concerted effort to move the work from the > realm of "this is what's possible" to "Let's do it." With its high-tech > universities, Canada could lead a community of nations in launching a small > demonstration of a new security/privacy network. Then, following a path > similar to that which launched the Internet in the U.S., the network could > gradually open to users of different kinds. > > The WikiLeaks battle and Stuxnet are only the most visible harbingers of a > new age in which beyond-the-pale acts in cyberspace could threaten our > societies. Like the people of Victorian London, we have to face up to > reforming both the institutional and technical architectures of the > Internet. Not to do so invites a kind of chaos that even people in the 1800s > found unacceptable. > > Jeffrey Hunker is the author of Creeping Failure: How We Broke the Internet > and What We Can Do to Fix It, and was the senior director for critical > infrastructure at the White House National Security Council under Bill > Clinton. > >