|
|
 THE STAT 26Percentage of wireless customers who use their cell phones to take picturesMore Vitals
| |
SEPTEMBER 16, 2003
Needed: A Security Blanket for the Net Worms, viruses, bugs, spam, and hackers have spurred many experts to start pushing concrete reforms, some quite radical David Farber, a computer science professor at Carnegie Mellon University in Pittsburgh and a regular speaker at high-tech confabs, has long been a cheerleader for the Internet. In that capacity, he manages a rollicking free mailing list called Interesting People that links its thousands of readers to Web pages he thinks the digerati will find appealing. Farber's audience is a microcosm of the Internet -- people from all walks of life wandering in and out of conversations and sharing information with those who until moments before were strangers. This summer, though, as computer bugs and worms infected anything linked to the Net, Interesting People developed a funereal air. Reader after reader complained that it was becoming harder to use the Net constructively. As spam filled in-boxes and viruses crashed networks, the Net seemed to cross a threshold from controlled anarchy to utter chaos, readers said. Farber himself joined the chorus. "This summer, if I had been on the end of a 56 kilobit [dial-up] line, I would have used my PC as a giant paper weight," he wrote at one point. "When you get to that point, you start to wonder if this is all worthwhile." That's a shocking statement from someone who first used the Net in the 1970s, when it was part of a military research project. WAKEUP CALL. The tide of bad behavior on the Web has been rising for some time, of course, and reactions such as Farber's aren't unprecedented. Still, this summer's security breakdowns were a wakeup call for even the medium's most devoted fans, who are reaching a broad consensus that something must be done to fix the Net. "We are now at a pain point where we would contemplate solutions that are more involved than we would have imagined 12 months ago," says Leslie Daigle, chairperson of the Internet Architecture Board (IAB), an international nonprofit group that helps set policy for the self-governed, unregulated Internet. The steps her group is advocating range from legislation that would let customers sue software companies over security loopholes in their products (by law, the industry is now largely exempt from such claims), to building new tracking systems that would make it impossible for even hackers to use the Internet without leaving a clear trail, to forcing everyone on the Net to put security protection on their PCs. Every remedy has a downside -- usually, it boosts costs or reduces privacy -- and each will be hard to implement without somehow damaging the Net as it has been so far. And yet, it seems clear that the Internet has grown so far beyond its geek roots that it has "truly come to resemble society with both the good and the bad," Farber says. And a realization is growing that it may need to be managed with that foremost in mind. "SOMEWHAT FLAKY." Fortunately, despite the recent debacles, the Net's underpinnings remain solid. Generally, network performance has stayed strong, and traffic has continued to grow. In October, 2002, the so-called DNS root servers -- the 13 systems containing the databases that are the highest-level cops for directing traffic around the Internet -- survived a massive denial-of-service (DOS) attack without failing, an event many observers took as proof that the system remains robust. This summer's SoBig intruder, though one of the most virulent worms yet, failed to shut down the Net, even though it triggered a 20-fold increase in requests for mail-server lookups at DNS root operator VeriSign (VRSN ). The Web even has a sort-of safety net: a glut of fiber-optic capacity around the world that could be used if the current pipes start to clog. And yet, as the Net has become more widely used, "things...have gotten somewhat flaky," worries Farber. He argues that ensuring the security of computers and systems should be the No. 1 priority for protecting the Net and those who use it. The most technically radical proposal that's being advanced would alter the way data is exchanged on the Net, with the aim of making the passage of bits and bytes much less anonymous than it is now. It's this namelessness that creates a haven for hackers who forge or spoof the originating IP address (an Internet identification tag for computers) on their data to mask their identity. VALIDATING TRAFFIC. Spammers, too, love the faceless nature of the Web since it gives them cover as they send millions of messages with bogus address headings. The solution, say some, is to build in mechanisms for identifying and authenticating anyone who uses the Net. The goal would be to legitimize an environment where, at the moment to some extent, engaging in "commerce is the moral equivalent of buying a watch from someone in a trench coat on a street corner," says the IAB's Daigle. "We need better accountability." That could take several forms. The newest iteration of the Internet protocol standard, called Ipv6, provides a way to assign tracking tags to data that move over the Net. Paul Mockapetris, who helped design the current DNS system, has suggested combining this capability with a more secure form of DNS, called DNSec, that uses digital certificates stored on machines connected to the Internet to validate that the data passing across the wires originated from those servers. If this worked as advertised, those who dispense worms and viruses would be unmasked -- or at least thwarted. Several other technical ways exist to achieve this aim. Unfortunately, all would require some heavy lifting -- namely, widespread adoption of new DNS and routing software that's harder to use than the existing variety. And managing all the digital certificates or encryption keys -- nearly every PC would need to have one for these proposals to work -- would likely prove onerous, boosting the costs of both software and training.
BW MALL
SPONSORED LINKS
Buy a link now! | | |
 Copyright 2003, by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Policy |
Printer-Friendly Version