Friday, February 18, 2011

Canada News


financial post

How to secure the Internet without resurrecting its ‘walled gardens

  February 18, 2011 – 11:25 am

Attacks against sensitive computer systems, such as those victimizing the Canadian government this week, pose a unique problem for law enforcement. The anonymous nature of Internet use means cyber attacks are virtually never traced back to their source, so those responsible can never be brought to justice.
Canadian counter-espionage agents believe the attacks targeting critical federal government financial data originated in China, but cannot seem to narrow the field of suspects beyond a country with more than 450-million Internet users.
When it came to light earlier this month that the Nasdaq, America’s largest electronic Stock Exchange, had been consistently infiltrated by hackers over the past year, even the United States Secret Service working in concert with the Federal Bureau of Investigation (FBI) have been unable to identify the source of the attacks. The best they have been able to surmise so far is those attacks appear to have originated in Russia, but they cautioned the true source could have been anywhere, with the true criminals simply taking control of Russian computers remotely to hide their true location.
“This ‘attribution problem’ is so troublesome that some law-enforcement experts have called for a wholesale reworking of Internet architecture and protocols, such that every packet of data is engraved with the identity of its source,” writes Jonathan Zittrain, professor of law and computer science at Harvard University and co-founder of the Berkman Center for Internet and Society, in the March 2011 edition of Scientific American.
According to documents obtained this week by the Electronic Frontier Foundation, the FBI is indeed seeking to have the U.S. government broaden federal surveillance laws to include new communications technologies (read: the Internet). Cryptically named the “Going Dark” program, the FBI wants to have a much broader legal ability to monitor the everyday goings on of the Web. The hope is that if investigators can gain access a given hackers unique IP (Internet protocol) address, possibly through a forced coercion from an Internet Service Provider (ISP), authorities can learn the real-world identity of a hacker.
“The idea is to make punishment, and therefore deterrence, possible,” wrote Prof. Zittrain. “Unfortunately, such a reworking would also threaten what makes the Internet special, both technologically and socially.”
Arguments for the Internet to remain as open as possible, in the face of those who seek to resurrect a series of walled gardens in its place for reasons of profit, have already been very well articulated by its founder. Not to be rehashed here, the more important question today in the face of increasingly serious cyber attacks has become: how do we make the web more secure without compromising its openness?
Instead of a strictly regimented, top-down governmental approach to improving cyber security, Prof. Zittrain advocates a more communal approach more in keeping with the Web’s open philosophy. Suggesting a “mirror as you link” system that he equates to a “NATO for cyberspace,” what he is advocating would actually be far easier to implement than any government-led initiative since, as everyone who can break down the ‘www’ in a web address already knows, the Internet is not contained within any one country.
Zittrain’s “mutual aid” system would work by creating an alliance of Web sites (hence the NATO analogy) that would work together in thwarting suspicious activity they might discover. Under his system, computers which have been infiltrated by hackers would send a signal to other computers in the alliance, warning them that it has been compromised and thus keeping the attack from spreading.
“We rightly fear our networks and devices being attacked,” writes Prof. Zittrain. “But we should not let this fear cause us to destroy what makes the Internet special.”
jberkow@nationalpost.com
Posted in: FP Tech Desk  
======================================================

No comments:

Post a Comment