#1243042: Why Fixing The Internet Isn’t That Hard
The Internet is a scary place right now, similar to the old American Wild, Wild West, where well-armed gangs of bad guys faced off with common town folk, taking and destroying anything they wanted with near impunity. Hackers routinely steal so many data record each year that a new 100M record data breach barely makes the news. More email is malicious than legitimate. Thousands of fake web sites get created and deleted in a single day. Ransomware takes down hospitals, police departments, and entire cities. There are over a hundred million new, unique, malware programs created each year. And defenders have to be worried about every human adversary that wants to take advantage of their organisation’s data and resources, from advanced nation-state attackers to wily teenage script kiddies. Planes are hacked, power grids attacked, and nuclear centrifuges are spun out of control. You’re afraid to have an Internet-connected web-cam in your house. Each year it only seems to get worse.
But it doesn’t have to be this way. There are ways to make the Internet significantly more secure. Perhaps not completely crime-free, but at least functioning like today’s modern real world where crime is held to an acceptable level of minimum activity. It can be done.
Fixing the Internet
The Internet was not created with computer security in mind. It was created as an experiment to see if a huge national inter-network could be created to connect multiple stand-alone computers. The challenge was to reliably connect as many computers as was possible. Most of the critical underlying original protocols and technologies (like TCP/IP, HTTPS, and DNS) were created in the 1970’s and 1980’s and didn’t have huge security considerations. When the Internet blew up in the late 1980’s, the insecure protocols were brought along. Security was bolted-on and improved as needed. As anyone considering security will tell you, bolting it on after the product is delivered is no way to effectively secure the product.
So, what will it take to significantly reduce cybercrime on the Internet?
There are many ways to do this, but most of the thoughtful plans that have been discussed include the following common design features:
Default, pervasive authentication of devices, users, and applications
Default encryption and integrity
Centralised, but distributed security services, functioning much like DNS does today
I’ll discuss each more below, but the idea is that there are so any cybercriminals on the Internet because they almost always never get caught. In the US in the 1920’s and 1930’s this used to be true for bank robbers when it was easy for a gun-toting robber to pull up to a bank and head out minutes later with boatloads of cash. The fact that they almost never got caught led to more bank robbers and bank robberies until society finally decided to fight back. Then banks started locking safes, putting cashiers behind bullet proof glass, carrying less and so on. Police got better at stopping and capturing and bank
pretty soon robbing a bank became a risky occupation. The days of Bonnie & Clyde were over. The same thing has to happen to the Internet.
Default Real Authentication
It starts by having default, pervasive “real” identification of every connected device, user, and application. Most cybercriminals can’t be caught because we can’t identify them. This stops when we start requiring everyone on the Internet to authentication with their real, verified identity. This is already starting to happen on major social media web sites where real people are indicated as the real person they claim to be with a green checkmark or similar. Same thing here, except for the authentication will be accomplished and verified anytime the person wants to get on the Internet, no matter which web site they go to, and no matter how they have connected.
Sure, you’re going to have people and legitimate scenarios where anonymity is desired or needed, and for those cases, you’ve got two options. One, they can logon using pseudo-anonymity where some identity services confirms their real identity but allows them to use known fake identity. But if law enforcement needs to find out who the fake identity is the identity service will tell them.
For those people and instances who demand complete anonymity, well, there will always be a part of the Internet that will allow it. It’s just that the majority of the Internet who doesn’t want to interact with unknown individuals (which are more likely to also include hackers and malware writers), we won’t have to. Unlike today, my email server won’t automatically accept any email sent its way. If it’s an unverified identity, I may choose to discard that email, or maybe it undergoes heavier inspection before it gets to my inbox. Same thing with a bank or stock trading web site. They will probably require that people are who they say they are before doing business.
The idea is that right now the Internet is mostly pervasive anonymity. Anyone can claim to be anyone across almost every web site and service. I can claim to be Bill Gates on any web site he hasn’t already registered on. A far more secure Internet requires the opposite. It requires that most people (and devices and applications) be effectively identified, so that the person I’m doing business or communicating with is who they say they are and not some rogue actor. And when I download an application, it is from who it says it’s from and hasn’t been modified since it was published. The same thing applies to my device. Already you’re starting to see sites that notice when you sign on with a new device (or even software configuration, such as a different browser) and ask you to do additional authentication. We are on our way to this new Internet world.
Default Encryption and Integrity
Here’s the toughest one to get done. By default, every bit of data and communications is encrypted by default and checked for integrity. Technologically, it’s not hard to pull off. Much of the world’s web sites and organisations are already using HTTPS, which means encryption. But like the same dilemma we face with today’s Internet authentication, we need encryption and integrity to be built-in defaults for all traffic and data.
The hard part is getting the world’s governments to agree to allow it to happen. Many of the world’s governments (like China) are absolutely against their citizens using any form of encryption (or any form that the government cannot bypass). Most other governments, including the US and the UK, and every law enforcement agency doesn’t want more encryption. They want less. Encryption makes their jobs harder. Default encryption would make their jobs exponentially harder if not impossible. Most of the world’s governments would fight, fight, fight the idea that everyone on the Internet was encrypted by default.
The reason you need default encryption and integrity is to ensure that what is sent on behalf of someone’s real, verified identity, is what they sent. Without default encryption and integrity (of communications, identity, and data), you couldn’t as easily tie back what a person sent or did back to the verified identity. Without encryption and integrity, a malicious interloper could modify the message or communications’ stream without the sender and receiver knowing it. With default encryption and integrity, the hacker and eavesdropper’s task becomes significantly harder.
Centralised Security Services Like DNS
Lastly, we need one or more centralised security services, which function much like DNS. Many of the organisations in this world know where the daily badness is coming from. They watch and keep track of all the bad actors and have a pretty good idea of what locations and IP addresses they are using, often up to the second. We need to take that sort of information and make it free, widespread, and easy to share (like DNS).
The idea is that when badness is identified (such as a spammer sending out millions of phishing emails), that the origination of that badness is shared with every device (e.g. routers, firewalls, etc.) and software (e.g. email, browsers, etc.) that cares to know. Then if your device or software received a connection from a known bad location, it could drop or handle it accordingly.
Here’s another example. Suppose you’re a good person without a history of sending malware, but somehow your computer gets infected by a phish-sending spambot. In this new Internet, the person or device that infected you would be easier to find, stop, and prosecute. And while your computer was spewing phishes, the world could be proactively alerted that your node is sending badness and at the moment was untrustworthy. You wouldn’t have to notify anyone. And after you got your computer cleaned up, the Internet security service could mark your device as a trustworthy device again, and people could be free to accept your communications normally again. And if you got infected again and again, maybe the service would start to mark you as questionable, at least until after you proved to it that you had taken the appropriate steps to keep badness of your device.
No Need to Invent New Technologies
Read the rest in this link
|Date added||Jan. 10, 2019, 9:37 p.m.|