Who Protects the Internet? 177
strikeleader writes "TechCrunch has an article from an interview with General Kevin Chilton, US STRATCOM commander and the head of all military cyber warfare.
Who protects us? 'Basically no one. At most, a number of loose confederations of computer scientists and engineers who seek to devise better protocols and practices — unincorporated groups like the Internet Engineering Task Force and the North American Network Operators Group. But the fact remains that no one really owns security online, which leads to gated communities with firewalls — a highly unreliable and wasteful way to try to assure security.'"
Editorialization (Score:3, Insightful)
Meh. The question really should be "Who protects the Internet from being used as a military asset?" Cause that's all this guy is talking about.
Internet doesn't need protection (Score:5, Insightful)
And thats the way I like it. Please keep the government's greedy and controlling hands out of this.
Firewalled networks wasteful? (Score:5, Insightful)
What's the alternative? Globalized security, courtesy of Big Brother?
Don't good fences make good neigbors?
I suppose it's wasteful, in code, for module entry points to validate parameters, too. :)
don't try to draw too many real world analogies... (Score:5, Insightful)
I don't think you want to centralize anything like that, at least not to the exclusion of everyone having local protections. Your firewall is under your control and you can make it as secure or unsecured as you want it.
If you want the cyberspace equivalent of a national army, you're just asking to have lots of power taken away from you and given to someone else. That being said, I think there is a case for prevention of nations attacking other nations en large, or 'war by other means'.
but carry it too far and you end up destroying the global feel of the internet - you'll end up with cyber borders as bad as our real borders - checkpoints you can't cross without 'your papers please'.
Re:Internet doesn't need protection (Score:5, Insightful)
It can't be protected without having control of it.
The single best thing about the internet is that no one has full control of it. Had it been controlled by government or industry, it would be a miserable little shadow of what it is today.
Re:Firewalled networks wasteful? (Score:5, Insightful)
Even if the government could offer some form of protection online, I'd be a fool not to protect my own network to the best of my abilities. Using Jonathan Zittrain's logic from TFA, doors must be ineffecient and wasteful too; obviously he has never heard of the concept of defense in depth.
Evolution, baby (Score:5, Insightful)
* Messed up the tag from my last post* (Score:5, Insightful)
"But the fact remains that no one really owns security online, which leads to gated communities with firewalls -- a highly unreliable and wasteful way to try to assure security."
Actually, it is far more secure that way, if one organization did somehow owned all security online, the internet as a whole would be much less security because now you have a single point of failure. Once someone exploited that vulnerability, the entire Internet as a whole would be affected. Also I get the feeling from the article that what they are really after is not necessarily security, but CONTROL of the Internet. Lastly, that man DOES NOT protect the Internet in any way, shape or form. He might be responsible for the USA military Intranet, but that's about it. Stop the fear-mongering already.
Nobody owns security offline either (Score:5, Insightful)
Nobody owns security offline either, and nobody should. If you own something, or care about something, you protect it. Some things have additional protection from the police or the military (e.g. I have a reasonable expectation that the police will prevent me from getting beaten up in some circumstances), but in the most part "the authorities" have a fairly punitive deterrent role. But anything that needs special protection gets it: got valuables in your house? Alarm, strong doors, insurance. All privately paid-for and provided. Got valuables on your computer? Backups, firewall, antivirus. Also privately provided.
Basically, the people who care about things know how much they're worth protecting. It isn't sensible to have military-grade security around my old Corolla, but my laptop's pretty secure because it's got a few worthwhile things. If the good General has infrastructure or secrets worth protecting, he should protect them. If it makes sense to exploit economies of scale and worth with other branches of the community, great.
It's also not true that there's a loose confederation of people (Vixie & co) protecting the internet. There are plenty of people around who want to protect or improve their own reputation, and security is one of those ways. If the military wants contact points in the wider security community, they shouldn't be looking for an owner, but they should be working with reality: getting out there making those contacts.
Normally I think such anarchy is stupid, but in this case it actually is common sense.
Re:don't try to draw too many real world analogies (Score:5, Insightful)
If you want the cyberspace equivalent of a national army, you're just asking to have lots of power taken away from you and given to someone else.
All those spammers building botnets, eventually, they're going to become "security companies". Nice web site you've got there, it'd be a shame if no-one could get to it. Once they start collecting taxes from a large enough group of people, they become a "legitimate" police force. After all, they don't want anyone else building a bigger botnet than theirs.
Re:Internet doesn't need protection (Score:5, Insightful)
Its like the old days of the wild west. No one really controls the land and you are free to roam and *almost* do as you please. If someone misbehaves a posse is rounded up to take care of the problem, the community helps itself. OSS is the same way.
Hopefully no one entity or group ever takes control of our virtual land.
Net Neutrality: Gov't regulation for the Internet (Score:3, Insightful)
I hope you don't support Net Neutrality, because that is the Trojan Horse for government regulation of the Internet.
Re:don't try to draw too many real world analogies (Score:2, Insightful)
OT: Your sig (Score:2, Insightful)
Attics are terrible, all the heat gets trapped there! Just think of how many fewer computers you can viably run.
Every network is different... (Score:3, Insightful)
and the "internet" is the chaos that arises from connecting all these networks together.
My organization needs to make its own decisions on what policies it need to implement on its network.
Communications between my college and many strange corners of the globe occur daily. If I dropped kerberos at my borders, Xbox wouldn't work anymore, and I would be risking bodily harm from the rioting mobs.
Now, if a federal department had such traffic crossing its borders, they'd have a rapid deployment team there within minutes to figure out what happened.
Anyone who tells you that security can be solved easily is probably trying to sell you something...
Re:Editorialization (Score:2, Insightful)
Yep. TechCrunch is lame. Slashdot, no need to perpetuate U.S. government propaganda.
if the military does not regard it as an asset... (Score:5, Insightful)
Several governments are already making progress on this game plan.
Re:Internet doesn't need protection (Score:3, Insightful)
not that I'm any kind of expert
Neither is General Chilton, or he would not be talking with a straight face about using the public Internet for secured transmission of military data. He's a fucking idiot if he believes what he's saying and you should not take him seriously just because of his uniform. You're a voter and a taxpayer, right? Don't trust him, treat him as an employee.
... but I would think that one could argue that once certain technologies got up to a decent level to allow for things like network cards, long distance communications, encryption, personal computers, etc... something like the internet would be inevitable.
Yes. What was not inevitable is that military personnel would choose to use publicly available, privately-owned hardware on basically an "honor system" set of customs to transmit mission-critical data. Truly, the barbarians are not only at the gates, they have sauntered lazily through unguarded gates, and now the barbarians control the Gates. DARPANET was based on sensible use of redundancy. Once it was available to the public it ceased to be a sensible thing for the military to use, but somebody decided that instead of a discreet military network, what the United States really needed was a diffuse military-industrial complex, blurring into academia, commerce, and eventually all of public life. Now, even responsible military officers trying only to do their jobs but encumbered by duties and procedures that constrain them to depend on the www, are routinely whining to us that they must infringe on our unalienable rights to free speech and security against unreasonable searches and seizures, in order merely to effectively protect our lives and the so-called "liberties" that in fact we don't have. This infrastructure is not our enemy, the military's infantile dependence upon it, is. But until they're weaned onto their own, physically separate DoD.net, we're all effectively under martial law. Al Gore was an idiot to voluntarily take any "credit" for the worldwide web.
The problem is that it isn't clear who has the remit for comprehensive defense of the internet.
What horse shit! One does not comprehensively defend an open network. For applications requiring military-grade comprehensive defense, one makes a physically separate closed network. VPN doesn't cut it and never will, by any name.
For whom the bell tolls... (Score:5, Insightful)
The "Internet" has become something of a quandry. It's humble beginnings were brilliantly designed to propogate information, provide a powerful environment for collaboration, and provide an extensible virtual universe for spreading and preserving human thought, and projects of discovery. It's one weakness was that it was designed by intelligent, responsible, and compassionate people expecting that in the vein of collaboration and workability, that future users would be likewise intelligent, responsible, and compassionate.
Much to the chagrin of humanity, a vast hoard of virtual Mongols (or equally apropos "mongrels"), have used the internet as their personal toilet, slim-jim, bludgeon, and/or weapon of mass destruction. Sadly in a free environment, you have to cope with the worst in people, to support and empower that which is best.
The first problem is to get crystal clear about what doesn't work with the current system. Whether the available cures are(n't) worse than the disease, and how we might implement meaningful solutions without breaking, impeding, or prevent those things which are best about the internet. Security means different things to different people. Protecting people from stupidity, laziness, or the worst in their own natures might well render the broad networks by which people collaborate and invent the future, functionally unusable. Making the worst of what people do very difficult, while preserving the general freedom, and clear capacity for people to share ideas, impart mutual wisdom, and promote what Shakespeare referred to as "Our better natures", demands vision, foresight, and a profound commitment to integrity.
The first and most essential thing we can and must do, is create an environment that promotes human enterprise, without selling off the very things than make the internet valuable to people.
Who Protects the Internet? (Score:2, Insightful)
Re:Net Neutrality: Gov't regulation for the Intern (Score:5, Insightful)
And the opposition to it is led by those companies who want to be the looters instead. However, as commonly known, the government is inefficient; so it is also inefficient in censoring the Internet. Thus, government control is preferable to corporate control, because it is less likely to be effective.
Sounds good to me... (Score:3, Insightful)
Who protects us? 'Basically no one. At most, a number of loose confederations of computer scientists and engineers who seek to devise better protocols and practices
I.e. the talented people who developed the technology in the first place, and their successors.
â" unincorporated groups like the Internet Engineering Task Force
You mean the people who managed one of the most staggeringly successful collection of interoperability standards that, post-OOXML, makes the ISO look like a bunch of clowns?
I think we're in safe hands - we'd be in even safer hands if the gubment got on with its job of enforcing the anti-trust laws and fixing the patent system leaving the IETF et. al. to get on with thiers.
Re:Editorialization (Score:3, Insightful)
Re:Firewalled networks wasteful? (Score:3, Insightful)
Don't good fences make good neigbors?
No.
The expression comes from a poem - "Mending Wall" - by Robert Frost, which is an ironic criticism of peoples' need to separate themselves from one another without understanding why - or indeed whether - they should. Walls are by their very nature divisive, and hamper cooperation by design. It is foolish, therefore, just to blindly put them up wherever we can in the name of "security".
To quote:
'"Why do they make good neighbors? Isn't it
Where there are cows? But here there are no cows.
Before I built a wall I'd ask to know
What I was walling in or walling out,
And to whom I was like to give offence.
Something there is that doesn't love a wall,
That wants it down!"' (Lines 29-34, taken from http://www.bartleby.com/104/64.html [bartleby.com] )
And on a less literary note:
Walling off every separate bit of the internet is necessary, since the internet by design has no inside and outside that you can separate. However, as we've pretty much proved by trying, that isn't enough to make the internet secure. It's the same lesson that you learn in physical security; if there's no response, it doesn't matter how good your defences are. There needs to be some sort of globalised response to online criminals, because the internet is both global and in need of defense. Otherwise we just carry on with the problem we have now - that a criminal gang in Russia/China/wherever can attack our computers with impunity, safe in the knowledge that there is nothing we can do to stop them, so they have as much times as they need to break in.
Securit = Control = No thanks (Score:3, Insightful)
To truly secure any data stream you have to be able to control it at all points from start to end. If people think that government or large group based security is not going to involve a crapload of lobbied for add-ons and censorship they don't understand the nature of lobbyists.
The best kind of Security for an open and free(as in rights) internet is individual security. Our computers are something we (or the local network admin) have control over.