Funny how the world keeps turning around us. In the 1960's, the precursor to the Internet took shape in response to the U.S. military's need for a network that would be reliable despite being comprised of inherently unreliable interconnections. Today we still yearn for an Internet we can rely on to let us carry out our business without being mugged by online ruffians or shadowy cyberwarriors.
Last month I wrote, "unless we fundamentally transform the way the Internet works—and the way we think about freedom—online lawlessness will persist." Now there's a growing inclination to create a "dot-secure" walled garden, a corner of the Internet where we could give up a little bit of liberty in exchange for more safety (Ben Franklin, one suspects, would not approve). I believe such an approach is unjustified, even in the absence of high-minded concerns over hegemony, privacy and liberty.
Winsford Walled Garden, North Devon (via Victoriana)
Why propose an Internet safe zone? Three familiar reasons: first, because there are people on our wires who are untrustworthy, due either to their malice or their ignorance. Second, because we have procedures intended to protect us which do not (or which make us less secure). And finally because we have technologies intended to protect us which present inadequate barriers to our enemies (or which offer new paths to compromise). We're not struggling with cybersecurity because the Internet's designers valued openness and anonymity; we're struggling because our people, our processes and our technologies—three pillars well known to any security practitioner—are letting us down. Dividing the Internet into a totalitarian green zone and a ghetto of spiraling chaos won't solve this basic problem: untrustworthy people will still have access. Procedures will still not be bulletproof. Technologies will still fail us.
Moreover, such an approach will make things worse if manic focus on a green zone prevents us from helping the unwashed masses by innovating ways to defend Aunt Susie's laptop against the latest fake AV scheme. And if one of the goals is for Aunt Susie to manage her retirement accounts in relative safety, no green zone will help her unless she lives inside it by utterly ceding control over her computer to the authorities: she's only permitted to visit approved sites, only permitted to run approved software and operating systems on certified hardware. What if her nephew wants to play ZombieKillerOnline? Must he do so from another computer? On a network air-gapped from his Aunt Susie's computer? Can we defend her computer against attacks on its hardware or firmware? Must her use of thumb drives or optical media be restricted or audited? Are you serious?
Let's not abandon openness because it's difficult. Instead let's breathe deeply and acknowledge that the only way to achieve perfect information security is to share no information with anyone, ever (or not have any information worth stealing in the first place). Beyond that there are levels of risk we must be prepared to accept, and do the best we can, for the whole Internet, to sensibly meet those risks.