Weekly Edition
Return to the Press pageSponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
Fighting the worms of mass destruction (Economist)
The Economist has an
article about Internet security. "The issue boils down to the
question of how much anonymity society can tolerate on the
internet. Drivers' licences and registration plates dramatically reduce the
incidence of hit-and-run accidents. Crack cocaine is never bought by credit
card. If everybody on the internet were easily traceable, people would
think twice about hacking. 'I'm kind of a fan of eliminating
anonymity,' says Alan Nugent, the chief technologist at Novell, a
software company, 'if that is the price for security.'"
(Log in to post comments)
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 15:44 UTC (Mon) by foo@share-foo.com (guest, #7940) [Link] We don't have international highways. As long as there are insecure systems all a haxor has to do is haxor an insecure node in korea and then hop off that node and haxor everything else anonymously. I believe this is already common. Add in the fact that the most prevelant hacks occur at the hands of nefarious virii. When speaking in vague generalities the suggestion sounds plausable, but when you look at the details it obviously not. Unfortunately law makers never dig deep so we may see a feeble and annoying attempt at this sort of thing. The packet to car comparison doesn't hold water.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 17:32 UTC (Mon) by labkun (guest, #17361) [Link] We do have international highway - it's internet ! Well, I'm not from Korea, but let me guess - You're American, right ? Are You sure that "insecure nods" are in Korea only ?But You right with generalities of suggesting preventions of anonymity. It's impossible and it'll be the end of free will. The next step is to burn some kind of ID to everybody's face ! Lets say, like a prevention of international terrorism ...
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 21:19 UTC (Mon) by proski (subscriber, #104) [Link] I believe you don't get it. What the first poster meant is that we don't have international highways for cars, so one cannot steal a car in a country where it's easy (for any reason) and then drive it to another country and use it as a crime tool without ever being stopped and asked for documents. But we do have such highways for data, and that's why the analogy with cars is flawed.Highways in Europe are irrelevant because they connect countries with similar legal and economical systems. Also, let's keep the nationality issue out of the discussion. I don't want my arguments to be judged by my place of origin. We all are individuals, and should treat each other as such.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 22:17 UTC (Mon) by smoogen (subscriber, #97) [Link] Sadly that is wrong. There have been several bank robberies in Mexico and the United States where the car was stolen from across the border. It has probably happened between the Canada and United States border too. All it takes is stealing the drivers license too.
Fighting the worms of mass destruction (Economist) Posted Dec 4, 2003 11:44 UTC (Thu) by jonth (subscriber, #4008) [Link] Rubbish. For years, Spain did not have an extradition treaty to the UK. In addition, it's possible to drive from Baghdad to London without ever leaving your vehicle. In summary, European legal systems are different, and the roads don't stop at the border of Europe.
Fighting the worms of mass destruction (Economist) Posted Dec 4, 2003 18:16 UTC (Thu) by Cato (subscriber, #7643) [Link] Quite a few countries in Europe belong to the Schengen grouping, meaning that you can quite legally drive from one country to another without any checks. And about 15 years ago, it was common to simply slow down a bit on the motorway between Brussels and Luxembourg when crossing the border, but you never actually stopped, let alone had any documents checked.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 23:14 UTC (Mon) by foo@share-foo.com (guest, #7940) [Link] The insecure nodes are everywhere, but if an american wants to attack another american they will first exploit someone in a country like Korea to obfuscate their identity and limit the ability to trace the damage back to them. This is very common. Part of the reason this works is due to political, legal, geographic, cultural and administrative boundries that make it nearly impossible trace attacks that a proxied through countries with which we have historically had many comunication problems with. This isn't happening because countries like Korea are bad, in fact, they are scape goats for our own evil doers. In fact, I would say that if I were a Korean who wanted to attack another Korean, I would first proxy off someone my government had communication problems with too. The idea being that all logs or info that may have existed to link me to evil deeds would long since have expired way before the two jurisdictions ever start communicating with eachother and sharing info. In fact, you can be pretty safe in assuming that in the rare event that Korean and the US law enforcement agencies cooperate, they will have much bigger fish to fry than the average hacker. What I was trying to point out is that this will still work even after the cracker ass politicians here in the states tatoo barcodes on everyones ass under the guise of protection from anonymity.
Non-anonymity reduces crime? Posted Dec 1, 2003 16:07 UTC (Mon) by NAR (subscriber, #1313) [Link] I don't know what's the situation in the US, but in my country there are cases when companies with huge debts are sold to people who never even visited the country, but their passports had been stolen and copied... So I don't think eliminating anonymity would help - the bad guys will find ways to avoid leaving traces :-(
Non-anonymity reduces crime? Posted Dec 1, 2003 16:19 UTC (Mon) by maotig (guest, #9614) [Link] Non-anonymity reduces crime by honest people, not real criminals. Its like locks. Locks don't stop people from breaking in to homes or stealing cars, it only keeps honest people honest. You can buy slimjims, lock pick sets, etc, and make short work of most common locks.In general though, the internet's, true strength is in psudo-anonymity. As a communication medium, open an honest debate is most often encuraged when percicution does not hang overhead. Of course this allows for a lot of trolls and flaimbaiters, but a bit of inconvinence is well worth it when compared with the true freedom of speech and expression that the internet can provide.
Non-anonymity reduces crime? Posted Dec 1, 2003 18:32 UTC (Mon) by mmarq (guest, #2332) [Link] "... true freedom of speech and expression that the internet can provide" But isnt that what "THEY" wanted to avoid !!??... "THEY" are affraid of the Truth... http://perso.wanadoo.fr/jpdesm/pentagon/investigation77.htm ... the point is you can't enforce your reallity upon others incovenient reallitys!
Non-anonymity reduces crime? Posted Dec 5, 2003 17:33 UTC (Fri) by giraffedata (subscriber, #1954) [Link] Locks don't stop people from breaking in to homes or stealing cars, it only keeps honest people honest If your definition of "honest" is not succeeding at crime, and a criminal is someone who isn't honest, then by definition, locks don't stop criminals. And neither does non-anonymity. But that's a useless definition of "honest." locks and non-anonymity stop the vast majority of would-be crimes. Only the best, most motivated criminals can defeat them.
authentication and anonymity Posted Dec 1, 2003 16:38 UTC (Mon) by copsewood (subscriber, #199) [Link] I think that the economics will lead to a networked world in which anyone may continue to be able to send low-level anonymous packets to anywhere, but no-one will respond to these except in response to requests for cheaply publishable content. All other application-level services will require user credentials. E.G. I would be happier to receive mail from someone who has demonstrated their message justifies 1 or more of my lifetime's estimated 2.6e9 seconds because they have:a. proved they can do a turing test assigned by my software agent or a trusted third party or b. (e.g. if they have special needs which make a. impossible) spent a few CPU minutes computing a hashcash in response to an automated challenge or c. have a private encryption key certificated based on a trust network I accept as an existing correspondent, or as someone introduced by a trusted party, or who can give reliable identification as a trustworthy individual, e.g. by offering a micropayment in exchange for my time spent in considering their message. Those who want to receive anonymous mail and don't want to waste a large fraction of their life reading spam will allow options a and b. However, when option c. becomes available, e.g. because it is also needed for higher value application layer i.e. networked money, whether many people will care enough to allow options a and/or b is an open question. Personally I would prefer a world in which options a. and b. still allow some anonymous communication. Other types of service, where a higher level of trust is needed, e.g. for secure shell access or the ability to update web content will require a higher level of authentication.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 17:24 UTC (Mon) by cpm (subscriber, #3554) [Link] What anonymity?At the edge of the network I administer, there is a router. Within modest reason, packets comming FROM my router are auditable. If someone has a problem with these packets, they can find the source IP, from there they can find the domain, from there they can find the admin contact, which is accurate. They can contact me, the admin person, and I'll look into it. Now of course in practice most of this is spoofable, and therefore can Way back in 93, an ISP I worked at was having some real problems with The early to mid 90s approach of the mom an pop ISP was a good model. ICANN promised to fix this issue of meaningless NIC records. And Trusted computing?
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 18:22 UTC (Mon) by ccchips (guest, #3222) [Link] Isn't that usually the way of it? Somebody gets tired of doing a small business, sells it to a bigger one, and you get the cologne in the dishwashing liquid.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 17:30 UTC (Mon) by haraldt (guest, #961) [Link] Big Brother sees you. Big Brother cares for you.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 18:41 UTC (Mon) by ccchips (guest, #3222) [Link] Violating the property of others, whether it be a home, a computer, a car, or a person's wallet, is a criminal behavior, and a social problem. That's the long and the short of it.I don't believe for 1 minute that the solution for computer crime and vandalism is a technological one. If any of you who are engaging in this behivior are reading this, then I have 2 words of advice for you: Grow up.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 17:53 UTC (Mon) by mmarq (guest, #2332) [Link] 'I'm kind of a fan of eliminating anonymity,' says Alan Nugent, the chief technologist at Novell, a software company, 'if that is the price for security.'APPROVED But first lets eliminate the anonymity, even against their will, of all corporate information transations, including capital, agrements and arrangements, so "ALL" can clear see where the dirty weasels are( no particular offense intended),..., and we can start with NOVELL...
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 18:04 UTC (Mon) by Baylink (subscriber, #755) [Link] All of this has been hashed out in much greater detail than most LWN posters would bother to doit in David Brin's old, but still thought provoking book "The Transparent Society", which anyone interested in this topic really ought to have read already. Its fundamental premise is that the problem is not that I need to keep *my* secrets, but that *other* people have secrets -- if other people *couldn't* *secretly* be into (for example) porn, and then publicly denigrate *me* for having the balls to publicly say that *I* enjoy it, then I would be less likely to be worried about saying that -- everyone would be able to see that it's not a perversion; everyone does it. And we'd have much less stress in society. The Asians would be all out of face, though, so it probably wouldn't work too well for them. BTW: did everyone's spell checkers get too much turkey this weekend? :-)
Fighting the worms of mass destruction (Economist) Posted Dec 12, 2003 9:55 UTC (Fri) by dvdeug (subscriber, #10998) [Link] The problem is any society where most of the people are looking at porn already tolerates it more or less. What about the interracial couple in a part of the world that doesn't like that? Or the interracial couple whose parents don't like that, and to heck with what the rest of the world thinks about it? Or the guy who's into women's feet? That last particularly will never get accepted by society, but will be harmless and happy so long as he can hide his habit.
Fighting the worms of mass destruction (Economist) Posted Dec 13, 2003 4:14 UTC (Sat) by Baylink (subscriber, #755) [Link] Well, roughly, the answer is that in a Transparent Society -- where no one has *any* privacyabout anything -- people will not be inclined to *try* to take a moral higher-ground (to which they're commonly not entitled anyway) over others, which is the most common source of problems there... Brin makes the argument much mo' better than I; if you're interested, go read the book.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 19:14 UTC (Mon) by job (subscriber, #670) [Link] I smell the old misconception here that we need to stop people misusing theircommunications, and that most people attack Windows products just because they are so common. This is a blatant lie from the security business. Most of the security business centers around firewalls and anti-virus software, which people need only because many products out there, most notably Microsofts, are so severly broken. I had this feeble hope that this year's attention to computer security would lead people to stop buying those. How wrong I was. They only buy more security products, to little or no use.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 20:28 UTC (Mon) by sandy_pond (guest, #9734) [Link] 'I'm kind of a fan of eliminating anonymity,' says Alan Nugent, the chief technologist at Novell, a software company, 'if that is the price for security.' Well then I'm kind of a fan of eliminating all confidential company information, such as in making all company records/documents/contracts public ... if that is the price for stopping fraud. This has the ring of A Modest Proposal
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 20:40 UTC (Mon) by ccchips (guest, #3222) [Link] Very good point.I've said here, and elsewhere, my opinion of this whole business. I believe that, if we are to have a free society, where people can show their dignity and preserve their right to privacy and happiness, we *must* make people who abuse those rights pay for doing so.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 21:29 UTC (Mon) by proski (subscriber, #104) [Link] The problem is, if you want e.g. spammers to be traceable, then somebody (e.g. a guy offended by your comments on his website) can fake a spam purporting to be from your IP address and trace it to you.
Fighting the worms of mass destruction (Economist) Posted Dec 1, 2003 22:41 UTC (Mon) by JoeBuck (subscriber, #2330) [Link] IP address spoofing could be largely eliminated, if every router on the net were configured to perform a simple sanity check: don't let packets pass that have an "impossible" source address from the perspective of that router. That is, if an ISP has sold you a range of static IP addresses, its routers should drop any packets from you that claim a return address outside that range. If everyone did this, spoofing would be much more limited.
|
|||||||||||