It's time to presume the web is guilty
Trevor's got a plan to save the internet
Sysadmin blog The security defenses available to us are clumsy and inadequate. Anti-malware applications are grand at dealing with well known threats, but pathetic and worthless at dealing with emerging ones. Software vendors are too entrenched in politics, feasibility studies and bad attempts at public relations to bother to properly and expediently patch their software.
Meanwhile our economy becomes ever more dependant on the interconnectivity of computer systems: we have come too far to go back. Governments know this and see the failure of academia, corporations and private citizens to mitigate the threats. If we, as corporations and individuals, want the internet to remain free and open as it is today, then we have to solve these problems before the governments of the world try to do it for us.
The internet was built on the presumption of innocence. Basic protocols such as email don’t inherently contain a way to verify that the sender is legitimate. We all know how well that has worked out. Peer-to-peer protocols have many legitimate uses, but their nature lends them to illegal uses and so the vast majority of peer-to-peer traffic infringes copyright. Even the venerable Domain Name System is under attack: most new domain registrations are malicious.
It could be that the only to preserve the freedom of the internet is to do away with the presumption of innocence. I believe that, if we do not do this in the next ten years, we will lose control of the internet to government and we will never get it back. Look at email. Currently we rely on blacklists (such as Spamhaus) to tell us which email domains exist only to send spam. As noble as these projects are, this is completely backwards. A series of central registries with whom operators of legitimate email servers can (freely) register is the only way to make spam go away. If you are caught spamming, you fall off the planetary whitelist and getting back on should not be easy.
Similarly, peer-to-peer technologies could benefit from exactly the same concept. I rely on peer-to-peer to get access to things like Linux ISOs that are vital for my work. At the same time, however, I do not want to allow peer-to-peer traffic on my corporate network, in case copyright infringement is traced to my corporate IP. The ability to tell my firewall “deny all peer-to-peer traffic except that which has been registered with this whitelist as legitimate” would solve the problem. But short of assembling that list myself, there currently exists no such beast.
The same is becoming true of the DNS system itself. DNS blacklists are a fantastic first step, but they don’t go far enough. The day has come to start building confidence ranking into the DNS system itself. This is starting to take shape now with the controversial concept of DNS reputation.
If I had the time and capital to start a tech company out of my basement, I would be pursuing all of these ideas. Assembling blacklists is a losing battle, but there is money to be made in assembling whitelists. Individuals and corporations who prefer to experience the web in its raw form should have the option to do so, but as someone who has several networks under my care, I know that I would prefer a whitelisting approach.
We are rapidly approaching the point where due diligence means presuming all traffic to be malicious unless it can be proven otherwise. It makes no sense for each company and individual in the world to independently build and maintain their own whitelists of legitimate sources of traffic. The market is wide open for the creation of a handful of whitelists to which we could subscribe. Building protocol whitelists certainly won’t solve all our problems, but it would be more secure than what we are doing now. Human nature is what it is: so securing the internet means the end of presumed innocence. ®
COMMENTS
off his rocker
There is nobody fit to certify who is real, trustworthy or likely to leave their credentials lying about for abuse.
His central control would give only the illusion of safety.
http://www.freedom-to-tinker.com/blog/felten/mozilla-debates-whether-trust-chinese-ca
http://yro.slashdot.org/story/10/08/14/0012254/EFF-Asks-Verizon-Whether-Etisalat-Deserves-CA-Trust?from=rss
Right now these sorts of decisions don't need to be delegated to government, but we can each choose. I can accept mozilla's set of CA's (or not) as I choose.
The guy complains at the failure of non-governments to mitigate the threats - nonsense; they have been. He is really stating that the threats have not been mitigated to an arbitrary non-specified level - but thats a claim that can always be made and can't be used to demand any specific degree of intervention.
This statement is meaningless:
"Basic protocols such as email don’t inherently contain a way to verify that the sender is legitimate. "
The legitimacy of a sender is subjective to the recipient; this guy is just disappointed because the system doesn't do what he thought it did all these years (because it's impossible) and so now wants all pharoah's magicians (I mean government technology advisers) to make it work ho he thought it did.
The guy just pushes back the problem further from the people who need the solution:
"The day has come to start building confidence ranking into the DNS system itself. "
We need to start building confidence rankings of the confidence rankers - but wait - we already have that! I can use blacklists - or not - as I see fit. I can use different DNS roots if I see fit. I don't need someone to publish their measure of my confidence.
However signed identities with whitelists is a good idea
http://www.liddicott.com/~sam/120494/
but it can't be forced.
@Denarius
"Whitelisting still suffers when a normally reliable source is compromised, so OS and apps need to be built with security as a primary design goal. "
Well, that kind of makes the whole theory unworkable. Are you also going to implement a department for policing software producers big and small - or you are going to enforce complete control of the software writing and signing process - kind of like a huge appshop - kind of a global software market place along the lines of mobile phone app shops.
It is all very well and utopian - but it is viewed from the end users perspective - not from the perspective of providers of services and software, free and open market economy and low barrier of entry competition.
And one more thing. With freedom comes cost. The web is as free as it will probably ever get - and the malware, security threats, spam and the rest of the nuisance is the price. I'm not sure that turning it into a global dictatorship regime is exactly the answer.
Slippery slope to total lock down
Whitelists are a lovely idea, but if whitelists ever become the norm, how long will it be before said whitelists are forced on us users. I can see the isps jumping on it as soon as they think they can get away with it. Join BT and you'll get a lovely white internet, none of that black internet where all the nasty stuff lurks. And once the isps start using whitelists you can bet that the only people with any real level of control over what counts as white will be the biggest companies (MPAA RIAA) and governments.
The article states everyone should still have access to the raw internet, yeah right, I can just see the powers that be leaving us with that power. "What do you want with the nasty black internet? Nothing legal on there sonny".
Whitelsiting the whole of the internet is the first step on the way to somewhere I don't want to visit.
IT infrastructure monitoring strategies
What you need to know about cloud backup
Enabling efficient data center monitoring
Agentless Backup is Not a Myth
Top 10 SIEM Implementer’s Checklist
