In today’s (February 15^th, 2009) New York Times there is an article by John Markoff titled “Do we need a new Internet.” It asks this question because today’s Internet is a security mess. So let me take a crack at an answer...

No

The Internet isn’t the problem. The Internet does just what it is supposed to do, it allows us to route traffic from one place to another as efficiently as possible. It many ways it is just like a highway and road system. Some has posited that the Internet Users are the problem. It is easy to see why one might believe this. People install untrusted software on their computers all the time, they answer “phishing” mail revealing their passwords (and other sensitive information), the list goes on.

Yet, you don’t get to replace the users. People are people and will continue to be so. So what can we do?

The road system gives us some hints.... But let me digress for a second. In my earlier days I took flying lessons (I gave it up for a variety of reasons, not the least of which was the cost, and I was a starving graduate student). To get a pilot’s license you truly have to demonstrate competence. It was interesting to see the contrast with a driver’s license, where quite frankly, you don’t. A driver’s test really only requires a minimum of competence, otherwise too many people would be excluded. Yet, highway accidents and fatalities are at acceptable levels (at least to most people for we don’t see a significant demand for change!). Why is this? Well for one things there are engineering decisions (and regulations that codify them in some cases) built into the road/car ecosystem to make roads safer then they otherwise would be. To go back to flying, impacts that are fatal to a plane are often survivable in a car. Cars have been designed to provide for a safer environment, even when faced with a marginally qualified driving public.

We need to do the same thing to the Internet. And interestingly it isn’t the Internet so much as the computers people use that needs to be changed. Some have called for an “Internet Drivers License.” If you think of that as an identity document, we already have one. It is your password. Yet this is part of the problem, people share their passwords way too much. Imagine for a moment if every person you showed your driver’s license to also received an identical copy that they could then use to impersonate you. You would have the situation we have today with passwords. Every time you use your password you give a copy to someone else (in most cases the server) which can then be compromised.

So what should we do... Well I won’t presume to have all of the answers, but here is a start:

• We need safer computers. Computers that don’t permit the installation trivially of malware and viruses. Apple has been quietly moving in this direction with Mac OS X which as of Leopard has most binaries digitally signed as well as some interesting “sandboxing” technology for Internet facing applications. The iPhone is another good example of a sandboxing platform. Third party applications are quite restricted in what they can do on the iPhone.
• We need to replace passwords with a technology that doesn’t effectively copy your credentials every time you use them. There are several alternatives from X.509 digital certificates to one time password tokens. These technologies are not without their problems, but they can prevent the kind of rampant phishing that we see today.

So how do we start...