You are here

Internet Security

"Privacy is Over" -- Part VIII Privacy-Publicacy Fault-line Series

"All our information is being sucked into the cloud. Privacy is over." That was the bold declaration of Attorney Steve Masur at DCIA's P2P Media Summit per Washington Internet Daily.

  • Wow. As stark an assessment that that is, what really disturbs me is the thought process and tech ethic that underlies this view.
  • Mr. Masur is not alone, he is part of a growing publicacy mentality/movement that looks at privacy as:
    • A neandrethal expectation in the Internet Age,
    • Buzz-kill for Internet innovators, and
    • Road-kill for the cloud-computing bus speeding down the information super-highway.

My pushback here is the blind worship of technology or tech-determinism.

  • I define tech-determinism to be:
    • if technology or innovation can do it, it must be good; and
    • if something stands in the way of technology and innovation, like privacy, it is in the way and should be terminated. 

Did it ever occur to the tech determinists that if there is no privacy in the cloud, many won't go there?

  • Most users appreciate that technology should work for them, they don't work for technology.

Privacy isn't over. 

The Open Internet's Growing Security Problem -- Part IX

New evidence continues to spotlight the Open Internet's growing security problem. 

  • The growing catalogue of evidence from mainstream sources is getting harder and harder to ignore. See previous parts of the series:  I, II, III, IV, V, VI, VII & VIII.

"Internet security threat report finds malicious activity continues to grow at a record pace -- Web based attacks evolve as hackers target end-user information; Underground economy continues to thrive." Symantec

Is an Open Internet a Secure Internet? Open Internet's growing security problem -- Part VIII

High profile Internet security/safety/privacy problems continue to spotlight the Open Internet's growing security problem.

"Computer hacking attacks soar as gangs focus on financial data" -- FT

  • "Computer hackers stole more sensitive records last year than in the previous four combined, with ATM cards and Pin information growing in popularity as targets, according to a study..."

"Computer Attackers target popular sites in quest for profit" IBD

  • Symantec...  "found new varieties of malware rose 265% last year vs. 2007."
  • "This is about fraud and theft — I don't think there's any doubt in anyone's mind," said Dean Turner, director of Symantec's global intelligence network unit. "Where this is headed is not good for anybody."

"Computer Spies Breach Fighter Jet Project" WSJ

  • "...He spoke of his concerns about the vulnerability of U.S. air traffic control systems to cyber infiltration, adding "our networks are being mapped." He went on to warn of a potential situation where "a fighter pilot can't trust his radar."

"New Military Comand to Focus on Cybersecurity" WSJ

Why Isn't the Conficker Threat on FCC's Radar? -- Open Internet's Growing Security Problem -- Part VII

Why is one of the most-serious identified internet/cybersecurity risks currently affecting the Internet and network operators not on the FCC's radar screen?

  • More specifically, why does a search of the FCC's website for the term "conficker" return zero results? (see below)

 

Search Results

  Start new search Search ›› Advanced Search | Tips        
Your search conficker returned no results.

 

 

A Google search on "conficker"returned 4.86 million results.

The Open Internet's Growing Security Vulnerability Problem -- Part VI in a Series

The open Internet's inherent vulnerability to bad actors made the front page of the Wall Street Journal today in an important-to-read article: "Electricity Grid in U.S. Penetrated by Spies." 

Now we better can much better appreciate why Senate Commerce Committee Chairman Rockefeller is so concerned about cybersecurity and committed to making protection of the Nation's critical cybrastructure a much more urgent priority for the Internet.

The WSJ article hit the core internet problem on the head in the article -- its a lack of accountability:

  • "It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace."

This problem in this article spotlights why cybersecurity and online safety are very real and pressing problems on the Internet today. It is surprising and alarming why there is not as much public focus on the very real problems of the Internet as there is on potential unproven Internet problems.

Part V

Why All Innovation Is Not Good

My point here is not at all anti-innovation, but simply that all innovation is not good, because innovation is a means not an end. People can innovate for both good, and bad, purposes. 

  • Cyber-criminals, hackers, predators, terrorists and other malfactors, constantly innovate on the open Internet with malware, viruses, spam, botnets, p2p piracy and phishing, denial of service attacks, etc.
  • Cyber-security experts marvel at the innovation and ingenuity of these multiplying malfactors.    

My big point here is that the push for the Government to maximize innovation by mandating an "open Internet" is a knife that can cut both ways. Just like an open Internet enables well-intentioned innovators, it also can enable innovative cyber-crooks and bad actors. 

Anything good can become bad or a problem, if it is taken to excess.

The Open Internet's Growing Security Problem -- Part V in a Series

Evidence continues to mount that the real problem on the Internet is that it is not as safe and secure as it needs to be -- not that it is not open enough. (Parts: I, II, III, IV

"Cyber Security: The Achilles Heel of U.S. Might?" Washington Post

  • "...the fact that the nation's cyber vulnerabilities continue to grow, and fast."
  • "Both the high-profile attacks and more routine infiltrations have shed light on the vulnerability of critical information infrastructures. For example, the Defense Science Board noted that the U.S. military's information infrastructure is the "Achilles' heel of our otherwise overwhelming military might."

"Smart Grid May be Vulnerable to Hackers" CNN

  • "A hacker also might be able to dramatically increase or decrease the demand for power, disrupting the load balance on the local power grid and causing a blackout. These experts said such a localized power outage would cascade to other parts of the grid, expanding the blackout."

'Website-infecting SQL injection hitting 450,000 a day" USA Today

The Post Office Does "Deep Package Inspections" Without Privacy or Free Speech Problems

Free Press in its latest report: "Deep Packet Inspection: The end of the Internet as we know it?" continues to mischaracterize "reasonable network management" practices (that ensure quality of service and filter out harmful traffic like spam, viruses, and other malware) as bad practices and misuse of technology that threatens users' privacy and freedom of speech.   

It is inaccurate and unfair to mischaracterize reasonable network management this way.

The Free Press report uses a common analogy about "deep packet inspection" (DPI) technology. It analogizes that use of DPI technology by an ISP would be like the post office going beyond reading the address of a letter and looking inside the letter to read the private contents.

  • This partial analogy is designed to lead people to believe that DPI is only a privacy-invading technology without any merit or useful function. 

Let's explore the letter and post office analogy more fairly and accurately.

Chairman Rockefeller elevates cybersecurity to a major priority -- Protecting the cybrastructure

The cybrastructure is everything that can be digitally connected to the Internet, and the cybrastructure is increasingly vulnerable to cyber attack from hackers, criminals, terrorists and other bad actors. The exploding growth in people, devices, information, and systems connected to the Internet, naturally creates an exponential increase in vulnerabilities that bad actors can exploit.  This makes cybersecurity an increasingly urgent priority. 

  • Many think of cybersecurity as protecting users, organizations, computers, devices, and private/sensitive information, but it is much more. More and more, cybersecurity is about protecting critical systems too; our banking, capital markets, and e-payment systems; our electrical grid and utilities; our health care infrastructure; our public safety and military systems; etc. -- that all can be accessed or hacked by a wide variety users, organizations, computers, and devices. 
  • The cybrastructure now is the vulnerable soft underbelly of our economy and society.   

Fortunately, the security and safety of the cybrastructure is finally getting the priority attention it deserves.   

The Costs of Free on the Internet

How can free have a cost? Well a lot of different things are converging in Washington that could bring much more focus to -- "the costs of free" on the Internet.

  • Last month's Revised Behavioral Advertising Principles from FTC Staff are largely about making more transparent the privacy "costs" of "free" Internet products and services funded by online behavioral advertising.
  • This month's NYT news that House Internet Subcommittee Chairman Boucher now supports passage of new Internet privacy legislation requiring consumer "opt-in" permission in order to exploit consumer information, implicitly recognizes the substantial hidden privacy "cost" of behavioral advertising.
  • This week's privacy and security-related complaint to the FTC filed by EPIC against Google's free cloud computing services, further brings to the forefront the hidden "costs" of free on the Internet.

Pages

Q&A One Pager Debunking Net Neutrality Myths