Online Safety

High profile Internet security/safety/privacy problems continue to spotlight the Open Internet's growing security problem.

"Computer hacking attacks soar as gangs focus on financial data" -- FT

• "Computer hackers stole more sensitive records last year than in the previous four combined, with ATM cards and Pin information growing in popularity as targets, according to a study..."

"Computer Attackers target popular sites in quest for profit" IBD

• Symantec...  "found new varieties of malware rose 265% last year vs. 2007."
• "This is about fraud and theft — I don't think there's any doubt in anyone's mind," said Dean Turner, director of Symantec's global intelligence network unit. "Where this is headed is not good for anybody."

"Computer Spies Breach Fighter Jet Project" WSJ

• "...He spoke of his concerns about the vulnerability of U.S. air traffic control systems to cyber infiltration, adding "our networks are being mapped." He went on to warn of a potential situation where "a fighter pilot can't trust his radar."

"New Military Comand to Focus on Cybersecurity" WSJ

Why is one of the most-serious identified internet/cybersecurity risks currently affecting the Internet and network operators not on the FCC's radar screen?

• More specifically, why does a search of the FCC's website for the term "conficker" return zero results? (see below)

A Google search on "conficker"returned 4.86 million results.

The open Internet's inherent vulnerability to bad actors made the front page of the Wall Street Journal today in an important-to-read article: "Electricity Grid in U.S. Penetrated by Spies." 

Now we better can much better appreciate why Senate Commerce Committee Chairman Rockefeller is so concerned about cybersecurity and committed to making protection of the Nation's critical cybrastructure a much more urgent priority for the Internet.

The WSJ article hit the core internet problem on the head in the article -- its a lack of accountability:

• "It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace."

This problem in this article spotlights why cybersecurity and online safety are very real and pressing problems on the Internet today. It is surprising and alarming why there is not as much public focus on the very real problems of the Internet as there is on potential unproven Internet problems.

Part V

Where is the line between preserving privacy and promoting publicacy? Most would agree there is a line in the sand somewhere where most everyone would agree that publicacy models (i.e. businesses that monetize making information that was previously private -- public) should not cross.

However, in reality there is a big wide grey area around that "line" that few have really thought about, or even tried to define, until recently. The causes of that vast privacy-publicacy grey area are at least fourfold. 

My point here is not at all anti-innovation, but simply that all innovation is not good, because innovation is a means not an end. People can innovate for both good, and bad, purposes. 

• Cyber-criminals, hackers, predators, terrorists and other malfactors, constantly innovate on the open Internet with malware, viruses, spam, botnets, p2p piracy and phishing, denial of service attacks, etc.
• Cyber-security experts marvel at the innovation and ingenuity of these multiplying malfactors.    

My big point here is that the push for the Government to maximize innovation by mandating an "open Internet" is a knife that can cut both ways. Just like an open Internet enables well-intentioned innovators, it also can enable innovative cyber-crooks and bad actors. 

Anything good can become bad or a problem, if it is taken to excess.

Evidence continues to mount that the real problem on the Internet is that it is not as safe and secure as it needs to be -- not that it is not open enough. (Parts: I, II, III, IV) 

"Cyber Security: The Achilles Heel of U.S. Might?" Washington Post

• "...the fact that the nation's cyber vulnerabilities continue to grow, and fast."
• "Both the high-profile attacks and more routine infiltrations have shed light on the vulnerability of critical information infrastructures. For example, the Defense Science Board noted that the U.S. military's information infrastructure is the "Achilles' heel of our otherwise overwhelming military might."

"Smart Grid May be Vulnerable to Hackers" CNN

• "A hacker also might be able to dramatically increase or decrease the demand for power, disrupting the load balance on the local power grid and causing a blackout. These experts said such a localized power outage would cascade to other parts of the grid, expanding the blackout."

'Website-infecting SQL injection hitting 450,000 a day" USA Today

The cybrastructure is everything that can be digitally connected to the Internet, and the cybrastructure is increasingly vulnerable to cyber attack from hackers, criminals, terrorists and other bad actors. The exploding growth in people, devices, information, and systems connected to the Internet, naturally creates an exponential increase in vulnerabilities that bad actors can exploit.  This makes cybersecurity an increasingly urgent priority. 

• Many think of cybersecurity as protecting users, organizations, computers, devices, and private/sensitive information, but it is much more. More and more, cybersecurity is about protecting critical systems too; our banking, capital markets, and e-payment systems; our electrical grid and utilities; our health care infrastructure; our public safety and military systems; etc. -- that all can be accessed or hacked by a wide variety users, organizations, computers, and devices. 
• The cybrastructure now is the vulnerable soft underbelly of our economy and society.   

Fortunately, the security and safety of the cybrastructure is finally getting the priority attention it deserves.   

How can free have a cost? Well a lot of different things are converging in Washington that could bring much more focus to -- "the costs of free" on the Internet.

• Last month's Revised Behavioral Advertising Principles from FTC Staff are largely about making more transparent the privacy "costs" of "free" Internet products and services funded by online behavioral advertising.
• This month's NYT news that House Internet Subcommittee Chairman Boucher now supports passage of new Internet privacy legislation requiring consumer "opt-in" permission in order to exploit consumer information, implicitly recognizes the substantial hidden privacy "cost" of behavioral advertising.
• This week's privacy and security-related complaint to the FTC filed by EPIC against Google's free cloud computing services, further brings to the forefront the hidden "costs" of free on the Internet.

What are the big forward-looking implications for the broader Internet-related economy of Google's announcement it is launching a new variant of behavioral advertising, called "interest-based advertising."

• Analytically, this may be one of the most significant developments in the digital economy, Internet advertising and online privacy in a long time.
• Why? 

First, it is probably a major catalyst escalating and accelerating public discussion about behavioral advertising and online privacy.

Context is always important, and this announcement does not occur in a vacuum. It has broad implications because of the pervasive reach of the issue and the market leadership of the announcer. For example:

What is likely to be the next Twitter, the hot micro-blogging web 2.0 app/phenomenon that lets Twitterers "tweet" to the world what they are doing at any given moment?

• To answer that important forward-looking question we need to extrapolate where current Web 2.0 social networking trends are taking us.

First, since Twitter only allows micro-messages of 140 characters or less (the length of my first sentence), the big trend must be "less is more."

This gave me an idea for a new Web 2.0 killer app: "Fritter."