Advertisement
www.theregister.co.uk/2009/10...onymity/
By Dan Goodin in San Francisco
Posted in Security, 16th October 2009 20:06 GMT
The CEO of Russia's No. 1 anti-virus package has said that the internet's biggest security vulnerability is anonymity, calling for mandatory internet passports that would work much like driver licenses do in the offline world.
The comments by Eugene Kaspersky, who is also the founder of Kaspersky Lab, came during an interview this week with Vivian Yeo of ZDNet Asia. In it, he proposed the formation of an internet police body that would require users everywhere to be uniquely identified.
"Everyone should and must have an identification, or internet passport," he was quoted as saying. "The internet was designed not for public use, but for American scientists and the US military. Then it was introduced to the public and it was wrong...to introduce it in the same way."
Kaspersky, whose comments are raising the eyebrows of some civil liberties advocates, went on to say such a system shouldn't be voluntary.
"I'd like to change the design of the internet by introducing regulation - internet passports, internet police and international agreement - about following internet standards," he continued. "And if some countries don't agree with or don't pay attention to the agreement, just cut them off."
He rejected the notion that internet protocol numbers were sufficient for tracking a user, arguing they are too easy to come by.
"You're not sure who exactly has the connection," he explained. "Even if the IP address is traced to an internet cafe, they will not know who the customer or person is behind the attacks. Think about cars - you have plates on cars, but you also have driver licenses."
Kaspersky was traveling on Friday and not available to be interviewed for this article. A company spokeswoman declined to comment.
Kaspersky admitted such a system would be hard to put in place because of the cost and difficulty of reaching international agreements. But remarkably, his interview transcript spends no time contemplating the inevitable downsides that would come in a world where internet anonymity is a thing of the past.
"You could make the same argument about the offline world," said Matt Zimmerman, a senior staff attorney at the Electronic Frontier Foundation. "You know, every purchase you make should be tracked, we should ban the use of cash, we should put cameras up everywhere because in that massive data collection something might be collected to help someone. But we think privacy is an important enough countervailing value that we should prevent that."
In Kaspersky's world, services such as Psiphon and The Onion Router (Tor) - which are legitimately used by Chinese dissidents and Google users alike to shield personally identifiable information - would no longer be legal. Or at least they'd have to be redesigned from the ground up to give police the ability to surveil them. That's not the kind of world many law-abiding citizens would feel comfortable inhabiting.
And aside from the disturbing big-brother scenario, there are the problematic logistics of requiring every internet user anywhere in the world to connect using an internationally approved device that authenticates his unique identity. There's no telling how many innovations might be squashed under a system like that.
No doubt, the cybercriminals that Kaspersky has valiantly fought for more than a decade are only getting better at finding ways to exploit weaknesses in internet technologies increasingly at the heart of the way we shop, socialize and work. But to paraphrase Benjamin Franklin, those who sacrifice net liberty for incremental increases in security no doubt will get neither. ®
By Dan Goodin in San Francisco
Posted in Security, 16th October 2009 20:06 GMT
The CEO of Russia's No. 1 anti-virus package has said that the internet's biggest security vulnerability is anonymity, calling for mandatory internet passports that would work much like driver licenses do in the offline world.
The comments by Eugene Kaspersky, who is also the founder of Kaspersky Lab, came during an interview this week with Vivian Yeo of ZDNet Asia. In it, he proposed the formation of an internet police body that would require users everywhere to be uniquely identified.
"Everyone should and must have an identification, or internet passport," he was quoted as saying. "The internet was designed not for public use, but for American scientists and the US military. Then it was introduced to the public and it was wrong...to introduce it in the same way."
Kaspersky, whose comments are raising the eyebrows of some civil liberties advocates, went on to say such a system shouldn't be voluntary.
"I'd like to change the design of the internet by introducing regulation - internet passports, internet police and international agreement - about following internet standards," he continued. "And if some countries don't agree with or don't pay attention to the agreement, just cut them off."
He rejected the notion that internet protocol numbers were sufficient for tracking a user, arguing they are too easy to come by.
"You're not sure who exactly has the connection," he explained. "Even if the IP address is traced to an internet cafe, they will not know who the customer or person is behind the attacks. Think about cars - you have plates on cars, but you also have driver licenses."
Kaspersky was traveling on Friday and not available to be interviewed for this article. A company spokeswoman declined to comment.
Kaspersky admitted such a system would be hard to put in place because of the cost and difficulty of reaching international agreements. But remarkably, his interview transcript spends no time contemplating the inevitable downsides that would come in a world where internet anonymity is a thing of the past.
"You could make the same argument about the offline world," said Matt Zimmerman, a senior staff attorney at the Electronic Frontier Foundation. "You know, every purchase you make should be tracked, we should ban the use of cash, we should put cameras up everywhere because in that massive data collection something might be collected to help someone. But we think privacy is an important enough countervailing value that we should prevent that."
In Kaspersky's world, services such as Psiphon and The Onion Router (Tor) - which are legitimately used by Chinese dissidents and Google users alike to shield personally identifiable information - would no longer be legal. Or at least they'd have to be redesigned from the ground up to give police the ability to surveil them. That's not the kind of world many law-abiding citizens would feel comfortable inhabiting.
And aside from the disturbing big-brother scenario, there are the problematic logistics of requiring every internet user anywhere in the world to connect using an internationally approved device that authenticates his unique identity. There's no telling how many innovations might be squashed under a system like that.
No doubt, the cybercriminals that Kaspersky has valiantly fought for more than a decade are only getting better at finding ways to exploit weaknesses in internet technologies increasingly at the heart of the way we shop, socialize and work. But to paraphrase Benjamin Franklin, those who sacrifice net liberty for incremental increases in security no doubt will get neither. ®
posted by:
|
Washington, D.C.
|
Advertisement
Advertisement
-
Re: Security boss calls for end to net anonymity -- Kaspersky's online police state
Fri, October 16, 2009 - 2:09 PMOMG if we gave people passports to be on the internet half the people around here would be in lockup.
Interesting in theory, but impossilbe to pull off on a global scale in my opinion!!
BUT I love Kaspersky's virus software!!! -
-
Re: Security boss calls for end to net anonymity -- Kaspersky's online police state
Fri, October 16, 2009 - 3:14 PMWow.
I particularly like his comment about driver's licenses and identity. We need look no further than REAL ID to see just how hard it's been to implement - it's quite difficult to identify every single person in such a way that would satisfy the rules set out in REAL ID. For example, lots of people don't have birth certificates. At this point, I think DHS would be happy to see it all just go away. If we can't identify every single person accurately in the US for offline REAL ID purposes, how will we identify every single person in the world for online purposes?
And he doesn't devote a word to privacy or or other human rights concerns.
>OMG if we gave people passports to be on the internet half the people around here would be in lockup.
Only half? ;)
>Interesting in theory, but impossilbe to pull off on a global scale in my opinion!!
Yeah, I'm with you. I don't think it can be done. -
-
Re: Security boss calls for end to net anonymity -- Kaspersky's online police state
Fri, October 16, 2009 - 5:39 PMLook at all of those who appear on 'no fly lists' in error?
Can you imagine a list for Internet users?
The no fly list continues to be a problem for many people, and I can't imagine how this could ever be enforced on the www based on the fact the entire world is online. -
-
Re: Security boss calls for end to net anonymity -- Kaspersky's online police state
Fri, October 16, 2009 - 6:14 PMAnd to complicate matters, Finland has just made access to broadband a human right. news.cnet.com/8301-17939_...74831-2.html
Kaspersky's internet policing scheme would fly in the face of access as a human right.
Hopefully more countries will follow Finland's lead....... -
-
Re: Security boss calls for end to net anonymity -- Kaspersky's online police state
Fri, October 16, 2009 - 6:43 PMWow was my initial reaction too. Apparently this is a somewhat popular idea in Russia (not entirely surprising). I wonder if the people who come up with these ideas even stop to think about how it would apply to themselves as well... or wouldn't it? -
-
Re: Security boss calls for end to net anonymity -- Kaspersky's online police state
Fri, October 16, 2009 - 7:12 PMThose who came up with this are simply not thinking.
-
-
-
-
-
