Why Vint Cerf Thinks Net Security Should Go Back to the Future
It was then, right at the outset, that the security of the public network posed a thorny, lasting problem. "At this point, you have the general public involved. This means that not only do you get a lot of good guys using the net, but you get a lot of bad guys, as well," Cerf said. "And although there may not be that many bad guys, there are enough of them to cause a lot of trouble. They're out there to take advantage of other people." Firewalls Weren't in Original Plan Perimeter defenses—or firewalls—of Internet-connected computers was not part of the original design of the net, Cerf said.Cerf suggested that perhaps enterprises, governments and individuals should look to the origins of the Internet to reinvent security of personal and business information in the network for the future. "It's very important for us to seriously revisit the ability of operating systems to defend themselves," Cerf said, "to revisit the use of strong authentication, two-factor authentication and the like [and] to revisit mechanisms for applying cryptographic methods in order to defend every single computer from everything. And, of course, it's getting more important to do that because some of the things that are joining this network are not only desktops and laptops and pads and mobiles but now appliances in the machine-to-machine world. "I am very worried about the headline that says: 'One Hundred Million Refrigerators Attack Bank of America.' We can laugh at that, but it could happen. Even if you don't use it [the network] for more than very simple kinds of control—like a refrigerator or the heating and ventilation of a building—the actual platform is quite powerful and can be overtaken, and it will be used by people who will use it as a launching platform for distributed denial-of-service attacks or other malicious things. "This is why enterprises and the academic community have to refocus on what it takes to make the hardware and software a lot more resistant to penetration." People should all be very conscious of the fact that the Internet is "a fundamental infrastructure that is neutral and is subject to both use and abuse," Cerf said. "We don't have to tolerate it, but we have to accept that there will be abuse on the net." The Internet: Golden Goose of Commerce "Even though we have a broad range of bad stuff happening on the Internet, in some sense threatening to its historical openness and freedom, the reason I feel very strongly that we need to find ways to preserve that freedom is that as you try to shut the net down and prevent bad things from happening, you also wind up destroying the golden goose," Cerf said. "The freedom and ease of access to the net is what has generated so many businesses now operating in the world."
"The original design was that computers had to defend themselves and validate the parties that wanted to communicate with them, and [which computers] they themselves wanted to communicate with," Cerf said. "And if they couldn't validate that, they shouldn't allow that communication. This firewall notion sort of popped up as a response to an enterprise desire. Perimeter defense is not stupid, but it is inadequate."