Kaminsky Warns Black Hat Audience of Risks to the Internet
During his Black Hat keynote, Dan Kaminsky outlines a litany of risks to the continued functioning of the modern internet and identifies the keys for moving it forward.LAS VEGAS—In a rambling, hourlong keynote address at the Black Hat USA conference here today, security luminary Dan Kaminsky detailed the risks and the opportunities inherent in the internet. Kaminsky first shot to fame in 2008, when he revealed a flaw at that year's Black Hat USA event in the pervasive Domain Name System (DNS) protocol. At the time, he said that a web doomsday had been averted and the continued safe operation of the internet could continue. Now in 2016, with threats of government surveillance and an ongoing public debate about the use of encryption, Kaminsky once again sees the basic fabric of the internet to be at risk. "We have work to do to keep the internet working," he said. "I'm here to encourage everyone to notice what is wrong, how it can get worse and what we can do about it." Kaminsky said that it's possible that the internet as we know it today could be lost if bad policies are enabled that restrict the promise of an open internet. He recounted that AOL in the United States and Minitel in France were two predecessor internet-like networks that were successful for a while but failed when the internet we have today emerged. The reason why those other networks failed in Kaminsky's view is because they had central authorities and were not fully open and distributed to global innovation in the way that the modern internet is today.
Fears over security could lead to a more closed internet, and that's not a good thing. Kaminsky said that with the internet of things (IoT), people are assuming it to be insecure right out of the gate. He added that while that might be true, assuming such a new technology is insecure so soon is vastly different from the smartphone experience. Smartphones, which have been around for a decade, weren't assumed to be insecure at the outset.