Internet Security Concerns, Online Anonymity, and Splinternets

by on February 15, 2009 · 31 comments

What would it take to create a more secure Internet?  That’s what John Markoff explores in his latest New York Times article, “Do We Need a New Internet?”  Echoing some of the same fears Jonathan Zittrain articulates in his new book The Future of the Internet, Markoff wonders if online viruses and other forms of malware have gotten so out-of-control that extreme measures may be necessary to save the Net.  Compared to when cyber-security attacks first started growing over 20 years ago, Markoff argues that:

[T]hings have gotten much, much worse. Bad enough that there is a growing belief among engineers and security experts that Internet security and privacy have become so maddeningly elusive that the only way to fix the problem is to start over.

Like many others, Markoff fingers anonymity as one potential culprit:

The Internet’s current design virtually guarantees anonymity to its users. (As a New Yorker cartoon noted some years ago, “On the Internet, nobody knows that you’re a dog.”) But that anonymity is now the most vexing challenge for law enforcement. An Internet attacker can route a connection through many countries to hide his location, which may be from an account in an Internet cafe purchased with a stolen credit card. “As soon as you start dealing with the public Internet, the whole notion of trust becomes a quagmire,” said Stefan Savage, an expert on computer security at the University of California, San Diego.

Consequently, Markoff suggests that:

A more secure network is one that would almost certainly offer less anonymity and privacy. That is likely to be the great tradeoff for the designers of the next Internet. One idea, for example, would be to require the equivalent of drivers’ licenses to permit someone to connect to a public computer network. But that runs against the deeply held libertarian ethos of the Internet.

Indeed, not only does it run counter to the ethos of the Net, but as Markoff rightly notes, “Proving identity is likely to remain remarkably difficult in a world where it is trivial to take over someone’s computer from half a world away and operate it as your own. As long as that remains true, building a completely trustable system will remain virtually impossible.”  I’ve spent a lot of time writing about that fact here and won’t belabor the point other than to say that efforts to eliminate anonymity for the entire Internet would prove extraordinarily intrusive and destructive — of both the Internet’s current architecture and the rights of its users.  There’s just something about a “show-us-you-papers,” national ID card-esque system of online identification that creeps most of us out. That’s why I spend so much time fighting age verification mandates for social networking sites and other websites; it’s the first step down a very dangerous road.

But what if we could apply such solutions in a narrower sense?  That is, could we create more secure communities within the overarching Internet superstructure that might provide greater security?  Markoff starts thinking along those lines when he suggests…

What a new Internet might look like is still widely debated, but one alternative would, in effect, create a “gated community” where users would give up their anonymity and certain freedoms in return for safety.

… but he is still thinking in terms of a replacement model for the entire Internet, which would be misguided for the reasons I stated above.  We don’t want to force a single, intrusive, anonymity-killing replacement model on the entire online universe.  Starting over isn’t even possible in a practical sense.

It’s a shame that Markoff didn’t interview my old colleague Wayne Crews for his story because Wayne has outlined an alternative framework worth considering. For many years, Wayne has been preaching about “spinternets,” or the notion that we need to start thinking about how develop not just one better Internet, but many better Internets. In a visionary piece for Forbes back in early 2001, Wayne argued that the solution to the growth of various online concerns “is more Internets, not more regulations”:

The Internet needs borders beyond which users can escape damaging political resolutions of these battles, which are rooted in the Internet’s nonowned, common-property status. Conflicting legislative visions in a cyberspace populated by exhibitionists at one extreme and would-be inhabitants of gated communities on the other, reveal the basic truth that not everybody wants or needs to be connected to everybody else.

Again, there’s that notion of “gated communities” that Markoff brought up. It’s not for everybody, but those seeking greater security could perhaps find it inside such online communities. Of course, others who wanted a different experience could start a completely different gated community under Wayne’s model.

But the problem with this notion, quite obviously, is that very few people want to stay inside their gated communities all the time. In the physical world of gated communities, for example, members of it still like to get out of there once and awhile to visit shops, events, parks, friends and family, etc.  The same goes for the Internet.  Just ask all those former denizens of AOL’s gated community.  For awhile, many of them — over 25 million strong at the zenith of its popularity — were content to spend most of their digital day inside the walls of Case’s Castle.  Gradually, however, they felt the need to explore outside those walls.  And so they did.  A mass exodus ensued and the walls came crumbling down around AOL’s gated community.

But that doesn’t necessarily mean the idea of online gated communities is entirely dead. There are certainly many closed, tightly-controlled networks out there already — mostly in corporate or government environments — that offer a glimpse of how such a model might work in practice.  Also, smaller social networking sites aimed at kids provide another example since they are usually tightly-controlled walled gardens that offer much greater security.

But Wayne was always thinking of something bigger — much bigger — than just closed corporate / government networks. He was thinking about a world of many different Internets that didn’t necessarily have a back door to the broader Internet. Think of it as many parallel, but unconnected digital systems and networks, each serving a different set of values and cultures with unique rules.

Wayne envisioned the primary critique of this model in his original piece, noting that “it will be criticized as Balkanization.”  Indeed, Sonia Arrison called it “techno-isolationism, which goes against the very spirit that makes the Internet great.”  Indeed, it certainly would destroy something very precious about the current Internet — universal connectivity and openness.  But that’s sort of the point, isn’t it!  Universal connectivity and openness have given us many wonderful things, but some troubling things, too.  That’s what Markoff was getting at in his NYT piece, and it’s part of what Wayne was aiming to address with his splinternets idea.

But do we really want to encourage a world of multiple Internets where, presumably, they are split right down to the root? In other words, there wouldn’t be a common language for networks to communicate or a way to access many sites and services outside the particular Net you are on at any given time. It would be the equivalent of living on different digital planets that never linked or communicated.

I think it’s unlikely we’ll ever get there, and if we did it would likely be driven by global governments challenging ICANN and existing Internet governance structures. In other words, the DNS root would be completely split by some countries (China?) who didn’t want to play by the same rules as the rest of the interconnected world, or who wanted to try to impose a different vision upon a new, competing global network.

But might there be a way to find a happy middle ground between the Wild West commons of the current Net and the “techno-isolationism” of Wayne’s splinternet model?  Perhaps “Splinternet-lite” is the solution.  Within the confines of the existing Internet superstructure, there are ways to create walled gardens today and limit the number of back doors to the broader Net.  Again, the smaller social networking sites and virtual worlds aimed at kids already do that. Once you’re in there, you’re in a very different world. You have to be fully verified before you’re even let in the door, and once you’re inside their are tight limits on what you say, do, and explore. And you’ll get booted out pretty quickly if you break the rules.  The result is greater safety and peace-of-mind for kids and parents alike. It’s a less clear, however, how that model would “scale up” and apply to the entire universe of online networks.  I think we’ll have to be content with small patches of security within a world of insecurity. That’s the cost of the openness and interconnectivity that the Net current gives us.

In sum, there is no clear answer to John Markoff’s question, “Do we need a new Internet?”  We certainly could do more to address the problems with the current Net, but upending it and starting over isn’t likely an option.  More micro-splinternets within the overarching Net superstructure, however, might help those who are particularly risk-conscious find safe haven from various cyber-security fears. But it won’t shelter them from those problems completely.

  • http://blurringborders.com Kevin D

    Couple thoughts:

    1. Don't we have splinternet-lite already? Yet Facebook and MySpace certainly aren't secure. Aren't we just going to face the similar arms race within the splinternets (especially ones that are big enough (scaled up) to be a worthwhile target.

    2. Also, I'm surprised you didn't address this more in the context of Zittrain's book. As much as there are examples of contingent generativity in the mobile arena, “The Future of the Internet” was about the broader threat coming from a backlash against the insecurities of openness. The ideas Markoff addresses are that.

    I think what's missing from this discussion is what Zittrain has promoted: civic technologies. (If you haven't seen it already, you should check out the video linked here: http://blurringborders.com/2008/07/13/civic-tec…) People should be engaged and aware and have a civic ethic in dealing with technology.

    3. Another reason to avoid an “Internet passport” would be that it could increase the risk – if identity is tied to Internet use, exploits would threaten our identity security.

  • http://www.techliberation.com Adam Thierer

    Good points, Kevin. I agree that social networking sites are, in many ways, already becoming mini-Splinternets. One of the interesting points Randall Stross makes in his new book Planet Google is how Facebook is essentially rebuilding the old walled garden model and establishing a self-governing community playing by a somewhat different set of rules than the rest of the wide open Net. It's true to some extent, but Facebook also has some back doors to the broader Internet and is not exactly the same sort of thing Wayne Crews is talking about. But, as you note, it's has micro-splinternet qualities.

    Also, regarding the Zittrain point, I addressed it somewhat in my original review of his book. To recap, I agree that civic technologies can play a role in correcting *some* online security problems. But, as I noted in my review, the flaw with this approach is that:

    “It seems he wants to solve the problems brought about by openness with more openness — primarily in the form of collective intelligence and action. If we all just find smart ways to work together, we can improve open systems, he argues. Well, sure we can.. sorta. But it will never work perfectly on its own. Some people are going to want more safety and security. They should get it, even if comes in the form of 'sterile appliances and tethered devices.' Because, again, the rest of us always have the option to choose something else.”

    http://techliberation.com/2008/03/23/review-of-

    In other words, some folks are just going to want to drop out of the current system entirely and find the sort of “gated communities” that Markoff and Crews are talking about. What I was getting at in my piece is that it is harder to create those communities than people think, and they come at a cost — lost connectedness and openness.

  • MikeRT

    Just look at what happens to gated communities in the real world: they become more attractive targets for serious, seasoned criminals. In many respects, a middle class family's children in Mexico City are more secure on a daily basis than the children of the rich who live in elaborate, secure gated communities.

    Furthermore, if splintered networks really worked, then military networks like SIPRNet would never get hacked, but they occasionally do by foreign governments. When you split off from the rest of the Internet, you make yourself a bigger target. Some systems should be off that grid, but people shouldn't kid themselves that it offers a huge security boost over anyone other than low-level criminals.

  • http://hyperfamily.blogspot.com/ Wayne Crews

    Adam thanks for this; when i first saw your email to me yesterday on the New York Times article I didn't realize you'd done this extensive post (cursed blackberry screen, plus nosepicker kids in the background).

    Guess you've caused me to jump back into the “Splinternets and Cyberspaces” debate. Basically my point has always been that the “capital-I” Internet of today is not the same as not-yet-created multimedia networks that will exist in the future; those will have numerous dedicated purposes and will need to keep certain people off and would be crazy to blindly adopt an overly open architecture that is an artifact of the Internet's public origins. All property moves toward private, proprietary control; that will include future network technology. Networks may use “internet” technology, but need not all use the same physical network. This is especially feasible as societies generations hence become wealthier and network industries' various ventures create an assortment of dedicated networks. Metcalfe's Law is true, but so is my corollary; that if people are on your network deliberately devoted to destroying it or otherwise creating pandemonium or preventing you from making security and privacy guarantees to anyone, then the value of your network rises as you flick them off. Note that, in utter contrast to the net neutrality unicorn, this is a future of vastly greater and diverse network-and-infrastructure (and content) wealth than imaginable today.

    Also, related privacy work i do makes a case that, even as we strive to protect political anonymity online, we may need/desire less commercial anonymity, which will drive the creation of such networks. More on that to come i suppose, since you drew me out on this, but there's a link to a policy study somewhere.

    -wayne crews

  • Pingback: A long winded post that is mainly about the Internet, but it strays. « Heavy On The Seltzer

  • dm

    “All property moves toward private, proprietary control” is too simple-minded a maxim. It may be true of exclusionary resources, but it's not true of things that can be duplicated freely or shared freely. Nor is it true where the transaction-costs of maintaining proprietary control weigh too heavily against the benefits gained from that proprietary control. Technology can decrease transaction costs (look at the notion of replacing toll-booths with stations that photograph one's license plate and send one a bill — now every street has the potential of being a toll-road), but it can also decrease the utility of those charges — the old bits-vs.-atoms argument that's dissolving intellectual-property monopolies, or DRM that does more harm than good, for examples.

    Your gated-community notion is interesting, but I'm not convinced you aren't just re-inventing Compuserve and AOL. Those open technologies are widespread because they deliver benefits that closed technologies do not.

    For that matter, I think you've been overtaken by your metaphors — we don't have one “physical network” now. We have an amalgam of networks with gateways between them that pass data using various physical protocols, with IP sitting on top of them (and TCP and friends on top of that).

  • dm

    “All property moves toward private, proprietary control” is too simple-minded a maxim. It may be true of exclusionary resources, but it's not true of things that can be duplicated freely or shared freely. Nor is it true where the transaction-costs of maintaining proprietary control weigh too heavily against the benefits gained from that proprietary control. Technology can decrease transaction costs (look at the notion of replacing toll-booths with stations that photograph one's license plate and send one a bill — now every street has the potential of being a toll-road), but it can also decrease the utility of those charges — the old bits-vs.-atoms argument that's dissolving intellectual-property monopolies, or DRM that does more harm than good, for examples.

    Your gated-community notion is interesting, but I'm not convinced you aren't just re-inventing Compuserve and AOL. Those open technologies are widespread because they deliver benefits that closed technologies do not.

    For that matter, I think you've been overtaken by your metaphors — we don't have one “physical network” now. We have an amalgam of networks with gateways between them that pass data using various physical protocols, with IP sitting on top of them (and TCP and friends on top of that).

  • Pingback: Antivirus Program For XP | Antivirus Software Ratings'09

  • dm

    “All property moves toward private, proprietary control” is too simple-minded a maxim. It may be true of exclusionary resources, but it's not true of things that can be duplicated freely or shared freely. Nor is it true where the transaction-costs of maintaining proprietary control weigh too heavily against the benefits gained from that proprietary control. Technology can decrease transaction costs (look at the notion of replacing toll-booths with stations that photograph one's license plate and send one a bill — now every street has the potential of being a toll-road), but it can also decrease the utility of those charges — the old bits-vs.-atoms argument that's dissolving intellectual-property monopolies, or DRM that does more harm than good, for examples.

    Your gated-community notion is interesting, but I'm not convinced you aren't just re-inventing Compuserve and AOL. Those open technologies are widespread because they deliver benefits that closed technologies do not.

    For that matter, I think you've been overtaken by your metaphors — we don't have one “physical network” now. We have an amalgam of networks with gateways between them that pass data using various physical protocols, with IP sitting on top of them (and TCP and friends on top of that).

  • Pingback: Icma2002.Com » Blog Archive » Do You Want a New Internet?

  • Pingback: Splinternets and cyberspaces vs. net neutrality | The Daily Caller - Breaking News, Opinion, Research, and Entertainment

  • Pingback: book review: Cyber War by Clarke & Knake

  • Pingback: book review: Cyber War by Clarke & Knake

  • Pingback: How to Astral Project

  • Pingback: http://youtube.com/watch?v=gkjAd-goBwY/

  • Pingback: buy afterburn fuel

  • Pingback: Michele Pitts

  • Pingback: Australian Derby

  • Pingback: topsail rentals

  • Pingback: san carlos ca exotic auto detailing

  • Pingback: 21 Day Sugar Detox

  • Pingback: Last minute aanbiedingen

  • Pingback: http://www.phenobestin.com/t-phentermine-diet-pills-vs-phenobestin.aspx

  • Pingback: garcinia cambogia, about garcinia cambogia, all natural garcinia cambogia, all natural garcinia cambogia extract, all natural weight loss, all natural weight loss supplement, amazon garcinia cambogia extract, amazon garcinia cambogia extract pure, appetit

  • Pingback: premier league malaysia

  • Pingback: garcinia cambogia

  • Pingback: roulette system

  • Pingback: payday loans

  • Pingback: How To Make A Million Dollars Today

  • Pingback: Discover NHCPS

  • Pingback: Wake up now

Previous post:

Next post: