Windows 7 Sins
« « Interview with Olivier Cochard-Labbé, founder of FreeNAS
How to enhance the physical security posture of your Linux/BSD-powered PC » »

Anonymity and the Internet

February 3rd, 2010 • Category: privacy and licensing

Universal identification is portrayed by some as the holy grail of Internet security. Anonymity is bad, the argument goes; and if we abolish it, we can ensure only the proper people have access to their own information. We’ll know who is sending us spam and who is trying to hack into corporate networks. And when there are massive denial-of-service attacks, such as those against Estonia or Georgia or South Korea, we’ll know who was responsible and take action accordingly.

The problem is that it won’t work. Any design of the Internet must allow for anonymity. Universal identification is impossible. Even attribution — knowing who is responsible for particular Internet packets — is impossible. Attempting to build such a system is futile, and will only give criminals and hackers new ways to hide.

Imagine a magic world in which every Internet packet could be traced to its origin. Even in this world, our Internet security problems wouldn’t be solved. There’s a huge gap between proving that a packet came from a particular computer and that a packet was directed by a particular person. This is the exact problem we have with botnets, or pedophiles storing child porn on innocents’ computers. In these cases, we know the origins of the DDoS packets and the spam; they’re from legitimate machines that have been hacked. Attribution isn’t as valuable as you might think.

Implementing an Internet without anonymity is very difficult, and causes its own problems. In order to have perfect attribution, we’d need agencies — real-world organizations — to provide Internet identity credentials based on other identification systems: passports, national identity cards, driver’s licenses, whatever. Sloppier identification systems, based on things such as credit cards, are simply too easy to subvert. We have nothing that comes close to this global identification infrastructure. Moreover, centralizing information like this actually hurts security because it makes identity theft that much more profitable a crime. Continue reading.

Subscribe by ...

To receive future articles like this one in your inbox or Feed reader, please take a few seconds to subscribe to this site by email or RSS. You may also follow us on Twitter.

Delicious Digg Facebook Friendfeed Friendster Mixx Newsvine Reddit Stumbleupon Technorati Twitter

Sponsored Links

The next best thing to fruits & vegetables is Juice Plus

Buy Fedora installation media at very low prices from OSDisc

Don't have high speed Internet access? Buy Ubuntu and Mint installation media at very low prices

Develop your community's collaboration and communication skills with Collaba server

To buy a text link ad here, send us an email

LinuxBSDnews
« « Interview with Olivier Cochard-Labbé, founder of FreeNAS
How to enhance the physical security posture of your Linux/BSD-powered PC » »

Leave a Reply




XHTML::
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


Copyright © • LinuxBSDos.com