Educause Security Discussion mailing list archives
Re: New Internet for Security
From: Tracy Mitrano <tbm3 () CORNELL EDU>
Date: Sun, 15 Feb 2009 12:22:27 -0500
Interesting discussion and one that follows an idee fix of mine recently: that the United States should have a separate federal agency devoted to the Internet (not unlike what was created for transportation or communication in the last century or so). One more thought to add to the discussion, this one not in the least bit new but a good reminder. As Lessig pointed out, the Internet is not a technology, but influenced, at the very least, by social norms (users), the law (and policy), market (and regulation of it) as well as technology (physical, logical and applications). Too often, it seems, we have allowed ourselves, and worse yet law- makers, to think of the Internet as a one dimensional "technology." (Witness p2p provisions in the HEOP.) In our attempt to stand strong on our missions in higher education (no matter what form it takes in the next half century or so given myriad challenges and winds of change), we will fail to progress in melding information technology into that enterprise so long as we allow ourselves to be defined only in these technological terms. Once we embrace the full, multi-dimensional nature of the phenomenon that is the "Internet" we significantly empower our thinking and the message we hope to contribute to our institutional administrations, governments and, in exercise of our service mission, as educators to the public. And who better than the technologists to preach that sermon? Thanks, Gene, for getting us started on an important discusion! On Feb 15, 2009, at 11:51 AM, Gene Spafford wrote:
The following link is to a blog entry someone wrote about John Markoff's piece in the NY Times yesterday. Not surprisingly, I agree with it: http://davidakin.blogware.com/blog/_archives/2009/2/14/4093378.html On Dave Farber's list there was some discussion of this, and then a post about yet another breach of a credit card processor. I wrote the following:Consider that some estimates of losses to computer crime and fraud are in the many billions of $$ per year. Consider how much money is repeatedly spent on reissuing credit and debit cards, restoring systems from backups, trying to remove spyware, bots, viruses, and the like. Consider how much is spent on defense mechanisms than only work in limited cases -- anti-virus, IDS, firewalls, DLP, yet latest fad. What effect does that play on global economic downturn? It is certainly a drag on the economy. Now, think about the solutions being put forward, such as putting all your corporate assets and sensitive records "out in the cloud" somewhere, on servers that are likely less well-protected or isolated than the ones being regularly compromised at the banks and card processors. But it will look cheaper because organizations won't need to maintain resources in-house. And it is already being hyped by companies, the NSF and CCC as "the future." Who can resist the future? Now, stir in the economic conditions where any talk of replacing infrastructure with something that costs more at first, or that needs more than a minor change of business processes is going to be dismissed immediately as "crazy." And let's not forget that when the economy goes bad, more criminal behavior is likely as people seek value wherever they can find it. And yet, the institutional responses from government and big vendors will be more of the same: update the patches, and apply another layer of gauze. The situation isn't going to get better -- it's going to get worse. Much worse.--spaf
Current thread:
- New Internet for Security Theresa Rowe (Feb 15)
- <Possible follow-ups>
- Re: New Internet for Security Marty Manjak (Feb 15)
- Re: New Internet for Security Gene Spafford (Feb 15)
- Re: New Internet for Security Tracy Mitrano (Feb 15)
- Re: New Internet for Security David Shettler (Feb 15)
- Re: New Internet for Security Jeffrey I. Schiller (Feb 15)
- Re: New Internet for Security John Bambenek (Feb 15)
- Re: New Internet for Security Leo Song (Feb 15)
- Re: New Internet for Security Dennis Meharchand (Feb 15)
- Re: New Internet for Security Kevin Shalla (Feb 16)
- Re: New Internet for Security Hugh Burley (Feb 16)
- Re: New Internet for Security Keith Schoenefeld (Feb 16)
- Re: New Internet for Security Valdis Kletnieks (Feb 17)
- Re: New Internet for Security Valdis Kletnieks (Feb 17)