Interesting People mailing list archives
IP: Some thoughts by Dave Farber (me) on Living Riskier Electronically
From: Dave Farber <farber () cis upenn edu>
Date: Sun, 25 Jun 2000 11:46:02 -0400
I have gotten several notes re the Times article and have noted Bob Morris's comment [ I knew Bob first when his Dad Bob Morris put him in my arms at Bell Labs djf] There are two areas of attack on the Internet. The first and the one we primarily have seen are primarily attacks on the user and server software. They will always be subject to what one could call the ECM turnstile. We will get attacked and the software will be fixed and the attackers will search for new vulnerabilities and we will get hit and fix those and it will be a endless round and round. Proper attention to correct security design in new products would help a lot. Better hardware systems to ensure the ability to build secure software will help. Bob's concerns address this point. What I worry about is that future and maybe current attackers will not be high school kids but very smart and with it professionals with a cause. I am a lot more worried by attacks on that part of the Internet that lies in its arterial structure -- namely the set of protocols and software that control the routers and traffic systems of the core internet. Much of the protocols were designed in those happy old days (well reasonably happy). I and others I have spoken to have little confidence that there are not a number of interesting attacks which can do a number on the internet communications system with result similar to the failure of the SS7 part of the POTS network (not the same causes). We also may be constructing a commercial environment which is very vulnerable to reliability failures due to limited peering relationships. I for one would like to understand just how solid or vulnerable we actually are so we can fix it and as we fix it we can tell senior policy makers and the congress what the true state of the net is. Dave "The Net's going to go fumbling along until there's a massive intrusion," said Dave Farber, an Internet pioneer and chief technologist for the Federal Communications Commission. "Then everything will hit the fan. Congress is going to go ballistic, and we're going to panic our way into doing something." "The Internet was built in an age when we all knew each other, we all trusted each other, we were talking about where to have dinner and what silver futures to buy," said Mr. Farber, speaking of the scientists who built it. "Now we've moved it into an environment where the country counts on it. And it's very hard to retrofit security." "The opportunity for things to go wrong is always increasing," said Robert Morris, an assistant professor of computer science at the Massachusetts Institute of Technology who is perhaps better known as the creator of the first Internet worm, which crippled the network in 1988. "More people are also going after things. But it's not clear who's going to win, the people who write software with bugs or the people trying to fix the bugs."
Current thread:
- IP: Some thoughts by Dave Farber (me) on Living Riskier Electronically Dave Farber (Jun 25)