Ramblings of an old Doc
Attribution
Published on June 23, 2017 By DrJBHL In Personal Computing

 

This post has zero to do with politics. I want none on it. While it is relevant to recent events, there's a lot more to it, namely how the Internet has to change for everyone's security (and why it probably won't).

The simple fact it that it is extremely difficult to catch cyber criminals and not much effort is made to actually do so. Why? Because it is almost impossible to accurately attribute attacks. This is because of the way the net was designed by DARPA way back when there was no cyber crime, and when it wasn't anticipated at all.

"The pioneers sough to establish a robust, non-centralized internet that could not be physically destroyed by attacking a few key communications centers, and that could ensure secure communications. The pioneers sought to establish a robust, non-centralized internet that could not be physically destroyed by attacking a few key communications centers, and that could ensure secure communications. But every day, nowadays, there are millions of attacks,” he said. “Nobody goes after the criminals. So why not develop the technologies to do so? Change the internet protocol,” he urged. “You need to re-engineer the internet to enable identification of the source of everything." -Gen. Y. ben Israel

"How does the internet work? You want to send me an email. You have a supplier. Netvision, say. Netvision has Wi-Fi. You’re in contact with a local server, one of thousands. It takes your note and breaks it into packets, each of which has its own ID. That server sends all the packets to all the servers it is in touch with. And all those servers send all those packets to all the servers they’re in touch with. It’s a global infrastructure. Now, one of those servers is my local server. It puts all the packets together and delivers your note to me.

Why was the internet set up like that? One: You’d have to destroy half the world to prevent your note being delivered to me. Two, no single packet has all the information. So everything is secure. That’s how the internet was set up by DARPA." - ibid

Because there are so many methods of attack and so many variants, individual defense is a virtual impossibility. Developing endless tools for defense is equally pointless. What has to happen (if we wish to put an end to the attacks) is redesign of the internet to make attributaability and answerability the sine qua nons.

That would mean that there would be no more privacy regarding the source of posts and communications, etc. It would not mean that personal data would be involved. In fact, personal and financial data would become infinitely more secure.

Unfortunately, insecurities in OSs, software and browsers have to be addressed, as well. Intelligence agencies and law enforcement agencies are in conflict here with personal and state attributability and accountability. Intelligence agencies are very much interested in maintaining vulnerabilities...and that's probably why the net won't change, despite the positives of attributability for law enforcement and for intelligence as well.

 

Sources:

http://www.timesofisrael.com/to-stop-russia-and-other-hackers-we-need-to-overhaul-the-internet-says-top-israeli-security-expert/

https://www.questia.com/library/journal/1G1-280967312/state-level-cybersecurity

https://ccdcoe.org/publications/2010proceedings/Shackelford%20-%20State%20Responsibility%20for%20Cyber%20Attacks%20Competing%20Standards%20for%20a%20Growing%20Problem.pdf


 



 

 


Comments (Page 3)
on Jun 27, 2017

DrJBHL

To think the Israelis would make someone ignorant of IT a Major General in charge of it, and that a University like Tel Aviv U. would do the same is ridiculous.

Anyone recall Gen. Groves and a little thing called the Manhattan Project?  He knew sod-all about physics, but somehow they muddled through...

 

on Jun 27, 2017


Anyone recall Gen. Groves and a little thing called the Manhattan Project?  He knew sod-all about physics, but somehow they muddled through...

But this isn't about the American Army, nor the Manhattan Project, nor Gen. Groves.

Apart from that...

on Jun 27, 2017

DrJBHL

To think the Israelis would make someone ignorant of IT a Major General in charge of it, and that a University like Tel Aviv U. would do the same is ridiculous.

Actually it is not.  If appointed persons the world over actually knew a thing or two about the things/people/decisions they so often preside over, this planet would be a much different place.

More often than not the 'people in charge' simply know/knew the right someone and not so much of the right something!

on Jun 27, 2017

How ironic. You really shouldn't make judgments about people and their capabilities you so casually make assumptions and generalize about. 

 

on Jun 27, 2017

 

Oh I didn't say any of what I've said here 'casually' and as an actual 'IT person' with real experience and knowledge pertinent to the subject at hand I'd say I am at least somewhat qualified in 'passing judgement' on someone who claims title but whose verbiage (even if secondhand) belies capability.

 

on Jun 27, 2017

https://www.a-star.edu.sg/About-A-STAR/Corporate-Profile/A-STAR-Board/Prof-Isaac-Ben-Israel.aspx

Geee...all that without knowing anything about IT or the net. Fascinating. Amazing, actually.

on Jun 27, 2017

DrJBHL

https://www.a-star.edu.sg/About-A-STAR/Corporate-Profile/A-STAR-Board/Prof-Isaac-Ben-Israel.aspx

Geee...all that without knowing anything about IT or the net. Fascinating. Amazing, actually.

 

The professor is definitely very capable at managing people and/or sitting in positions of oversight.  No argument there. 

I still and always will believe he doesn't actually know much (if anything) of the deeper structure of the things he talks about.  This is so common (maybe especially so in this particular field) that if I had a dime for every 'specialist' I actually know more than (in this field) I would be pretty wealthy! 

To me, nothing you have linked or that I have independently searched out and read has indicated to me that I made an incorrect judgement about him.  His is a fantastic 'manager' of people/things.  His in-depth knowledge of the subject matter he presides over certainly seems lacking enough to be called into question.  It is that simple really.

on Jun 27, 2017

He may or may not be an "IT expert".  But is this thread about people, or ideas?

 

Doc, it's easy to point out the drawbacks (I won't say flaws) of the current architecture,  But there seems to be a real dearth of proposals on what to do about it.  And no, a set of requirements for what we want to accomplish does not constitute a proposal.  Without real ideas, the rest is just wishful thinking ... or a jobs program.

 

 

 

on Jun 27, 2017


He may or may not be an "IT expert". But is this thread about people, or ideas?

When the 'ideas' touted in this thread come from 'people' lauded as experts in the field (and whose verbiage has been shown not only to be wrong simplistically but actually fundamentally incorrect), then yes.......it is about both actually!

 

But really......I've said enough.   I am now entering the realm of 'broken record' so I think I'll let my previous replies stand now.

 

on Jun 27, 2017

Same here...

on Jun 27, 2017

 Stopping the bad guys by forcing the good guys to give up their freedom (and anonymity is a freedom) has never worked.  Kind of like disarming law abiding citizens to stop criminals from using guns.

on Jun 28, 2017

gevansmd

 Stopping the bad guys by forcing the good guys to give up their freedom (and anonymity is a freedom) has never worked.  Kind of like disarming law abiding citizens to stop criminals from using guns.

Nothing of the sort, and that's really a completely false analogy. Anonymity is not freedom at all. In fact, it is used by those who are the greatest enemies of freedom to act against freedom. Remember that freedom requires responsibility. There is no responsibility in anonymity because there is no accountability.

on Jun 28, 2017

DrJBHL

Anonymity is not freedom at all.

 

The United States Supreme Court
Anonymity is a shield from the tyranny of the majority. See generally J. S. Mill, On Liberty, in On Liberty and Considerations on Representative Government 1, 3-4 (R. McCallum ed. [ McINTYRE v. OHIO ELECTIONS COMM'N, ___ U.S. ___ (1995) , 24]   1947). It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation - and their ideas from suppression - at the hand of an intolerant society. The right to remain anonymous may be abused when it shields fraudulent conduct. But political speech by its nature will sometimes have unpalatable consequences, and, in general, our society accords greater weight to the value of free speech than to the dangers of its misuse. See Abrams v. United States, 250 U.S. 616, 630-31 (1919) (Holmes, J., dissenting).

http://caselaw.findlaw.com/us-supreme-court/514/334.html

https://www.eff.org/files/filenode/unspecialrapporteurfoe2011-final_3.pdf

 

on Jun 28, 2017

We're teetering on the wobbly edge of politics......

on Jun 28, 2017


The right to remain anonymous may be abused when it shields fraudulent conduct.

Odd that part of your quote. Exactly what I'm referring to.

Meta
Views
» 17369
Comments
» 53
Sponsored Links