http://www.theregister.co.uk/2007/10/02/richard_clarke_speech_trust_online_santa_clara_university_microsoft/ By Cade Metz in Santa Clara 2nd October 2007 Richard Clarke, the man who served President Bush as a special adviser for cyber security, has a five-point plan for saving the internet. Speaking at a Santa Clara University conference dedicated to "trust online," Clarke called the net "a place of chaos in many ways, a place of crime in many ways," but laid out several means of righting the ship, including biometric IDs, government regulation, and an industry wide standard for secure software. He even embraces the idea of a closed internet - which seems to have sparked a death threat from net pioneer Vint Cerf. "A lot of these ideas go against the grain. A lot of these ideas are ones people have already objected to - because of certain shibboleths, because of certain belief systems, because of certain idealogical differences," Clarke said. "But if we're going to create trust in cyberspace, we have to overcome some of those shibboleths, overcome some of those ideological differences, and look anew at these ideas." According to Clarke - who was also a special assistant to the President for global affairs and national coordinator for security and counter-terrorism - about 35 per cent of all U.S. citizens would rather shoot themselves than carry a national ID card. But he thinks they're being silly. He believes biometric IDs are an essential means of fighting online crime. "One thing you could do with a biometric ID card - if you wanted to - is prove your identity online," he said, as if taunting his critics. Yes, he realizes that internet mavens value online anonymity. But he insists this has nothing to do with biometric internet IDs. "One of ideological underpinnings of the internet is that we're anonymous," he said. "Well, guess what? We're not anonymous. Amazon and DoubleClick and all those other companies already know everything about what you're doing online." ID cards don't eliminate anonymity, he explained, because anonymity is already gone. Then he added that Bill Gates agrees with him. Next, Clarke called for more government oversight of the net. According to his rough calculations, 75 per cent of all U.S. citizens are against government regulation of any kind. But he thinks they're being silly too. "You don't want government regulation? Then just let your kids eat all that lead off their toys." In short, he believes the Federal Communications Commission (FCC) should force ISPs to crack down on cyber-crime. "[The FCC] could, for example, say to all the ISPs, 'You will do the following things to reduce fraud, bot nets, malicious activity, etc." Isn't the government one of the problems where online privacy is concerned? It is, as Clarke pointed out. He also called for a nonpartisan organization dedicated to fighting abuses of government power. "What if we had a champion in the government who we trusted on privacy rights and civil liberties? What if we had a government advocate with real power to ensure that the government doesn't violate privacy rights." That's three points from the five-point plan. Two more to go. Number four: A secure software standard. "We should look, as an industry, at improving the quality of secure code, so that we don't need to issue software patches, so there aren't trap doors - intentional or otherwise," he said. "This is not a revolutionary idea. We put this in place a long time ago for electrical appliances." This is Clarke's least controversial notion, but you have to wonder how effective it can be. Removing all bugs from electrical equipment is one thing. Removing them from software code - some of the most complex stuff ever invented - is another. In discussing secure software standards, Clarke slipped in another plug for Microsoft. "This is an idea Microsoft has already championed," he said. And then he said it again. Bill and gang sponsored the conference. And, yes, Clarke's fifth and final idea is a less than open internet. "Another idea that's already been rejected that I think we should look at again is the idea of a closed internet," Clarke said. "Why should the part of the internet that's connected to the power grid be open? Why should that part of the internet that runs nuclear laboratories be open? Why shouldn't there be a closed internet? There are already relatively closed internets - and now we need to think seriously about expanding them." Several years ago, when Clarke suggested the idea to Vint Cerf, the internet founding father had a fit. "[He] implied he was putting together a firing squad to take me out," Clarke said. __________________________________________________________________ CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques. Register now for savings on conference fees and/or free exhibits admission. - www.csiannual.com
This archive was generated by hypermail 2.1.3 : Tue Oct 02 2007 - 23:37:07 PDT