Sometime during the next four years, the new administration is going to take up the question of how to ensure security on an insecure Internet. I hope it is more possessed of inspired brilliance about how to achieve that cherished objective than the outgoing administration.
Last week, a senior official at the National Security Council told a gathering of privacy officials in Redmond, Wash., that the best way to ensure Internet security for commercial transactions and government agencies was to bifurcate the Internet. The official, Richard Clarke, didn't get into the nitty-gritty, but he sketched the contours of a "secure zone" that would be outfitted to offer protection against cyber-disruptions.
He gets a couple of things right: The convergence of information technology is proceeding fast apace, and all communications are destined to travel over the Internet. But he inexplicably gives short shrift to the fact that the Internet's success has been powered by the absence of control.
My two cents: Clarke's heart may be in the right place, but his head is somewhere else.
To be sure, there's a crying need to provide a defense against serious disruptions, and something ought to be done about fostering better protection against credit-card fraud, viruses, and general hack attacks.
But Clarke and his braintrust need to go back to the drawing board because this proposal, which would strip away user anonymity, is badly flawed.
His prescription for a new world order would encompass the equivalent of an all-seeing eye in the sky. The idea: to make sure that all of you boys and girls -- and everything between -- play nicely. This is thin gruel.
For starters, there's the not-so-insignificant question of who should oversee this benevolently walled-off garden. If it ever sees the light of day, this hot potato wouldn't remain long on the back burner. Anticipate howls -- if not legal challenges -- from outraged cyber-libertarians who would vigorously register their displeasure about any plan to strip away cyber-anonymity.
Nobody's provided compelling evidence to persuade me that the removal of anonymity would modify certain pranksters' mischievous ways. The experience of the last several years is that if you build it, they will hack.
And it's not just congenital bellyachers like me who can be counted on not to cotton to the idea. When network administrators hear about Clarke's proposal to strip away anonymity, they're going to dig in their heels -- not because they're a bunch of goody-two-shoes on the subject of privacy rights but because it goes against every fabric of their being.
Your average network administrator is a congenital busybody who wants to know what you're doing and why. Lord knows I love 'em, but these folks belong to a particular species of animal. In their world, a company's users are online only by the sufferance of the IT department's royal fiat. They don't willingly cede prerogative and would dig in their heels to any suggestion they give up even partial control of their network.
Politicize any issue and debate is bound to drag on for months before any resolution. I suppose the government could build its own private network (but at what cost?). I have a more modest proposal: Go back to basics. Fix the routers and the other problems with the existing infrastructure that girds the Internet.
Already, there's an IP overhaul in the works. The Internet Engineering Task Force rollout of IPv6 will provide higher-performance networks with larger address space, better packet performance, and tighter security than the more than two decades-old predecessor.
All this is a lot more boring than talking about gazillion-dollar defenses against the likes of Abu Nidal and Mafiaboy. But I'm still waiting for somebody to convince me that this cyber-equivalent of Star Wars better serves the larger public interest.