Jonathan Zittrain is correct. Internet security is fundamentally flawed, and radical, community-based intervention is vital to mitigating the ubiquitous, hostile elements that threaten the Web. However, his article is problematic, lacking a clear objective, and marred by several fallacies. More importantly, his computer security ideas do not address the core, causative factors of insecurity and other significant categories of Internet maliciousness that would easily circumvent his proposed solutions.
First, the small problems. Zittrain begins with a multi-page, historic overview of some well-known Internet malware events. Unfortunately, Zittrain incorrectly mixes the descriptive labels of virus, worm, and Trojan. Although casual readers might not notice the inaccurate usage, it will undermine his proposed solutions among anti-malware experts.
Zittrain also frequently undercuts his own predictions. For example, he writes that computers, are becomingand will continue to becomeincreasingly less open and innovative, citing the examples of Microsofts Xbox 360 and Apples iPhone. But he also champions the innovative wiki, Skype, and Googles Android, a revolutionary, ultra-open cell phone. Its hard to say that closed systems are taking a more prominent role when open examples abound. Even the closed systems he mentions are becoming more open thanks to competition and customer demand.
The larger problems with the essay are two-fold. First, Zittrains proposals do not address many classes of malicious Internet behavior, including password guessing, remote buffer overflows, spam, phishing emails, network eavesdropping, malformed data, physical attacks, mis-configurations, and social engineeringwhereby users are induced to divulge information they otherwise would not. The author focuses on preventing end-users from intentionally running malicious executable code. This is a needed, laudable goal. But he ignores the significant threats posed by the other classes of malware.
And, the core security problem of the Internetpervasive anonymity and lack of accountabilityisnt even addressed. The key issue, the one that if solved would make the Internet a safer place to compute, isnt even considered. It is like a car mechanic confirming an oil leak and then recommending higher viscosity oil.
The articles second major failing is that the interim solutions Zittrain offers have already been considered and found to be lacking. One, Generative PCs with easy reversion, covers easily reversible computers and secondary virtual environments. Yet all of these types of environments contain innate connections to their underlying host computer, which can be exploited by malware. To date, not a single virtual environment has been created that does not allow unexpected host interaction.
The idea of encouraging more easily reversible computer environments also fails because it relies on the end-user to determine when to reverse the environment. If average end-users knew when they had been maliciously manipulated, we wouldnt need the reversible environment in the first place. The truth is that the vast majority of end-users dont know that they have been infected by malware or exploited. Much of the malware on a given PC originates in programs that a user intentionally installs or legitimate, trusted Web sites that are maliciously modified without the users knowledge.
But let us unrealistically suppose that the average end-user could notice a malware infection 60 minutes after it happened (the real timeline could probably be measured in weeks or months). Malware working at machine language speeds can easily do what it needs to (e.g. steal passwords, re-direct the user to a Trojan Internet location, send spam, attack another computer, etc.) within the shortened time frame. Todays botnet-inspired malware is intentionally coded to be mobile and efficient. By the time the average user recognizes that his or her computer is infected, and attempts to reverse the environment, the damage is done.
Zittrains essay uses Wikipedia as a positive comparative example for computer security. Wikipedias community nature allows it to self-heal and correct errors‚ maliciously posted or not. I love Wikipedia and use it nearly every day. But its entries can remain inaccurate for weeks, and some are never corrected. The billions of commercial dollars crossing the Internet every day cannot abide reactive, slow to fix, corrections. The caring community of the Wikipedia does not scale into the business world.
But one should not take my criticisms to suggest that I do not agree with the authors project. It is easier to tear down a barn than to build one. The heart of the article is in the right place: it will take a community to raise a child-like Internet to adulthood. I am sure, though, that Zittrains plan is not the complete care and feeding instructions.
Click here to return to the New Democracy Forum
Roger A. Grimes is Senior Security Consultant at Microsoft. He has written seven books and more than 200 magazine articles on the subject of computer security.
This is a response to Jonathan Zittrain's Protecting the Internet Without Wrecking It
Other responses in the New Democracy Forum:
Bruce M. Owen
David D. Clark
Jonathan Zittrain offers his own response to the