Tuesday, February 19, 2008

Internet Security Police State

It seems weird to me how much in the Internet has changed, for many people, over the past 10 years. It used to be that the end user was considered an innocent victim on the Internet, and that the network had to protect them against the attacks that they would find themselves under on an almost daily basis. What's happened, however, is that the average computer that the end user uses has become as much a part of the attacker's life as it is a part of the end user's life. Security used to be relatively easy - you keep the attackers out at your main entrance points, whether you call it your upstream peers or drains or "tubes"... okay - most actual professionals would never call it tubes. Now you have to take the security stand that every end user device is a zombie of a larger evil foe somewhere in the ether, and you need to protect yourself against everyone. It's sad that if you don't take this stance you are not only endangering your customers, but yourself to being subjected to denial of service attacks, or worse.

That said, now this great free open area to express new ideas and new concepts is quickly turning into a police state. Providers are frantically attempting to protect themselves, as well as their customers. The cost of this protection? Freedom on the 'web. Then here comes the US Government trying to make sure that the Internet stays "free" by the push of legislation for "net neutrality", the strong-arm tactic to say that internet providers should not restrict, limit, or prioritize the traffic coming into a cusotmers machine. So the attacker in the eastern block who has is zombie army trained on you, sending thousands of packets attempting to find a weakness in your defenses, is actually be helped by the federal government. Why? Because your best line of defense would be a Service Provider that could stand up and take actions to block the attacks for you.

Many providers have blocked ICMP for nearly a decade now. Since this is restricting information on the internet, would they have to open this up? Can you filter attacks before the attack's destination to mitigate effects?

I fear a landmark court case in the next 5 years where a major hacking organization somehow is able to sue because their packets are being blocked by a firewall not at the destination site. Until there are wholesale changes to how information is shared on the internet, it should be considered an inherently hostile environment. I know it's a cliche to say "just because I'm paranoid doesn't mean someone isn't out to get me". But man, it's true.

1 comment:

Christy said...

No, no, no... it's "Just because I'm paranoid doesn't mean EVERYONE isn't out to get me" =P