|
The attacks against Google emanating from China and the subsequent speech by the US Secretary of State on Internet Freedom have exposed cyber security issues to a wider audience in recent weeks. Perhaps predictably some old ideas are creeping up that should be slapped down quickly.
Myth number 1. The US engages in cyberwarfare.
First let’s address Jack Goldsmith’s comments in the Washington Post. His thesis is that Hilary Clinton is being hypocritical when she calls for a halt on cyber attacks, particularly from China. He is actually parroting China’s response! Now, the US is not completely blameless. The NSA does indeed spy on US citizens via Internet taps at ATT data centers, a practice set up by the Bush administration and tacitly condoned by the Obama administration. But Goldsmith attributes way too much to the US in its cyber capabilities. I do not deny that I have encountered the desire to have cyber attack capabilities within the Defense Department. I have not seen evidence that the US has such ability. Anecdotes abound but they tend to lead to single sources or outright hoaxes.
I find it interesting that Goldsmith is one of the participants in the committee that produced "Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities," a document that goes over all the arguments against having cyber attack capabilities then supports it.
It is inevitable that the US builds up its cyber warfighting abilities. But to compare the US’s capabilities to China is out of proportion.
Myth number 2. The Internet needs to be controlled
We learn from “The Curious Capitalist”, Barbara Kiviat, at Time that an executive at Microsoft presented a worn out theory at Davos. The argument goes like this: the Internet was never meant to be “to be a worldwide system of mass communication” . It grew into the scary place it is today because there were no controls imposed. Craig Mundie, Microsoft's chief research and technology officer goes on to propose the imposition of authentication. He draws an analogy to automobile use. If you want to drive a car, you have to have a license (not to mention an inspection, insurance, etc)
The idea of assigning one identity to each individual is the basis of all states of course. How can you control people if you do not know who they are? (Or where they are, or what their health is, or how much income they have, etc.) This idea applied to the Internet as a whole is ridiculous but it does not stop the likes of Mr. Mundie proposing it. It takes many forms; the most organized is the Trusted Computing Group and their technology solution which has led to hundreds of millions of extra chips being installed in laptops and hand held devices. Not, mind you, innovative devices like iPhones, iPads, and book readers; once again demonstrating that no matter how smart you are you cannot impose controls on something you do not control. Microsoft, by the way, is one of the founding members of the Trusted Computing Group, Apple is not.
The danger of these myths is that policy and spending will be misappropriated if they persist. Reality has a way of imposing itself regardless of theories. It is best to have a firm grip on reality before setting national policy or investing in technology.
|
