back to article Microsoft-loving (former) security czar calls for closed internet

Richard Clarke, the man who served President Bush as a special adviser for cyber security, has a five-point plan for saving the internet. Speaking at a Santa Clara University conference dedicated to "trust online," Clarke called the net "a place of chaos in many ways, a place of crime in many ways," but laid out several means …

COMMENTS

This topic is closed for new posts.
  1. john frey

    Imagination is a wonderful thing

    "What if we had a champion in the government who we trusted on privacy rights and civil liberties? What if we had a government advocate with real power to ensure that the government doesn't violate privacy rights."

    What if we had a fairy to grant all our wishes? What if pigs could fly? What if this guy actually believes what he's saying?

  2. Anonymous Coward
    Anonymous Coward

    Send round the men in white coats

    Required Equipment :-

    1) A strait-jacket

    2) A permanent detention order in the nearest asylum

    he's clearly barking MAD.

  3. Lou Gosselin

    How does a biometric id help on the net?

    How does a *biometric* id card help prove identify on the internet?

    A biometric card contains information in it that can be used to verify biometric data. As such and presuming it works, it would be useful to physically verify the owner of the card at a bank, store, etc.

    However on the internet, a web site has no biometric scanners. Sure they could obtain biometrics remotely via a scanner owned by the user, however this can be forged or subject to man-in-the-middle attacks.

    A major problem with biometrics is once a user's biometric fingureprints are leaked, they can NEVER be re-secured. Short of bodily alterations, the user has permanently lost his identify. A least a password or other credentials are less painful to update.

  4. Chad H.

    Where he lost all credibility to me..

    He's talking about the future of the net, something realy only geeks are going to pay attention too, but who does he keep name dropping?

    Uncle Bill!

    If he wanted to remain credible, he should name drop someone who didnt overlook the net, and tried to deny its existence until it was almost too late.

    Besides, name any major geek that gives Bill Gates any kinda credibility these days anyway.

  5. Anonymous Coward
    Anonymous Coward

    As usual...

    Vint Cerf was right, long before the rest of us were.

  6. Anonymous Coward
    Anonymous Coward

    Cerf has it right

    Tell Vint I'll buy the ammunition. :-)

    It's scary, to imagine how people so thoroughly unaware of how the Internet works--what it even is, really--might actually manage to get some of these notions implemented.

  7. Rich

    Why should the power grid be connected to the Internet?

    As far as I'm aware, it isn't - except through corporate VPN's, and even those are questionable.

  8. Anonymous Coward
    Anonymous Coward

    wtf?

    I wonder if the sky is blue in his world?

  9. LaeMi Qian

    hi-larious

    "the man who served President Bush as a special adviser" - nuff said :-/

    I am not sure that the idea of the US Government regulating the 'internet' is anything more than 'oh so last century'. Though forcing ISPs to crack down on bot-compromised PCs sounds like a pretty useful idea.

    "One thing you could do with a biometric ID card - if you wanted to - is prove your identity online," - well, 'prove' the identity of your biometric ID, at any rate. We are ASSUMING such a system is infallible, and that is laughably naive. Pass the cool-aid, please.

    "What if we had a champion in the government who we trusted on privacy rights and civil liberties?" - I imagine the US Government would pay it lip service or ignore it to suit itself just as they (and most other countries' govts.) have for every other such organisation in any sector.

    "Number four: A secure software standard." I assume such a "Microsoft Championed" standard would prohibit open access to source code as Explorer and Outlook have SO proved the Security Through Obscurity model. Forcing the internet to IIS wholly would be GREAT for security ;-) Especially after patching has been deemed unnecessary any more.

    "Clarke's fifth and final idea is a less than open internet." He seems to have described a set of intranets in critical positions being properly firewalled and VPNed. REVOLUTIONARY!!!

    Sounds like another 'expert adviser' who is only expert at giving advice, not actually knowing with any useful depth the topic being advised on.

  10. LaeMi Qian

    Re: Why should the power grid be connected to the Internet?

    Possibly he is getting confused about IP-over-power-line ;-P

  11. Adrian Esdaile

    Cthulhu Fhtagn!

    "because of certain shibboleths"

    Holy CRAP! Teh Internets is infected by Great Old Ones! No wonder them Good Ole Boys want to nuke it from orbit.

    Did this guy really say "shibboleths"? In a serious speech? Was he actually trying to scare people with Lovecraftian horror? Or am I missing some vital bit of I.T. fact and a 'shibboleth' is some kind of router?

  12. Anonymous Coward
    Anonymous Coward

    Ridiculous

    If there's one thing politicians and their advisors have in common, it's a distinctive separation of fervor between idealism and personal responsibility for implementation. How much do seated paper-pushers really know about the degree of exertion in the ranks? Not much, but I'll keep mum and let the reader ponder why.

    As of today, there are roughly 700 million connected computers on this planet. Yes, there are tracking cookies and other forms of privacy "evasion" everywhere, but only so much information is covered here. Now, we're talking about actually monitoring everything everyone does on the Internet. That kind of information could fill the Library of Congress several times a day, and that's just with the number of machines that are connected now.

    For the sake of information access, which I am not against in the least, organizations are starting to make WiFi-ready laptops available for less than a barebones tower sold for a few years ago. If the OLPC takes flight in, say, China and India, that 700 million figure will mushroom. And to monitor every single packet that traverses every ISP's bandwidth would call for more manpower than revenue can pay for.

    Furthermore, this security "czar" seems to be putting a lot of focus on perimeter security, a concept that has long since proven less than adequate to protect networks. As long as new novices are added to the connected community, with little to no prior knowledge of Internet security and hacking, every network is still vulnerable from the inside.

    What is the solution, then? I'd say our first priority should be to focus on a way to cut botnets down to size. If enough of these millions of existing Web surfers are educated on how to root out infections, and prevent them from recurring, they could pass this information on to new users, and take a sizable chunk out of the processing power at every bot master's disposal.

    Until Symantec has had plenty of time to refine and dispense its new concept of protocol whitelisting, and other security vendors follow suit (and new users are made aware of the need to install and upkeep this stuff), here's a way to lock down the major attack surfaces of a Windows (XP or 2000) PC and prevent malware from launching: http://invincible-windows.blogspot.com/

    Hope this helps!

  13. Damien Jorgensen

    lol

    That’s the funniest thing I've read in ages.

    A closed internet? Dont you just pull your internet connection and you get a closed network? The only reason they're hooked up to the internet is costs less to make a VPN than a spend money building a real network lol

  14. Chris

    None of his points are valid

    If you're going to spout off at the mouth, make sure that at least one of your five ideas is valid. None of his are.

    1. Biometric IDs are meaningless on the internet. There is no way for a website to know who is connecting. And with man-in-the-middle, session-hijacking, etc., information is easily copied/spoofed. But I'll go one step further and say that biometric IDs are meaningless in real life, too. A biometric ID will AT MOST allow someone to verify that your biometrics match those on the card. There is literally nothing saying that the data on the card proves your identity. We literally have no identities. All identity is assumed on the basis of trust. You believe that I'm "Chris" because I'm telling you that's who I am. It may or may not be true. Every single type of identifying document can be falsified. Given that, there is no way to prove your identity.

    2. U.S. Government oversight of the internet. Because that's what the rest of the world is calling for, right? Ignore the fact that various countries are ready to rip the internet apart because the U.S. government refuses to let go of the reins. Let's add more U.S. government regulation, because that's corrected all problems in all other industries. Assuming such regulation could be legally obtained, how would he propose to enforce such regulations in other countries? Some countries, for example the U.K. and Australia, will bend over for the U.S., but many others won't be so cooperative.

    3. Non-partisan organization dedicated to fighting abuses of government power. We (used to) have that. It's called "checks and balances"; it's the reason the government is split into three branches. But ignoring that, there will never be any such organization. Most politicians only care about obtaining and maintaining power. To change that would require a wholesale replacement of virtually all politicians at once, and that's assuming you could find honest, non-power-hungry people to fill all the roles. Ignoring that, Democrats and Republicans almost never agree on anything, simply out of principal. The only way to have a non-partisan organization on anything is to eliminate the political party system. Even if such an organization was achieved, how can you "fight abuses of government power" when said abuses are enacted by the President, who has been given unlimited power? He would simply render the organization irrelevant (much like he did with the U.N. when this Iraq war started).

    4. A secure software standard. Is this guy such an idiot that he thinks software will *EVER* be secure enough to never need patches? Newsflash: most authors do want secure software. But there are inevitably bugs, no matter how much testing a piece of software goes through. "Securing" electric devices is (over-simplified, I'm sure) easy -- design the circuity with fuses or circuit breakers to prevent dangerous over-voltage/over-amperage, and make sure hot/neutral never touch ground. Securing software which can have a virtually infinite number of factors and inputs is exponentially complex.

    5. A closed internet. Let's ask the Chinese people how well that's working for them. As for the power grid being connected to the internet, it shouldn't be directly connected, it should have a capable firewall in between it. I cannot think of any reason why the power grid needs to be publicly-accessible via the internet. So you have a firewall block incoming traffic (and, possibly, set up a VPN WAN). Newsflash: virtually all computers that connect to any telecoms company are connected to the internet, whether they know it or not. The telecoms will then route the traffic accordingly, whether it's between two VPN endpoints, a point-to-point WAN, or connecting a customer to the internet. All of that traffic goes over the same routers and networks -- the internet. It doesn't mean that all endpoints need to be publicly accessible.

    I do have to admit, though, I loved his thought of "Why shouldn't there be a closed internet? There are already relatively closed internets - and now we need to think seriously about expanding them." So you want to EXPAND a CLOSED internet. Wouldn't that make it more, oh, what's the word, OPEN? Using that logic, you could view "the internet" as a really big highly-expanded closed internet.

  15. Marko Alat

    There's security and there's security...

    Moral of this story is to stick to what you know, or risk appearing foolish.

    I've seen Richard Clarke interviewed and I've read transcripts of a number of talks he's given on his actual area of expertise, counter-terrorism, and the guy's no dummy. However, his having once had subordinates who'd use teh intarwebz to track terrorist activity does not make him an authority on the nuts and bolts of data security that he's commenting on here. Pity he didn't acknowledge that in himself... although, the man gotta eat, I suppose... if someone came up and went, "Here, come deliver a lecture on Mesopotamian mythology and we'll give you $20 G's," what's my response going to be except, "Hell, yeah."

  16. Keith T

    Clark gets IT, the internet is now in production, testers please go elsewhere

    It is interesting to read many of those people who attack major software vendors for distributing insecure code attacking the idea of forcing major software vendors to secure their code. Interesting and absurd!

    They want to say that MS should not be using the internet as a test bed for its insecure operating systems, and at the same time want to say that there should be no requirements for security on the internet.

    Citizens, governments, academia, and businesses are using the internet for production applications, including critical applications -- applications people's finances depend on, and applications people's lives depend on.

    We should not be doing this on a network that other people are simultaneously using as a test bed, or a hunting ground in which to victimize innocents. Testers need to build their own little test networks in their labs.

    Whether securing the citizen's, commercial, academic and government production network communications means tightening up the internet, or whether it means moving production traffic onto another network, I don't know.

    It is clear that if those who use the internet for production purposes leave it, the internet will collapse because the hobbiests and hackers aren't going to pay to support the infrastructure, and serious experimenters would rather use their own lab networks.

  17. Christian Berger

    We will have new 'closed networks'

    Well actually I believe in the future we will have new 'closed networks', but probably exactly the opposite of what Clarke proposed.

    People will build their own networks which are free of regulation from the government or companies, the later beeing the more serious thread to the internet at the moment. People _will_ build tunnels through the internet and build meshed wireless networks simply because in the future this will be the only way to have anonymity.

    Meshed wireless networks will provide access to areas where companies just don't think it would be worth it. Those networks, beeing in the hands of the participants, also would cost precisely the amount of money they actually cost. No artificial monthly or usage based fees, just the bare technical cost. And obviously, nobody in the network would have an incentive to lock out a competitor.

    So wait some time and we will have closed networks, but not in the way he proposes.

  18. This post has been deleted by its author

  19. Anonymous Coward
    Anonymous Coward

    Mr. President - lock down this series of tubes!!!

    Scary stuff.

  20. Corrine

    @secure software standard

    First, plug all of your systems in at once. Then go to the circuit breaker, and flip the circuit switch rapidly a good 30 times.

    Afterwards, drop the systems off of the roof, then they'll be *very* secure.

    Also, Microsoft should not be used in the same sentence as secure, or as in the same sentence as standard. Both of those words at once referring to M$ may possibly cause damage to the fabric of reality.

  21. Anonymous Coward
    Anonymous Coward

    Hmmm...

    "in the government who we trusted"

    Isn't that an oxymoron?

  22. James Condron

    sorce code

    Bollocks, i must have got the april fool's version of the source code checking memo.... I thought we were all _putting_ holes in our code and purposefully making mistakes, i especially didn't think of the idea of checking the stuff after writing it..

  23. amanfromMars Silver badge

    Fact or Fiction .......Spot the Difference?

    "Clarke said. "Why should the part of the internet that's connected to the power grid be open? Why should that part of the internet that runs nuclear laboratories be open? Why shouldn't there be a closed internet? There are already relatively closed internets - and now we need to think seriously about expanding them."

    Mr Clarke will discover that Web 2.0 is Command and Web 3.0 is Control and Web 4.0 is Command and Control.

    The Internet is not something you can compartmentalise to keep Inconvenient Truths from surfacing. IT is a Space into which SMARTer Processing of Information into IntelAIgents from dDeeper and Higher More Advanced Control Webs Inject/Feed for Media Production and Playing as the New Reality Policy dDelivered Virtually by Real SMART Boffins and CyberIntelAIgents into AIReSearch and Development.

    Real Spooky? .....http://www.bbc.co.uk/spooks/ ...... MI6, way ahead in the AI Game, do you think? Pioneering ARGonauts on Virtualised Quests?

    Well, at least now we know that if it is not, it can be.

    And that Technology is ....... well, Priceless Really, but Easily Told in Private and Personal Confidential Consultation. ITs Proxy Application with Mentored and Monitored Support InfraStructure can be purchased though..... with Investment Interest Paying for the Driver Programming.

    Which is really Capitalism putting ITs House in Order with Resting Investor Funds, Generating from the Banking System, a Credited Virtual Wealth for Future Star Turns/Performers/Entrepreneurs to deliver on their Word.....and ITs Promise.

    Who loses what in that scenario, and is it anything worth having if it can be delivered by everyone else/anyone else?

  24. Edward Noad

    Close the Internet?

    How exactly does he plan to "close" the internet? From where I'm watching the Internet seems to be wide open, not just to anyone who cares to get on it but also to anyone who cares to expand it or add new structure to it.

    It's not like the institutions he listed can't remove themselves from the Internet and join/start some other private packet-switched network. If they aren't happy with encrypted tunnels over the net why don't they fund their own copper/fibre/whatever links to all the other worldwide sites they want to talk to?

    Oh, that's right, because it's prohibitively expensive and a pain in the ass to administer all that gear yourselves, I remember now...

  25. Anonymous Coward
    Anonymous Coward

    Software monopoly is the no1 threat to computer security

    How well would problems caused by design flaws go down in the media and with consumers if we had a healthy market with at least 3 or 4 equal size competitors?

  26. Anonymous Coward
    Anonymous Coward

    Re: Why should the power grid be connected to the Internet?

    Because otherwise your computer won't switch on when you press the power button. It's the first thing the tech support guy told me, and, you've got to plug the monitor in as well. This feller Clarke is a complete fool, he doesn't know the first thing about computers!!

  27. Anonymous Coward
    Anonymous Coward

    Re: Internet Shibboleth

    Weirdly:

    http://shibboleth.internet2.edu/

    Heh.

  28. Lickass McClippers

    Vint Cerf...

    ...needs to assemble his firing squad again...

  29. Anonymous Coward
    Anonymous Coward

    Shiboleth

    1 a : a word or saying used by adherents of a party, sect, or belief and usually regarded by others as empty of real meaning

    But I must admit I liked your Lovecraft take on it but its from some ancient hebrew dude.

  30. Robert Ramsay

    What if...

    "What if we had a champion in the government who we trusted on privacy rights and civil liberties? What if we had a government advocate with real power to ensure that the government doesn't violate privacy rights."

    *Clarke points to self and clears throat repeatedly*

  31. Anonymous Coward
    Anonymous Coward

    @Adrian

    Actually a Shibboleth is a sort of "Sacred Cow" with knobs on. A concept.

    You're thinking of a Shuggoth.

    TeeCee

  32. Torben Mogensen

    Secure software

    This is the only reasonable point he makes, and it is not completely impossible (just hard).

    Few of the languages used for Internet applications (least of all C) have any kind of security guarantee. Java has a bit of it through bytecode verification and sandboxing, but the languages used to implement bytecode execution/translation do not. And if the flaws are in your browser (typically written in C), it doesn't help much if your bytecode is secure -- you've lost even before you get to run the bytecode.

    While security can never be 100% tight -- there is still the human factor to consider -- it can be _a_lot_ better than it is now. Write your programs in languages that can't have buffer overflows and which are amenable to analysis, use proof-carrying code, enforce sandboxing, etc. There are a lot of known techniques that would make things so much better, so you don't really have to invent anything new, just decide to use what is already there.

  33. Dr. Mouse

    LOLololol....

    ....lololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololololol.

    Sorry, I have just got into trouble for laughing so much in the office after reading that article and it's comments.

    Firstly, the guy lost all credibility as soon as I heard he was, basicaly, promoting Microsoft and talking about internet security at the same time. I don't mean to p!55 off any MS-lovers out there, but if you have, say, two networks, one using a MS server as it's firewall to the net, one using a Linux box, which one would you be able to break through first?

    2nd, I have seen the UKs National Grid computers. They are not connected to the internet (except maybe in the limited way of using VPN's between sites, I didnt get THAT close, I was only a contractor). They are not even connected to the corporate PC network. If the good ol' US of A does it differently, they are even more STUPID than I have always believed (read what you will into that comment :)

    Biometric security, hmmm... Something that relates your biometrics, as in things about your body, to a specific identity. Ermm... havent we had these for many years? In the form of ID cards with photos on them? Just because we use some new technology doesnt mean you wont be able to get fake ID's any more. Fake passports have been available for many, many years. All biometrics do is prove that, assuming said identity is real, you match it.

    Right, I had better get back to work now, my boss is giving me dirty looks. Too bad I dont have a tape safe... Or a cattle prod, roll of carpet, shovel and lime.

  34. Anonymous Coward
    Anonymous Coward

    shibboleths

    It's a commonly used word derived from Hebrew referring to the colloquialisms used by a certain group.

  35. Leo Nicholson

    Just a little bit behind the times, here, aren't we?

    What if America ruled the world? On the other hand, what if the US was told to pay off its trade deficit?

    Actually, what about creating a closed internet? Maybe Microsoft could get involved - or AOL. I seem to remember in the muddy depths of time AOL had a subscription-based system. I'm pretty sure these days it's only morons, cretins, grandparents, moronic cretins, cretinous grandparents, moronic grandparents and moronic cretinous grandparents that use it, occasionally.

    Does a closed internet still seem like a good idea?

  36. Nick Palmer

    @Adrian Esdaile

    Actually, "shibboleth" was a password used by the Israelites in the Old Testament, because their enemies couldn't pronounce it; interestingly, the idea was updated in WWII by the Parachute Regiment, who adopted the phrase "Whoa Mohammed" after realising that their German opponents had trouble pronouncing a W as anything other than a V.

    I think Chris has said pretty much all that needs to be said in response to Clarke's idiocy.

  37. Alex

    @ LaeMi

    If you (or the author) had bothered to look into the guy's history, you'd see he had the same job under Bush as he did with Clinton, and that he was the only member of the executive branch on 9/11 who has apologized to the families of the victims for the failures of the government.

    Yes, he seems to have zany ideas here, but that doesn't mean he's a Republican shill. The right-wingers in the US treated him like a pariah after his testimony about the Bush administration's blind eye to the threat of Osama.

  38. Dave

    Keynote

    I watched Richard Clarke deliver his (excellent thought slightly fanciful in my opinion) keynote at Blackhat a couple of months ago and it saddens me to see him now make a fool of himself in this way. He's definitely outside his area of expertise now.

  39. Anonymous Coward
    Anonymous Coward

    @Chris

    Excellent analysis :-)

  40. Roy Stilling

    Too big an installed base

    It's too late now to re-architect the internet in the ways this guy would like - there's just too big an installed base of the current protocols around the world for it to happen - that's why we'll still be using IPv4 for the foreseeable future, along with SMTP email and all the other protocols that could do with an overhaul but won't be.

    Yes, I'm sure in certain closed and semi-closed environments, such as IPv6 academic networks, corporations, the military etc, where you can enforce protocol upgrades, some of these things may happen, but it won't happen to the wider public internet.

    And even if he did get something like what he wants, I can see work-arounds appearing. Why do we have HTTP based web services? Because network admins are picky about which ports they'll open, but have little choice but to open port 80 et al.

  41. amanfromMars Silver badge

    NeXXXXt Generation Services ....... Al Fresco Base

    "The only reason they're hooked up to the internet is costs less to make a VPN than a spend money building a real network lol" ..... Damien Jorgensen

    And a VPN costs nothing but Interest to Set Up to Deliver Capital and Capitulation.... Who Dares Win Wins Territory Ably Administering Merciful Justice and ITs Reward.

    Sp00ky Stuff...... which Patrols Controls in the Virtual Domain of the CyberSpace Created .....with Thoughts Shared and InterNetworking Together, Boldly Going Magical Mystery Turing, courtesy of CyberIntelAIgent Services and Specialist Applications Programming?

    Could be/Can be/Is? :-)

    Do you think British IntelAIgents are Responsible for/Liable to/Worthy of Costs for any such Virtual Machine Invention Permitting Virtually Real Interactive Play.... Control Games at A.N.Other QuITe Alien Level Playing Field?

    Which pretty much tells y'all that IT is. ..... or should be? :-) Dealers Choice that one..... although the Game is always basically the Same as in Poker's Variations on a Theme..... which always relies on the Banks Winning for Winning Winnings/StakeMoney.

    AIRinger for Love of Her Game? Or the Real Thing with hands to ITs Engine?

    Whose Call or Raise is IT? Future IDeal or Present Imperfect?

  42. This post has been deleted by its author

  43. Graham Dawson Silver badge

    re: Moral of this story is to stick to what you know, or risk appearing foolish.

    Tis better to keep your mouth shut and be thought a fool than open it and remove all doubt.

    Sometimes I have to remind myself of that... :)

    Anyway there's not much to add, though I expect a lot will. The man speaks of things that he has only a passing knowledge of and speaks with the gravitas and authority of assumed knowledge. In other words he's the perfect politician. Par for the course really.

  44. Anonymous Coward
    Anonymous Coward

    Can I come and watch?

    I'm against the death penalty for being stupid, but I think this guy is happily trying to plug MS for profit - so that's malice, not stupidity.

    Having said that, I'd suggest a public venue and the sale of paintball guns, for 24 hours or so. All he's allowed is a face mask - he's got his hands for the rest. That's much better because you can repeat this anytime he speaks again - could work for a lot of politicians as well, come to think of it.

    [Sorry, political stooges always irritate me]

    BTW, there IS a segregated section of the Net for people like that. Give them 127.0.0.1 to play with. It'll be enough to induce Repetitive Stain Injury (no, that 'r' is is deliberately missing).

  45. Stuart Van Onselen

    Shiboleth

    It seems someone mistook Shoggoth for Shiboleth, by accident or design. :-)

  46. Anonymous Coward
    Anonymous Coward

    Biometric ID's are easy to defeat even in person, much less online

    "One thing you could do with a biometric ID card - if you wanted to - is prove your identity online," he said, as if taunting his critics.

    There is a very interesting Mythbusters episode addressing this in which very simple techniques were used to trick biometric ID systems like fingerprint scanners. Summary here:

    http://mythbustersresults.com/episode59

  47. Simon.W

    What a tosser

    ...that Clarke is.

    I thought I'd just get that one in before I was biometrificated (did Bush call it that?) and had my post deleted before I'd even hit the submit key only to be disturbed by three suits (NSA, CIA, FBI) all with shades holding out a nice orange boiler suit for me.

    And with BillG backing the conference; he's obviously finding it tough to sustain the trustworthy computing initiative: I suppose if he closed the internet he could pocket the money he's spending on decent(er) coding!

  48. John

    Software without bugs!!!

    ...From Microsoft !!!!!

    Spoken by a man who has clearly never written a line of code in his life

  49. amanfromMars Silver badge

    @ LOLololol....

    "2nd, I have seen the UKs National Grid computers. They are not connected to the internet (except maybe in the limited way of using VPN's between sites, I didnt get THAT close, I was only a contractor). They are not even connected to the corporate PC network."

    Dr Mouse,

    That was a Priceless ForeSight for Virgin CodeXXXX.

  50. b166er

    Walled Eden

    If we take the internet as being analogous to the worlds transport infrastructure, should we have armed guards on every street corner?

    How like a government to try and convince it's people of the need for barriers, when the majority of people are quite happy for things to be open. If the US government want a closed internet, let them have one. I welcome all US citizens to live in a less oppressive part of the world while their governors play in the sandpit.

    How insecure a government that says, we'll make you safe by removing the fears we told you exist. It's as if they realise that they are just a bunch of civil servants and without striking fear into the hearts of their electorate, they would only have policies to keep them in POWER.

  51. amanfromMars Silver badge

    Hello Wwworlds....... <Run> :-)

    <<<Mr. President - lock down this series of tubes!!!

    By Anonymous Vulture

    Posted Wednesday 3rd October 2007 07:15 GMT

    Scary stuff. >>>>

    Hmmm? Asture NEUKlearer Weapons Launchers, Anonymous Vulture, or the Key to UnLock All Codes with Non Secret Encryption?

    AIBinary Viking Raid Bearing Danegeld Treasure..... in XXXXStream Magic.

    I Kid U Not.

    Is IT Power Generation via Quantum Processing of Imaginative Input/Feedback/Output Control Loops/SMARTer IntelAIgent Hubs for CyberIntelAIgent Trafficking/Marketing of IDEntities..... Change Control AIgents in Programs.

    Think Virtualised MkUltra Programming to get a flavour of ITs SurReal Enigmatic dDelights/Flights of Fancy.

  52. Andrew Kirch

    more than one amendment

    Just in case this guy has forgotten the first, fourth, ninth, tenth, and fourteenth amendments. Fortunate then that I have not forgotten the second.

  53. Cameron Colley

    How surprising...

    That someone show works for a corrupt organisation wants them to own the internet -- I suspect that people who work for the bunch of criminals who run the UK would like to own the internet too.

    I, for one, would rather see a more credible crime syndicate than the US or UK government run the internet, however.

  54. Andy Enderby

    errrr.....

    Isn't there a small cottage industry flogging stolen ID's ?

    And exactly what is going to validate that the ID is being used by the person to whom it was issued (if it's even genuine).

    Are we going to have to submit DNA before updating a blog ?

    Software that doesn't need patching ? Standards determined by M$ ? errr...... no M$ software ever needs patching ? Security ????????

    At a conference paid for by M$

    Can anyone smell a large and rancid barrel of pork up for grabs ?

  55. Christian Gerzner

    Title

    This guy is a microshaft executive?

    He's also for real?

    Christian

  56. amanfromMars Silver badge

    MS Fire Sales?

    "Can anyone smell a large and rancid barrel of pork up for grabs ?" ....in a Sub Prime OS Market. Junk Bond Territory?!.

  57. Mike Moyle

    Uh... really?

    "This is not a revolutionary idea. We put this in place a long time ago for electrical appliances."

    If we actually DID that, we wouldn't see the little plaque on those hot-air hand-dryers in restrooms that say "Disconnect from electrical supply before servicing."

    Because, you know, we made them inherently safe by design,after all, and lazy/rushed/stupid people never use or service these things.

    ...just like computers.

  58. Keith Doyle

    No need to force ISPs...

    1. Biometric IDs are no less hackable than any other security measure, and it was an interesting point another commenter made about the inability to re-secure them.

    2. Bill Gates was a) blindsided by the internet and b) has a vested interest in proprietary closed systems. Consequently, his opinion of where the future of the internet should go is worth less than zero.

    3. No need to force ISPs to crackdown on bot compromised PCs-- it's in their interest to do so, all you have to do is make it easy for them and they will likely opt to do it without force...

    Just another technoclueless politico. "Regulate the internet" is an oxymoron, plain and simple. Get a clue-- it was very specifically designed that way.

  59. Marco

    Nescis mi fili, quantilla prudentis mundus regatur

    For those having trouble with Latin: "My son, don't you know with how little sense the world is ruled?"

    Which shows nothing much has changed the last 2000 years.

  60. adnim

    A matter of time

    That's all.... ISP's will do whatever the law tells them.

    If anyone reading this has internet access without going through some kind of provider, I would be interested.

    Remember, at least in the UK most of the recently passed laws, I would not be surprised if this is true for the US and some of Europe either, have had the sole purpose of monitoring and restricting the behaviour of the populace.

    Power, control, the maintenance of the status quo and keeping the sheep scared are all that is of importance to the powers that be. The internet offers a nearly free and potentially unrestricted flow of information, and some of that information is true. And that scares governments just as much as dictatorships. For further thought, what is a free market democracy if it is not something dictated by market forces? And what of those whom control those forces?

    See this speech as primer. The idea is out there now, floating in the air. Though ridiculed by many, at the same time some will be rubbing their hands together getting high on the thought of all that control. Getting hard over the thought of all the dollars to be made.

    I feel sad for the future of our grand children's children for I fear they will not realise the freedom or choice I once had.

  61. Anonymous Coward
    Anonymous Coward

    "Shibboleths"

    You keep using that word. I do not think it means what you think it means.

  62. Scott Dunn

    Another old idea...

    Next thing Clarke will do is tell us we need to use a more secure networking protocol originally proposed by Microsoft when they *woke up* to the internet at their door. Fortunately we all laughed at that idea.

    I'm ready for another laugh. Only this time, the networking protocol will be encumbered by patents to prevent the propogation of Linux. Please pass the nitrous.

    Thanks.

  63. Joe Futrelle

    Electrical appliances are safe?

    http://www.usfa.dhs.gov/citizens/all_citizens/home_fire_prev/electrical.shtm

    choice quotes:

    During a typical year, home electrical problems account for 67,800 fires, 485 deaths, and $868 million in property losses.

    The home appliances most often involved in electrical fires are electric stoves and ovens, dryers, central heating units, televisions, radios and record players.

  64. chris

    Reality check

    Unfortunatly, in most of our current law situations, is that: Most people break the law every day. It not that their criminals, its that we ( I can only represent my limited english speaking american experience) have a society that has one set of rules on paper, and another out in the hall with hand shakes and pats on the back. Our corp and legislative leaders alike. And until we elimate government corruption, and overly greedy execs. This Security standard will be a liability, not just so software companies; but to our digital freedom, as a whole.

    So i propose an alternative to the survilance/security culture: Personal responsibility, and lets face it its been a while since we've seen it, old fashioned police work!

  65. amanfromMars Silver badge

    Bye Bye Baby Political Hacks...Hello Non-State Actors, a la Cotonou Rules.

    "So i propose an alternative to the survilance/security culture: Personal responsibility, and lets face it its been a while since we've seen it, old fashioned police work!"

    chris,

    How much simpler to Short Circuit the System and Present IT with something prepared earlier for IT to Discover, and Report on.

    Important Things like who delivers the News which shapes ....well, Every Life .... Pushed by ITs Media Coverage, Cloaked as a Recording but in Actual Fact, a PreMeditated Act and Cynical Abuse of Perceptions Management Protocols. ....Proliferating Chaos.

    J'accuse .................. * whoever they are.

    [* StrawPoll Vote]

  66. Charles Hammond

    Close the Internet to Spammers

    The Internet was created for Open communication, sharing Ideas, and for a way for Governmental entities to communicate.

    What I see is a need for most is to close the Internet to Spammers. All people doing advertising should have to have a license and their from address should have to provide a means of identifying them. I think I have seen enough adds for viagra and penis enlargement, thank you very much. I also dont want to help a Nigerian to reclaim my money.

    You could say that Microsoft is the problem, not the solution.

    I for one could live with a requirement that there be a way to identify all people on the Internet in some way. Maybe there needs to be a licensing authority for all E-mail.

    I have often thought that there also needs to be interconnects on the Internet between countries where one country could block access by the country of origin when attacks are coming from a specific country. So the E-mail license should be issued by the country of origin.

    People just can not be trusted.

  67. E

    He has one point...

    Why should computers that operate things like power generation facilities be addressable from the 'net?

    IIRC the huge crash of the power grid on the eastern seaboard of north america in 2002 was traced ultimately to a corrupted computer in a generation facility in Nebraska or so. It had a virus.

    The lay public has no business messing about with such systems, why put them on the net.

  68. Vince Daliessio
    Thumb Up

    This Is What 'Net Neutrality' REALLY Looks Like

    This lifetime bureaucrat wants to - surprise! - completely regulate the internet and force a biometric national ID on us all to boot. There is no expletive adequate to express the antithetical nature of such nonsense to the freedom of the internet. Anybody who advocates for government-legislated 'net neutrality' is placing all of our freedoms at the mercy of cretins like this. You have been warned.

  69. Shaw Summitt
    IT Angle

    ePowerGrid?!?

    WTF???

    "Why should the part of the internet that's connected to the power grid be open? Why should that part of the internet that runs nuclear laboratories be open? Why shouldn't there be a closed internet? There are already relatively closed internets - and now we need to think seriously about expanding them."

    I used to like Richard Clarke for his stand against the Bush administration regarding the lack of WMD in Iraq.

    Now I see he is just a rabid fear-monger like the rest of them.

    No one but a world class idiot would put a computer controlling the power grid anywhere near an open internet connection.

    He is a wolf trying to scare the sheep into accepting one more sacrifice "for their own good."

  70. Bronek Kozicki
    Coat

    Software security

    In case someone still following this ... I have years (more than a dozen) of experience in the software industry and one thing that annoys me most is software owners (i.e. companies who paid programmers to do their job and own source code) who would rather keep prehistoric source code and keep adding features (and bugs, in increasing ratio) than to rewrite the whole damn thing to fit its (new) purpose. Requirements do change and so should designs and architectures, but who cares - if we use enough wire and plaster we can do amazing things with the old code. And when the whole thing is already dead under the load of its complexity, lets trash it and follow the newest fad (who would ever bother with software engineering!)

  71. Thomas Vestergaard
    Coat

    On software security and spam <OT>

    @Bronek Kozicki

    I only worked in the software for a year or so before getting annoyed with that attitude. But hey - on some point they will just have to scrap the entire source base and start over with whatever the specifications have evolved to. And the customers will of course demand the same features as in the previous version, which have been under development in 6 years or more.

    @Charles Hammond

    LOL - what a joke. Closing the net to spammers? For real? That must be some good drugs! Care to share? Or don't you trust me?

    Please get a clue before you make more of these nonsensical comments! And please don't relay them to anyone with any kind of public influence - perhaps except your local sysadmin.

    More seriously:

    The best way to stop spam would be, if people could just stop buying stuff advertised in spam - but realising that there will always be stupid people around, this is not gonna happen.

    One viable step to stem spam would be to get people to configure their mail-servers properly. Through prudent practices for using my email (like not submitting it to "spamchannels", clicking "unsubscribe" links, etc.), and having well managed mail server, I am down to receiving 10-20 spam-mails a month, whereof most are caught by the server-side filters and the rest by Bayesian filters

This topic is closed for new posts.