The Internet is expanding at an unprecedented rate. However, along with the enormous potential benefits, almost all of the risks discussed here in past columns are relevant, in many cases made worse by the Internet, due to widespread remote-access capabilities, ever-increasing communication speeds, the Net’s exponential growth, and weak infrastructure. This month we summarize some of the risks that are most significant, although we can only skim the surface.
Internet use is riddled with vulnerabilities relating to security, reliability, service availability, and overall integrity. As noted last month, denials of service are easy to perpetrate. But more serious attacks are also relatively easy, including penetrations, insider misuse, and fraudulent email. Internet video, audio, and voice are creating huge new bandwidth demands that risk overloads. Some organizations that have become hooked on Internet functionality are now incapable of reverting to their previous modes of operation. We cite just a few examples of risks to personal privacy and integrity intensified by the Internet:
- The Internet’s vast communications and powerful search engines enable large-scale data abuses. Massive data mining efforts intensify many problems, including identity theft. Cookies are one complex component of Web technology, and possess both positive and highly negative attributes, depending on how they are used.
- False information abounds, either accidentally or with evil intent.
- Privacy policies relating to encryption, surveillance, and Net-tapping raise thorny issues. Digital-certificate infrastructures raise integrity problems.
- Anonymity and pseudo-anonymity have useful purposes but also can foster serious abuses.
- Obtrusive advertising, spamming, overzealous filtering, and Internet gambling (often illegal) are increasing.
- The many risks involved in Internet voting are not well understood, even as some jurisdictions rush ahead with fundamentally insecure implementations.
- Nonproprietary free software and open-source software have opened up new challenges.
The question of who controls the Internet is tricky. In general, the Internet’s lack of central control is both a blessing and a curse. Various governments seem to desire pervasive Internet monitoring capabilities, and in some cases also to control access and content. In most cases, many corporate interests and privacy advocates want to avoid such scenarios. Domain naming is controversial and exacerbates a number of intellectual property and other issues that already present problems. Mergers are tending to reduce competition.
The global nature of the Internet intensifies many of the problems that previously seemed less critical. Local, national, and international jurisdictional issues are complicated by the lack of geographical boundaries. Legislatures are rushing to pass new laws, often without understanding technological realities.
The Uniform Computer Information Transaction Act (UCITA) is currently being considered by state legislatures. Although championed by proprietary software concerns, it has received strong opposition from 24 state Attorneys General, the Bureau of Consumer Protection, the Policy Planning Office of the Federal Trade Commission, professional and trade associations, and many consumer groups. It tends to absolve vendors from liability, and could be a serious impediment to security research. Opposition views from USACM and IEEE-USA can be found at www.acm.org/usacm/copyright/ and www.ieeeusa.org/forum/POSITIONS/ucita.html, respectively.
There are also many social issues, including the so-called digital divide between the technological haves and have-nots. Educational institutions are increasingly using the Internet, providing the potential for wonderful resources, but also frequently as something of a lowest common denominator in the learning process. Controversies over the mandated use of seriously flawed filtering technology in Internet environments further muddy the situation.
The potentials of the Internet must be tempered with some common sense relating to the risks of misuse and abuse. Technological solutions to social problems have proven to be generally ineffective, as have social solutions to technological problems. It is crucial we all become active, as individuals, organizations, and communities, in efforts to bring some reasonable balance to these increasingly critical issues. The benefits generally outweigh the risks, but let’s not ignore them.
Join the Discussion (0)
Become a Member or Sign In to Post a Comment