Tech Futurist Sees Rosy Prospects for Net Security
What if legislation were passed that would assign ISPs liability for security-related damages caused by customers' machines? That's the scenario Esther Dyson described in a speech she gave Sunday at the World Congress of the Information Security Forum. Her envisioned result: a safer Internet in which legitimate business thrives and criminals can't find a foothold.
Sometime between now and the year 2019, Comcast will start going after botnets and will stop sending malicious Web traffic to its customers. Google will send up more alarms if your search results include possibly infectious links. Microsoft and Apple will get better at plugging holes in their software. The U.S. Congress will assign liability for bad network security, and economic incentives will be taken away from hackers looking to make a quick buck.
An H.G Wells-like vision of an information technology utopia? Maybe, but it's also futurist Esther Dyson's take on what might happen during the next decade if current private initiatives involving computer security start taking root throughout countries and societies.
Dyson presented the scenario at the Vancouver Convention Center Sunday during a keynote address for the 20th annual World Congress of the Information Security Forum, a nonprofit group representing some of the top computer security specialists working for private companies and government agencies around the world. Dyson, chairman of EDventure Holdings, is a former chair of the Electronic Frontier Foundation and the Internet Corporation for Assigned Names and Numbers (ICANN). She is a longtime technology entrepreneur and tracker of digital trends and the author of Release 2.0: A Design for Living in the Digital Age.
Her outlook, she admits, may not be likely now, as ISPs and the FCC get ready to duel over Net neutrality. "But it's more likely if you make people talk about it and say, 'Why not?'" Dyson told TechNewsWorld. "If you make people share the costs from the damage that can be done from bad security. The companies would benefit from having a secure Internet that more people use."
The Next Decade of Security Progress
Dyson gave her speech as if it were being presented to the ISF 10 years hence as a report on the past decade of information security developments. Yet her proposals also reflected current debates and trends, including a proposition currently making the rounds in the U.S. healthcare debate -- shifting from healthcare to preventive health maintenance and lowering medical costs by emphasizing healthier choices. She equated that issue to the computer security dilemma. "The public perception of economics started to become better informed," she told the ISF audience as if speaking from the future. "People began to realize the cost of healthcare borne by other people. The arguments is about whether I should pay for somebody else's bad behavior versus if I'm sick, shouldn't society take care me? That same thing can be applied to a company's bad behavior regarding security."
In Dyson's scenario, a fictional U.S. senator who owns a major business suffers a distributed denial of service attack in 2011. "And once somebody in Congress becomes a victim, something starts to happen." The result: legislation that assigns ISPs liability for damages due to customer's machines.
"ISPs started buying security software and installed it on consumer's machines. Those who wanted to do this themselves could do so but paid a bond to the ISPs. Suddenly economics started incentivizing people to do the right thing."
Costs would initially go up with these moves as new infrastructure was put in place, Dyson admitted, but the costs in damages and support would start to dwindle. Insurance would be the final wedge in opening the door on a new, more secure Internet. "Insurance companies became active in reducing rather than distributing risk," she said. "They started hiring security experts. Much the same thing happened in the fire insurance business a century ago, when insurance companies became actively involved in inspecting buildings."
Widespread adoption of basic security measures such as strong authentication and signed email -- "the kinds of things that should have happened long ago" -- finally do happen in Dyson's portrait of the near-term future. "The safe Internet became larger and larger because that's where people wanted to do business. The amateur criminals were driven out of business by economics."
Dyson on Social Media
Dyson describes herself as a longtime catalyst of technology startups and was an early financial backer of both photosharing site Flickr and social bookmarking service Del.icio.us. The advent of social media is another chapter in the story of electronic communications, she said. "It's fascinating because things that simply were not possible are now possible. Email gave you the opportunity to talk to anybody one-on-one. Twitter gives you the opportunity to broadcast, and Facebook gives you the chance to find your audience. Each of them gives you, if you like, a different power and different capabilities."
While social networks and computers give people the opportunity to spread their identity, they can be used to extremes. That also goes for criticism of Twitter and Facebook as passing techno-fads. "It's certainly not a fad. It's a broad new capability that will end up reflecting human nature. It's not going to change human nature, but it does allow human nature to flow in different ways."
Social media's impact on business: "It's clearly creating business opportunities but most businesses haven't caught up with this. They see social media and say, 'Oh, we can go interrupt you' the way they're interrupting TV shows. Companies need to learn how to join the conversation rather than interrupt it."