Perimeter
1/28/2011
01:43 PM
Rob Enderle
Rob Enderle
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Internet 'Kill' Switch: Balancing Security And Freedom

Why it's important to have controls in place before deploying such a powerful tool

Security and freedom often seem at cross purposes, and that hasn't been any clearer this week than in Egypt where virtually all public communications have been cut off in an attempt to quell an internal uprising. There are good reasons to have an Internet "kill switch" -- reasons that are security-related and have nothing to do with sustaining government control, like stopping the spread of a particularly nasty virus until a remedy can be discovered. Even in the case of an attack either internally by a minority or externally by a foreign power, eliminating services like the Internet or GPS could save lives and protect the legitimate government. But if the tools were misused to protect an illegitimate government or to directly harm the people, then it would be a bad thing.

The question being asked is whether a tool that can be used powerfully for good or evil should be allowed to exist. If the answer is no, then virtually all tools -- from hammers to nuclear energy -- should be eliminated. This suggests the focus on the tool is foolish; the focus should be in on the protections surrounding tools.

This speaks to arguments pro and con about gun purchase and even the exploration of alternative energy sources. But particularly with security tools, which mostly all have a dark side, controls should be in place before they are allowed -- not the other way around. With the Internet kill switch, a discussion of whether there should or should not be one is moot. The benefits of having one are simply too great against what is clearly an increasing risk. However, if the discussion is to have merit, then it needs to change to the protections over such a switch to make sure it isn't used as it was in Iran -- and maybe in Egypt -- against the people it was envisioned to protect.

But this isn't easy because excessive control would likely eliminate its usefulness in its intended purpose, while inadequate controls won't provide the necessary protection. This suggests that the final decision to use such a tool should reside outside of elected government and with a small number of people who would not benefit personally from the misuse of the tool, couldn't be bribed or coerced to act improperly, but could still act quickly enough to stop a real threat. Such an entity might have to be created because existing law enforcement doesn't have the needed independence. While the Supreme Court in the U.S. fits many of the requirements, even that wouldn't likely be able to act quickly enough. The formation of such a group should precede any deployment of tool with this much power.

Security tools often have the ability to both provide great protection and to do great harm. An Internet kill switch is no different, so before it is deployed, controls need to be placed over its use that still make it effective but prevent abuse.

-- Rob Enderle is president and founder of Enderle Group. Special to Dark Reading.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Title Partner’s Role in Perimeter Security
Title Partner’s Role in Perimeter Security
Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2006-1318
Published: 2014-09-19
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

CVE-2012-2588
Published: 2014-09-19
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, or (3) Subject header or (4) body in an SMTP e-mail message.

CVE-2012-6659
Published: 2014-09-19
Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-1391
Published: 2014-09-19
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.

CVE-2014-3614
Published: 2014-09-19
Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.

Best of the Web
Dark Reading Radio