Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

3/2/2007
05:55 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Vint Cerf: Father Knows Best

Internet founder talks actors, Googlers, and hackers

He's probably one of the only people at Google who can remember the Arpanet or what the Internet was like before the Web. And there's one thing few people know about Internet legend Vinton Cerf, who co-designed the TCP/IP stack that was used to build the Internet infrastructure: His secret wish is to be an actor.

Figure 1:

Cerf, one of the founding fathers of the Internet, turns 64 in June, and says he's feeling more like "64 going on 26" these days. Although his role in Internet development precluded his acting career from taking off beyond small theatre in his college days, Cerf now finds himself in the second act of his Net career.

His move from MCI to the post of chief Internet evangelist at Google in late 2005 led him to a part of the Net he hadn't focused on before: the applications. "Having spent a good portion of my career on the infrastructure of the Internet, it’s fun to work on new ways to use it."

Cerf says he was attracted to the youthful Google organization -- where employees refer to themselves as "Googlers" -- because it's so wide open. "It is a vibrant and creative place where people do amazing things because they are too young to know 'you can't do that,'" he says. "The atmosphere is collegial and collaborative and certainly keeps me alert to new ideas and to re-thinking old ones."

The unassuming Cerf says he appreciates being a part of the creative flow at Google and, despite his history, he doesn't claim to have any more insight or vision than anyone else. "I encourage my Googler colleagues not to imagine that my ideas are any better than anyone else's," and to vet them accordingly.

Cerf's not directly involved in security development at Google, but he says he keeps close tabs. "I generally stay in touch with the Google security efforts, mostly in intellectual bumblebee-mode, looking for ways to be helpful in improving the security of the Google-based systems."

His job description at Google is longer than some people's resumes. It includes promoting Internet access to those who don't have it worldwide, Internet policy development, pollinating ideas among engineering groups in Google, and recruiting new Googlers and partners for the company.

Oh, and he also maintains his stints as chairman of the Internet Corporation for Assigned Names and Numbers (ICANN) as well as his work on the Interplanetary Internet effort at the Jet Propulsion Laboratory, basically building out the Net into outer space (really). "These take up part of my regular working days," he says.

Cerf says he's only done a little casual research-hacking, mostly because of his time limitations with other projects. And unlike many of the younger Internet generation, he has no hacker handle or online alter-ego. He just goes by "Vint" or "VintCerf" in most role-playing or social networks, he says. "I haven't felt any need to create alter egos."

He remembers the days when being called a "hacker" was an honor. "It used to be an honorific at MIT. But the abusive practices that have become so visible on the Internet has given a bad connotation here," Cerf says. "Purists wish that we could apply some other terms so as to keep 'hacker' what it once was, but I think the language has become too polluted."

This obviously isn't your father of the Internet's Internet. Cerf says the biggest threats are the proliferation of spam, botnets, malware, and denial-of-service attacks. "Much work is needed to increase the security of the Internet and its connected computers," he says, "and to make the environment more reliable for everyone."

Cerf says the emerging Domain Name Security (DNSSEC) technology could help secure the Net's DNS servers, which have increasingly become targets. And more filtering of source IP addresses is needed. "And use of IPSec would foil some higher-level protocol attacks, and digital signing of IP address assignment records could reduce some routing/spoofing risks," he says. OSes need to be more airtight, too, and two-factor authentication should be more the norm than plain old passwords, he says.

But Cerf knows securing his baby won't be easy. "Security is a mesh of actions and features and mechanisms," he says. "No one thing makes you secure."

Personality Bytes

  • Worst day ever at work: "It was the night before the big MCI Mail announcement -- millions of dollars in advertising and marketing... national television broadcasts. And around 10 p.m., a key part of the system stopped working. It didn’t come up (after some very key people were rousted out of bed) until about 45 minutes before showtime. I thought my career at MCI was going to end on the day we were supposed to launch the system."

  • What Cerf's co-workers don't know about him: "I used to play the cello -- and regret that I gave it up so entirely in pursuit of science and math."

  • Hangout: "Used book stores."

  • After hours: "When I find time, I have my nose in a book."

  • In his music player now: "Wagner and Beethoven."

  • Comfort food: "Haagen-Dazs."

  • PC or Mac: "Both."

  • Wheels: "Jaguar... They just look cool."

  • Actor who would play Cerf in a movie: "Well, how about that guy in 'Matrix' who played 'the Architect?'"

  • Next career: "I have five books I want to write."

  • Must meet: "[Evolutionary biologist and writer] Richard Dawkins."

  • Heroes and mentors: "Jim Barksdale, George Soros, and George Conrades."

  • Biggest career accomplishment: "I guess I would have to say successful design and implementation of the Internet -- and getting so many people to commit their time and careers to its evolution."

    — Kelly Jackson Higgins, Senior Editor, Dark Reading

    Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio
     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 5/22/2020
    The Problem with Artificial Intelligence in Security
    Dr. Leila Powell, Lead Security Data Scientist, Panaseer,  5/26/2020
    How an Industry Consortium Can Reinvent Security Solution Testing
    Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: This comment is waiting for review by our moderators.
    Current Issue
    How Cybersecurity Incident Response Programs Work (and Why Some Don't)
    This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
    Flash Poll
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-10737
    PUBLISHED: 2020-05-27
    A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the hom...
    CVE-2020-13622
    PUBLISHED: 2020-05-27
    JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.
    CVE-2020-13623
    PUBLISHED: 2020-05-27
    JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation.
    CVE-2020-13616
    PUBLISHED: 2020-05-26
    The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.
    CVE-2020-13614
    PUBLISHED: 2020-05-26
    An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.