Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

1/28/2011
01:43 PM
Rob Enderle
Rob Enderle
Commentary
50%
50%

Internet 'Kill' Switch: Balancing Security And Freedom

Why it's important to have controls in place before deploying such a powerful tool

Security and freedom often seem at cross purposes, and that hasn't been any clearer this week than in Egypt where virtually all public communications have been cut off in an attempt to quell an internal uprising. There are good reasons to have an Internet "kill switch" -- reasons that are security-related and have nothing to do with sustaining government control, like stopping the spread of a particularly nasty virus until a remedy can be discovered. Even in the case of an attack either internally by a minority or externally by a foreign power, eliminating services like the Internet or GPS could save lives and protect the legitimate government. But if the tools were misused to protect an illegitimate government or to directly harm the people, then it would be a bad thing.

The question being asked is whether a tool that can be used powerfully for good or evil should be allowed to exist. If the answer is no, then virtually all tools -- from hammers to nuclear energy -- should be eliminated. This suggests the focus on the tool is foolish; the focus should be in on the protections surrounding tools.

This speaks to arguments pro and con about gun purchase and even the exploration of alternative energy sources. But particularly with security tools, which mostly all have a dark side, controls should be in place before they are allowed -- not the other way around. With the Internet kill switch, a discussion of whether there should or should not be one is moot. The benefits of having one are simply too great against what is clearly an increasing risk. However, if the discussion is to have merit, then it needs to change to the protections over such a switch to make sure it isn't used as it was in Iran -- and maybe in Egypt -- against the people it was envisioned to protect.

But this isn't easy because excessive control would likely eliminate its usefulness in its intended purpose, while inadequate controls won't provide the necessary protection. This suggests that the final decision to use such a tool should reside outside of elected government and with a small number of people who would not benefit personally from the misuse of the tool, couldn't be bribed or coerced to act improperly, but could still act quickly enough to stop a real threat. Such an entity might have to be created because existing law enforcement doesn't have the needed independence. While the Supreme Court in the U.S. fits many of the requirements, even that wouldn't likely be able to act quickly enough. The formation of such a group should precede any deployment of tool with this much power.

Security tools often have the ability to both provide great protection and to do great harm. An Internet kill switch is no different, so before it is deployed, controls need to be placed over its use that still make it effective but prevent abuse.

-- Rob Enderle is president and founder of Enderle Group. Special to Dark Reading.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5252
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2019-5235
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-5264
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
CVE-2019-5277
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
CVE-2019-5254
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...