- | Technology and Innovation Technology and Innovation
- | Expert Commentary Expert Commentary
- |
Let’s Build a More Secure Internet
In the wake of the disclosures about the National Security Agency’s surveillance programs, considerable attention has been focused on the agency’s collaboration with companies like Microsoft, Apple and Google, which according to leaked documents appear to have programmed “back door” encryption weaknesses into popular consumer products and services like Hotmail, iPhones and Android phones.
Can we ever trust the Internet again?
In the wake of the disclosures about the National Security Agency’s surveillance programs, considerable attention has been focused on the agency’s collaboration with companies like Microsoft, Apple and Google, which according to leaked documents appear to have programmed “back door” encryption weaknesses into popular consumer products and services like Hotmail, iPhones and Android phones.
But while such vulnerabilities are worrisome, equally important — and because of their technical nature, far less widely understood — are the weaknesses that the N.S.A. seems to have built into the very infrastructure of the Internet. The agency’s “upstream collection” capabilities, programs with names like Fairview and Blarney, monitor Internet traffic as it passes through the guts of the system: the cables and routers and switches.
The concern is that even if consumer software companies like Microsoft and telecommunications companies like AT&T and Verizon stop cooperating with the N.S.A., your online security will remain compromised as long as the agency can still take advantage of weaknesses in the Internet itself.
Fortunately, there is something we can do: encourage the development of an “open hardware” movement — an extension of the open-source movement that has led to software products like the Mozilla browser and the Linux operating system.
The open-source movement champions an approach to product development in which there is universal access to a blueprint, as well as universal ability to modify and redistribute the blueprint. Wikipedia is perhaps the best-known example of a product inspired by the movement. Open-source advocates typically emphasize two kinds of freedom that their products afford: they are available free of charge, and they can be used and manipulated free of restrictions.
But there is a third kind of freedom inherent in open-source systems: the freedom to audit. With open-source software, independent security experts can scrutinize the code for vulnerabilities — whether accidentally or intentionally introduced. The more auditing by the programming masses, the better the security. As the open-source software advocate Eric S. Raymond has put it, “given enough eyeballs, all bugs are shallow.”
Perhaps the greatest open-source success story is the Internet itself — at least its “soft” parts. The Internet’s communications protocols and the software that implements them are collaboratively engineered by loose networks of programmers working outside the control of any single person, company or government. The Internet Engineering Task Force, which develops core Internet protocols, does not even have formal membership and seeks contributions from developers all over the world.
But the problem is that the physical layer of the Internet’s infrastructure — the hardware that transmits, directs and relays traffic online, as well as its closely knit software (or “firmware”) — is not open-source. It is made by commercial computing companies like Cisco, Hewlett-Packard and Juniper Networks according to proprietary designs, and then sold to governments, universities, private companies and anyone else who wants to set up a network.
There is reason to be skeptical about the security of these networking products. The hardware firms that make them often compete for contracts with the United States military and presumably face considerable pressure to maintain good relations with the government. It stands to reason that such pressure might lead companies to collaborate with the government on surveillance-related requests.
Because these hardware designs are closed to public scrutiny, it is relatively easy for surveillance at the Internet’s infrastructural level to go undetected. To make the Internet less susceptible to mass surveillance, we need to recreate the physical layer of its infrastructure on the basis of open-source principles.
At the moment, the open hardware movement is limited mostly to hobbyists — engineers who use the Internet to collaboratively build “open” devices like the RepRap 3D printer. But the Internet community, through a concerted effort like the one that currently sustains the Internet’s software architecture, could also develop open-source, Internet-grade hardware. Governments like Brazil’s that have forsworn further involvement with American Internet companies could adopt such nonproprietary equipment designs and have them manufactured locally, free from any N.S.A. interference.
The result would be Internet infrastructure, both hardware and software, that was 100 percent open and auditable.
But never, of course, 100 percent secure. The N.S.A. could still try to exploit the Internet’s open hardware. And of course, open hardware would do little to prevent the government from reading e-mail if it still had the cooperation of companies like Microsoft or Google. Open hardware is not a panacea.
Still, open hardware would at a minimum make the N.S.A.’s Internet surveillance efforts more difficult and less effective. And it would increase the difficulty of surveillance not just for the N.S.A. but also for foreign governments that might otherwise piggyback on N.S.A.-introduced security vulnerabilities.
A 100 percent open-infrastructure Internet — a trustworthy Internet — would be an important step in the empowerment of individuals against their governments the world over.