Prof Alan Woodward of Surrey University presents an interesting viewpoint today on the state of our current Internet infrastructure. Practically all of the present "security" features were shoehorned in on top of an infrastructure that was never really designed with security in mind. With the benefit of hindsight, maybe what we need is simply a new infrastructure, designed from the ground up to meet our current needs and use, be that in terms of security or other features.
On the other hand, security isn't the only feature absent from basic Internet infrastructure because it was not thought of in the 1970s. It is probably for similar historical reasons that the Internet crosses many political boundaries that some of our current governments appear to wish it didn't cross.
So if we were to re-design the Internet today, some questions arise:
- the infrastructure that we have today met the needs and capabilities of the 1970s; how would we guarantee that a new infrastructure invented today wouldn't simply be reflecting the needs and capabilities of 2012? In 20 years time, would there be a similar conversation ("well, you see, quantum decryption wasn't a real threat back in the 2010s")?
- what would the political pressures be on an Internet infrastructure invented in 2012? How many back doors into the security features would governments try to force into the specification? How much pressure would there be for the application of content filters and bandwidth allocation to reflect the degree of bribery (sorry, "funding") provided by such-and-such corporation to the political parties involved in legislating the infrastructure?
We should also be careful not to mask political failure as being a purely technological problem. On some level, identity theft and other cybercrimes occur both because our technology permits it and because, one way or another, our political structures still leave the risk-benefit tradeoff stacked in favour of the criminals in question.