Slashdot Mirror
Former FBI Agent Calls for a Second Internet
An anonymous reader writes "Former FBI Agent Patrick J. Dempsey warns that the Internet has become a sanctuary for cyber criminals and the only way to rectify this is to create a second, more secure Internet. Dempsey explains that, in order to successfully fight cyber crime, law enforcement officials need to move much faster than average investigators and cooperate with international law enforcement officials. The problem is various legal systems are unprepared for the fight, which is why he claims we must change the structure of the Internet."
Someone give this guy a VPN.
Is it true that more people vote for the winner of American Idol, than vote for the president? -Ali G.
Sorry, but changing the "structure of the internet" because some former policeman says it would be a good thing just ain't a persuasive argument. If anything, take whatever he says and do the opposite.
"We're too stupid to deal with this interweb thingy, so we need the entire world to change how things are done to accommodate our incompetence."
Yeah, that's going to happen.
-- Will program for bandwidth
"Former FBI Agent Patrick J. Dempsey warns that the Internet has become a sanctuary for cyber criminals
Any time you have a new community or resource to exploit, there will be criminals. However, calling it a sanctuary is hardly apt. I can think of more than a few places that are a sanctuary for criminals, yet you won't see the government razing those neighborhoods and starting anew, would you? Besides, who gets called a criminal?
and the only way to rectify this is to create a second, more secure Internet.
Ummmm, no. What he means is that they want to form a new network that can routinely be filtered, scanned and probed with no means of anonymity (already going away) or flexibility.
Dempsey explains that, in order to successfully fight cyber crime, law enforcement officials need to move much faster than average investigators and cooperate with international law enforcement officials.
How about figuring out how to deploy a network within your own agency first, that agency employees can actually use?
Visit Jonesblog and say hello.
I don't care about your needs to "successfully fight cyber crime" which to me translates to "successfully sniff out rats".
I care about speed, anonymity and integrity of data.
Since major cities have more crime than before why don't create new cities.
As opposed to extraditing murderers, mafiaa members etc is easy with respect to "traditional" crimes?Why hire competent people who technology as tools and adapt your law enforcement agency when you change the world around you to adapt to your incompetence?
And for those who says "Think of the children": No law can effectively parent your child for you. Do you damn duty.
When the government or agents of the government ask for something, the opposite is probably in your best interest.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
What do we do when the second internet is overrun? Building a new internet everytime "cyber-criminals" get on it sounds expensive...
There really is no internet in such a way that you can just 'replace' it.
The 'internet' is simply many computers connected together, interchanging data over cables. I could create my own internet, for example, using different protocols and such, and creating my own sever system, browser, and etc.
It just doesn't make much sense to 'make' a new internet. The internet is the world, and you just can't replace it.
Moreover, what would prevent me from doing the above and bypassing their 'secure' measures? Censorship never works.
How many times over the years have we read about incidents of cybercrime, where the FBI was contacted for assistance and promptly blew off the victim because they didn't lose enough money, or weren't some big important corporation?
They weren't interested in nipping the cybercrime problem in the bud in the early years, and now the internet is a hive of scum and villainy.
~Philly
There is only so much we can do to secure any network from attack. There will always be ways to spoof identities, and commit illegal acts. Retooling the whole thing won't make a different in that regard. We may up the bar a little, but that won't last for long. People will think of new ways to work around what we can think of today.
On the other hand, I wouldn't mind an overhaul on DNS and SMTP to slow some spammers and other jerks down.
The real problem is the diverse nature of laws between different countries and the strong enforcement in some places and near zero enforcement elsewhere. Think about it, someone in Russia can do almost anything outside their country and not be prosecuted. In other places, we have parts of the Internet filtered because of some lame moral code.
I just wish these people who don't understand the spirit of the Internet would take their marbles and go home.
MidnightBSD: The BSD for Everyone
Oh that's just great. So just because poor mr Dempsey woke up one day believing that someone wasn't ready for a fictional fight then we all should just drop the world's communications infrastructures and rebuild it according to mr Dempsey's vision. For the sake of those poor unprepared legal systems, of course. And also the world's safety. And the children, now that we are at it.
What mr Dempsey is advocating is nothing more than taking over the control of the medium. No one has it and he wants it badly, claiming that it's in everyone's best interests to be controlled by an overreaching, totalitarian organization. Well guess what mr Dempsey, the internet works great just as it is and no one benefits from having a righteous mr Dempsey, head of the internets, fighting the fight that those poor, fictional legal systems are supposedly incapable of carrying out.
Slashdot, fix your code or at least hire someone who is competent at it to do it for you.
"If we accept the fact that the greatest hurdle in arresting international cyber criminals is that various legal systems just aren't prepared to address the speed at which these crimes occur or the various nuances that are unique to computer crimes, then the question is: What can we do to fix the problem?"
So, he goes from acknowledging that there's a jurisdictional problem and a speed problem when it comes to law enforcement to creating a new "verified" internet where you have to "prove" who you are? Umm..no.
And he goes on to hit every hot topic in security today: DDOS, identity theft. spam, etc. And then, he makes the claim "the fact is that Internet crimes are almost always international crimes." And he doesn't back it up, rather gives anecdotal evidence of a hacker in Russia using computers in Thailand to steal data.
I am not a security expert (and I'm not pretending to be) but this "sky is falling" mentality is crap. Most identity theft (the act of stealing) is not done over the internet, its done locally. Yes, selling lists of thousands of SSNs and credit card #s happens over the internet, but the thievery itself doesn't.
In fact, this would make things worse: you're creating a global ID. Once someone steals your global ID they can do whatever they want. And once again, your ID wouldn't be stolen over the "new" internet, it would be stolen because you didn't shred a document and someone went dumpster diving.
This doesn't solve any problems.
Although Dempsey says that a solution "might be" a second internet, which to me sounds silly, he does make some very valid points on how cybercrime needs to be handled across borders.
It seems that many countries just want to forbid things, with regards to the internet, rather than adjust to a new way of looking at crime committed through the internet.
If it turns out that law enforcement can't or won't adjust to the speed in which cybercriminals operate, maybe the only way to help prevent crime is to educate the users, or even help write better software (against spoofing etc.).
saying that the Internet has become a sanctury for cyber-criminals is a lot like saying the physical world has become a sanctuary for (non-cyber) criminals.
Both are probably true.
I won't disagree with the assertion that the internet is a game-changer when it comes to criminal investigations, but the idea that we should castrate it for this reason is ridiculous. The dinosaur who raised this complaint is clearly a digital immigrant. Most of his generation lacks the level of familiarity necessary to effectively investigate crimes involving the internet. The problem goes beyond a simple matter of training. A good investigator needs an intuitive understanding of how people interact with their world, including the internet, more than they need an intimate understanding of protocols.
The next generation of investigators will be digital natives. They'll have grown up with the web, email, blogs, message boards, IM, flickr, youtube, social networking, and the like. They won't all have CCNAs, but they'll have a sufficient understanding of how people use the internet to know when to bring in forensic experts.
The transition will be difficult. The digital immigrants with extensive investigative experience and the digital natives who are novices in their profession will have to cooperate and exchange their knowledge and wisdom, and in the meantime, some criminals will slip through the cracks. That's the price of progress.
There's no failure quite as dissatisfying as a complete and total solution to the wrong problem.
Let all of the various conglomerates move all of their online advertising, and shopping, and noise to a new internet.
We all stand and applaud, then cut them off from ever returning to the old internet.
Then we can go back to the days of sharing information and having fun without that stupid "punch the monkey" ilk...
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
1. I can't do my job because of X.
2. Changing X would fix that problem.
3. Therefore, we should change X.
With no regard for whether X has any value of its own. Open your eyes and look outside of your own field before you decide to change the world in your favor.
Visit the
He can't have a legislative solution, so he comes up with a technical one.
(x) Sorry dude, but I don't think it would work.
[Fuck Beta]
o0t!
Upon reading the article summary, I thought the guy must be nuts.
After reading the article, however, and carefully thinking about his ideas, I've concluded that he is instead an idiot.
Has this man never heard of Metcalfe's Law? His second, registration-only internet will be about as popular as BITNET and Telenet are these days. (Yes, Virginia there were globe-spanning networks before the Internet. It's true!)
While he's at it, he might as well call for a second telephone system, one that only allows people to say nice things.
Seriously, does it surprise anyone that law enforcement wants a more "secure" and hence traceable, internet? The Law is moving in on this frontier; some of the residents demand it, and cops always want more power.
Heinlein wrote about this decades ago - "The Moon is a Harsh Mistress." Great read, and extremely relevant.
is it SPAM? Phishing? DDOS attacks? Or is it child porn, terrorism and that kind of things?
If it's the first, then it's not a new internet we need, but rather to fix what is allowing these attacks to take place.
If it's the second, then my friend, there's no solution. Crime was committed before the internet. Changing the internet won't solve crime. Child porn happens because children are kidnapped and abused. And that happens OUTSIDE the internet. Perhaps we need to spend less money on Iraq and more money on programs to prevent child abuse and all that.
If you want children not to be approached by stranger adults, then make some kind of "child ID" using a centralized certification authority or something. Or how about EDUCATING YOUR KIDS?
Soooo how are they going to stop people from just layering an anonymous protocol on top of whatever they force on to people?
Soooo how are they going to stop people from encrypting data and obfuscating it?
Soooo how are they going to stop people form implementing a "slow drip" protocol through random nodes which is also encrypted?
There is absolutely no way to police the Internet without significantly impacting response times, etc. QoS will suck and they will still never be able to touch 99.99% of the "criminals".
We are already working on a second "Internet" its called "Freenet" and it aims to eliminate many of the current problems with the Internet such as censorship and accountability.
Segregating the Internet!!!! Why do I get dejavu when I think of that? Oh what that's how it all started.
Honestly this idiot is suggesting we work backwards and devolve the Internet.
~Dan
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
Here's my prediction:
As the government tries more and more to clamp down on the internet and bandwidth becomes more and more free OR the government successfully forces us to go to this "Second" internet (let's call this "surveillance net"), people will come up with a new "freenet" to lay on top of this new freedom restricting internet.
All it would take would be an open source program protocol that would pass information over the "surveillance net" by encoding the data, chopping it up, and passing it through multiple nodes (think parallel, not serial distribution) before it gets to the recipient. That way nobody (i.e. government) at any single node would be able to tell what data was being passed or even to who. This would successfully nuke any second internet benefits. With this expectation of a free internet that the general masses have grown to expect, I think you'd get a large percentage of people who were willing to be freenet nodes. (you can of course try to mandate this like bittorrent nodes where you have to be a node on the freenet in order to use the freenet).
I think all this really requires is that bandwidth be cheap and a push by the government to clap down on internet freedoms. I think we'd very quickly see a counter-revolution and open source developers would create the freenet.
d
all language nazi's will burne in heil!
Most of the security and crime problems associated with the Internet are problems with the client, not the network. In other words, Microsoft Windows is the problem.
If desktop clients ran each browser window in a separate jail, and downloaded programs were constrained by NSA SELinux type mandatory security, or a virtual machine monitor, to stay in their individual compartments, most of the attacks on personal computers would stop working.
If it weren't for those armies of zombie PCs out there, hiding where something unwanted was coming from on the network wouldn't work. Look what's happened to spam. Today, essentially all spam involves compromised machines. Any that doesn't is shut down, fast.
Ir's all Microsoft's fault.
So once again police is finding it difficult to keep up with technology and ask us to limit the technology for investigation purposes. This seems to be just yet another attempt at introducing a police state in the wake of 9-11. I say no thanks!
That is a correct translation, but seriously - don't you think he is right? Spying is a way aquire knowledge of the whereabouts of the "enemy". This enemy might be terrorists, drug dealers, people who likes the color orange. It has always existed and it will always exists. A spy spies on different things than a company and a jealous boyfriend spies different than a cat. On internet everybody is spying. Boyfriends, neighbors, criminals, FBI, Governments, cats.. they all spy like crazy. A "second internet" is not necessary, but an "upgrade" in both the law and the hardware machinery to be able to cope with the actual reality is well overdue. I remember when the first ads popped up on internet. The indignation. Just a few years. So much have changed. So little has changed.
The internet as we know it today has evolved from an ideology of a few researchers. Vennevar Bush, who proposed the Memex system in 1945 that made it possible to link information sources via interactive computing. Ted Nelson, who thought of the hypertext system, which links texts with keywords in a very different way and that we still use today. And Tim Berners-Lee who brought the dreams of this information network into reality with his World Wide Web. The ideology of these men was that information should be available everywhere, for everyone, at any time, for free. Everyone should participate in this World Wide Web and should be unrestricted in any use. From this freedom, that is more and more restricted by some governments, hackers from all over the world have developed better software and even helped making the internet what it is today. Hackers are the watchdog of the ideology of this freedom and get there support from internet users from all over the world. The Aibot hacks wouldn't be so successful if the Slashdot community didn't support it at the time.
The internet shouldn't be made more 'secure' by the government. The internet as we know it, is designed as a network which gives everyone the opportunity to participate. Restricting these 'rights' would be against the ideology from which the internet is build. We should see the internet as a public domain, where users are responsible and should watch for cybercrime and fight it. Let's think of securing the internet by participating as users instead of giving this out hands to the government.
This has to be the only reason, in fact, and not just one of them. Cybercrime can be stopped without any monitoring!
The article talks about hacking into bank accounts and identity theft etc. So if the government wants to crack down on this, why don't they just mandate that banks have to send their customers a bootable read only flash drive that contains a basic operating system, browser, SSL certificates and a one time pad? It wouldn't matter how badly some clueless moron's computer was trojaned to hell, because the bank would only accept connections from the booted flash drive.
You can't get mugged on the internet. You can't be coerced on the internet. Criminals need YOUR COOPERATION.
The U.S. could also stop using checks like every other civilized country, because they're a ridiculously huge security hole and a huge pain in the ass compared to direct bank transfer. But all of this would make too much sense, because none of it involves more government monitoring of its citizens.
The land of the free. Where no laws must ever tell corporations what to do, but citizens must compensate for their ineptness by being spied upon.
My Sig: SEGV
I am amazed that anyone is falling for the internet as a criminal nest nonsense. Obviously whenever any very large group of people does anything at all some crime must occur. It's all about proportion. How many people died world wide fighting to keep their bicycle from being stolen last year? How many died because of internet activity? We all know bicycles were far ahead in the crime stats. So should we build an entirely different society to keep bicycles from being stolen? Obviously not. And we don't need a new net either.
I don't think the bicycle analogy is very good.
The internet is an enabling technology and as it enables certain crimes they become MUCH more prevalent than they used to be. Not necessarily fundamentally different, just easier to carry out. Kiddie porn or fraud are good examples.
I think that laws don't necessarily need to change, but investigators need to be able to accomplish more (notice I didn't say they need more powers). Simply finding the kiddie porn sites is hard enough when the guys know they're being hunted and are hiding from the cops already. Being able to find the bad guys, develop a case, and bring it to prosecution needs to be easier without violating anyone's existing civil rights. I would focus on more hiring, better training, and straightening the paths within DOJ and among law enforcement agencies.
Could someone tell law enforcement and the media that they must have missed the memo where we all stopped using "cyber" a long time ago?
Seriously... every time I hear "cyberthis" or "cyberthat", it's inevitably someone in law enforcment, the media or k-12 education (but talking about some enforcement issue). The cops are the worst... every unit they create is cyber-something... I guess they think it sounds cool. In actuality, it's more like hearing your grandpa say "gettin' jiggy with it".
However, if they're serious about such an endeavour they should go study with those who've already begun this sort of thing: China.
I'm sorry, Mr. Dempsey, sometimes a job just has to be hard.
- I am made of meat.
Accountability is a good thing. This is not a question of accountability, it's a question of whom you are accountable to.
It's a very short step from finding scammers and criminals and holding them accountable to finding political dissidents and persecuting them. You cannot have one without the strong likelihood of the other. If the potential for abuse occurs, then abuse is inevitable.
blah blah blah
"You were hiding jews in your house ? Prepare to die !"
Accountability means that you are accountable to someone. That someone can easily abuse his powers; Hell, even the finnish police, the police of the state repeatedly voted the least corrupt in the world, began abusing the kiddie porn filter immediately after it was implemented. There is no authority worth the trust accountability requires.
Unfortunately, in Real Life, accountability is a neccessity. While it inevitably leads to abuses, lack of it means us violent monkeys live up to our murderous nature and rape, kill and loot each other. That's why we have governments, nation-states and courts of law.
However, it is impossible to murder anyone in the Internet. It is just as impossible to rape them, or cut a single hair from their heads. It is impossible to even rob them - altought it is possible to spy on them enough to gain access to their online accounts, which is one of the reasons why I don't have any. In fact it is impossible to do anything except say something nasty to them.
So, why would we need accountability in the Internet ? Who, exactly speaking, is actually being hurt by the spam, botnets or porn ? No one.
No, this "accountability online" is simply a guise for tracking down the people who leak nasty secrets of politicians and corporations, in order to punish them and thus cause a chilling effect. Internet and especially the anonymous protocols working on top of it - such as Tor and Freenet - are every politicians worst nightmare: an information propagation channel they can't block. "The truth shall set you free", so is it any wonder that every overlord in history has tried to prevent it from getting out ?
A democratic society - indeed, any free society - needs an anonymous communication channel with no accountability of what you say. If that is also useful for criminals, then that is simply the price you have to pay. The alternative is freedom of speech a la Soviet Russia: you are free to pee on Lenin's statue while shouting "down with communism", but you'll be sent to a Siberian labor camp for it.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
WASHINGTON D.C. (AP) -- "All we're saying is that we want our country to be a real country again, one where we can have faith in our constitution, one that is grounded in the rule of law," said Jason Smith, spokesperson for the group "Americans For a Free America (AFFA)." Smith continued: "we have the backing of several million Americans. Our group is committed to ensuring that our government returns to being constitutional, and that our country stops this slide that has turned it into a "dictatorial banana republic." Our charter states that this must be accomplished using constitutional, non-violent means, and part of what needs to be done is that we need a "second FBI." While it is clear that most agents in the FBI we have now are honest, hard working Americans who believe in protecting our country AND the rights of it's citizens it is just as clear that there is a criminal group operating above (and infiltrating within) the FBI."
When contacted for comment on the AFFA group, agent Johnson of the FBI commented: "It is clear that AFFA is a domestic terror group, all they want to talk about is freedom when we are fighting an endless war. We need to be able to do whatever we want because most certainly this group may kill babies, torture puppies and bomb buildings. This cannot be allowed."
When presented with the quote above, Smith replied "This is why we're calling for a second FBI, the criminals in our government have ruined the first FBI by either asking them to, or allowing them to commit crimes against the people; and be clear, we are not saying most FBI agents are criminals, that isn't the case, my uncle was a fed, but the corruption at the top and in certain "joint task forces" ruinz it for the 98% of good, America loving agents."
When asked what evidence the agency had of anything illegal acts by AFFA, or why they would suspect that a group committted to peace, freedom, and the rule of law would commit such heinous acts, I was detained and questioned for 10 hours about if I was part of a domestic terror group and whether I supported the constitution. I was released after I agreed to publish the following statement: "I now see that the the FBI is right, this group and their type is dangerous. We are all in danger, danger is everywhere, and the internets is where it hides."
So, does the Internet increase the amount of kiddie porn, or the access to it? If it increases the number of kids who are molested on film, I can stand behind trying to invoke extra measures to stop the growth. If, however, it just makes it easier for more pedophiles to view the same images, then the problem isn't the Internet. The problem is the kiddie porn and "fixing" the Internet isn't going to change anything. Of course, the real solution of finding a "cure" for pedophilia would be a better alternative, but that's just me...
I quoted the word "cure" because I know there's no "cure", but treatments could be developed that would minimilize a pedophiles impulses and thus allow them to lead a normal and productive life. Putting them in prison or on Dateline is not the solution.
Which is more painful? Going to work or gouging your eye out with a spoon? Find out!
http://www.workorspoon.com
Well, if you feel that way, lets get away from the anonymity of the ballot box, eh?
I mean, you *would* support posting publicly your voting record for all elections wouldn't you? I mean, no need not to be held accountable for who you voted for in each election (or if you voted at all), right?
There are many reasons for true anonymity...political expression is just one of them. Of course with anything out there...you can use it for good and evil, but, if we were to toss out everything that could be used nefariously, we'd not have many freedoms or possessions left.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
The ballot box is an unfortunate example, because it leads to confusing anonymity with confidentiality.
I have no problem with someone knowing that I have voted, and indeed a record of this fact is kept to ensure that I can't vote twice. I am thus not an anonymous voter, and I hope we'd agree that allowing arbitrary anonymous votes is not likely to meet with democratic success.
Who I voted for is a different question. That is private/confidential information. Since the information is not publicly available, I don't believe it is necessary for me to put my name to that information.
As it happens, there is also no crime that can be committed by voting in a certain way as long as I am casting my vote(s) according to the rules of the election, and no-one else's rights can be infringed by my doing so. Thus there would be no legitimate need to break confidentiality anyway. I think this is a separate issue to the anonymity question, though.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
One obvious problem with this theory is the fact that the incidence of rape has gone down as porn has become available over the last hundred years. It is clear that porn does not necessarily lead to acting out the situations, it may even act as a safe release for urges.
Man, you really need that seminar!