After working on DARPA-funded projects from 19671982, including the design and implementation of the ARPANET and Internet, I left DARPA to go into the private sector to design and build MCI Mail. At that time, I handed the architectural reins of the Internet to David D. Clark and Jonathan B. Postel as chief Internet architect and deputy Internet architect, respectively. Since that time, Clark and Postel went on to make deeply significant contributions to the Internet's evolution. Postel as the Internet Assigned Numbers Authority and RFC editor and member of the Internet Architecture Board; Clark as the chairman of the Internet Architecture Board (earlier: Internet Activities Board) and as a leader in articulating Internet design principles. Sadly, Jon Postel passed away 20 years ago, October 16, 1998,a just as the Internet Corporation for Assigned Names and Numbers (ICANN) was forming. He was to have been its chief technology officer. More recently, David Clark has produced two wide-ranging and deep books about the Internet. One book will be published this month, Designing an Internet,b and the other, International Relations in the Cyberage (The Co-Evolution Dilemma), will be published later by MIT Press.
These two works capture the depth and breadth of thought the Internet now demands of us on technical and policy grounds. As new methods for exercising the network arrive (think smartphones and the Internet of Things), we are finding new ways to apply this global system to our daily challenges. Perhaps more seriously, many people are finding ways to do harmful things through the Internet medium. Headlines highlighting abuses abound: Identity theft; electronic funds transfer and automated teller machine heists; point-of-sale terminal hacks; theft of personal information including credit cards, passwords, and other personal information; malware and denial-of- service attacks; bullying; misinformation; election interference; and the exacerbation of social tensions. The list is longer and would take up the rest of this column.
Responses to these abuses have been sporadic at best. Two-factor authentication would remediate many penetration scenarios but is not widely adopted. Operating system and application software weaknesses are not adequately addressed. Corporate attention to these risks is unevenly applied and incentives to do better are in short supply. The social unrest accompanying deliberate misinformation campaigns is finally reaching policy awareness and is leading to demands for response, but legislators are often poorly equipped to produce implementable regulations. ACM has an active US-ACM Public Policy Committee and other ACM Councils are being drawn into discussions about these problems but there is, as yet, little consensus on effective responses. Varying societal norms and conditions make for a wide range of possible reactions, some of which strike me as excessive and hostile to human rights.
The Secretary-General of the United Nations has commissioned a High-Level Panel on Digital Cooperation. I consider this to be an aptly named effort. The charge to the panel is to consider these matters and to make recommendations to deal with them in an internationally cooperative fashion. It is clearly unlikely the panel will solve the problems in general, but it may be able to surface implementable, international, or transnational actions that would reduce the vulnerabilities currently being exploited by individuals, organizations, and nation states.
At the national level, only a small percentage of businesses and individuals are well equipped to defend themselves in the hazardous online world. People must be trained to detect and reject phishing attacks and be more vigilent about cyber hygiene. More information sharing between the national security apparatus and private-sector enterprises seems called for, especially as vulnerabilities and their remedies become apparent. That such a practice would benefit from international cooperation seems likely but fraught with details about implementation. I am looking forward to reading both of Clark's volumes in the expectation that he and his co-authors will throw light in the dark places that have developed in our 21st-century Internet.
The Digital Library is published by the Association for Computing Machinery. Copyright © 2018 ACM, Inc.