Friday October 5, 2007
Technique - The South's Liveliest College NewspaperNews
 

Summit, speech feature Google VP

http://technique.library.gatech.edu/articleimages/2007-10-05-3-1.jpg

By Michael Schneider / Student Publications

Vinton Cerf speaks on Tuesday evening at the Ferst Center after giving the keynote speech earlier at the GTISC 2007 Security Summit.

By Corbin Pon & Arcadiy Kantor Assistant News Editor / Opinions Editor

This past Tuesday, the Georgia Tech Information Security Center (GTISC) hosted the Fall 2007 Security Summit: Emerging Cyber Security Threats and Countermeasures. The summit brought together a panel of leaders in the field of information security, headlined by Vinton Cerf, vice president and chief internet evangelist for Google.

"This is probably one of the strongest computer security panels that I have ever sat on," said Chris Rouland, chief technical officer (CTO) of IBM Internet Security Systems, who moderated the panel discussion.

Members on the panel consisted of representatives from the private, public and academic sectors.

Rowan Trollope, VP of Consumer Products at Symantec, Caleb Sima, CTO of Spi Dynamics, Paul Judge, CTO of Secure Computing, George Heron, VP and Chief Scientist at McAfee, Dickie George, Information Assurance Technical Director for the NSA and Merrick College Associate Dean and professor at the College of Computing and joined Cerf on the panel.

The summit started off with a quick speech by Mustaque Ahamad, director of GTISC, who then invited Howard Schmidt, GTISC Professor-of-Practice and last year's keynote speaker, to introduce Cerf.

"One of the terms that I often times refer to Vint as is as one of the 'True Fathers of the Internet,'" Schmidt said in his introduction. In the 1970s and 1980s, Cerf played a leading role in developing the technologies of TCP/IP and the Internet.

"The first thing I need to say is that I don't consider myself necessarily an expert on Internet security... We didn't pay a great deal of attention to the security side of the Internet when it was first being designed, because we didn't even know if it was going to work at all," Cerf said.

Cerf's keynote address focused on the changing face of the Internet and the concerns that are appearing alongside this changing landscape. Cerf touched on the Internet's inherent lack of built-in security and discussed various potential solutions being considered, like authenticating users and incorporating encryption. He went through some of the future challenges, like the impact of non-traditional Internet enabled devices on security and the Internet in general.

"It's going to be pretty awful to report to your boss that the reason the corporate network is down is there was an attack of the [Internet-enabled] refrigerators," Cerf said.

With the conclusion of Cerf's keynote speech, each member of the security panel presented different angles on emerging security threats. Some of the main themes discussed were social engineering, identity theft, phishing, Web 2.0, the changing targets of hackers, on-line trust and the growing danger of botnets.

"Botnets are critically important, because they are the platforms where attacks are being launched," Trollope said. Botnets are networks of "zombie" computers that are controlled clandestinely by hackers. The hacker can then use the computers to perform tasks like sending massive amounts of spam or bring down another computer network.

"We are pretty comfortable... if we say at least that 10% or 11% of all the machines on the [Internet] are compromised," Furst said.

Furst would further explain that "zombie" computers are becoming advanced and are able to emulate normal human activity to escape modern day detection techniques.

Coming from the NSA, George brought a public sector perspective to the information security discussion.

"We're supposed to be controversial so I'm going to be controversial right off the bat and say there aren't any emerging threats... What is emerging is that there are new targets, because the targets have changed from the government, military or industry to... the average user," George said.

Cerf also gave a lecture to a student audience at the Ferst Center for the Arts Tuesday night. He spoke about the history and state of the Internet, communication protocols and a research project he is currently working on known as the InterPlaNetary (IPN) Internet.

He gave a broad overview of the current state of the Internet. Cerf noted that there has been a dramatic increase in Internet uptake over the past 10 years, with the number of users leaping from 50 million in 1997 to 1,173 million this year.

"We have another five and a half billion to go," Cerf said.

He also pointed out the disparity in the spread of Internet access between continents. Only 3.6 percent of the African population is currently able to access the global network, compared to a whopping 69.5 percent of North America's population.

Cerf also discussed a number of current hot-button issues, including that of network neutrality. Network neutrality refers to the network's disregard for the contents of a given packet of information, such as what sort of program or service it belongs to or who is the sender or recipient. This "end-to-end principle" ensures that all packets travel along with the same priority, and Cerf said it has served the Internet very well.

Internet service providers (ISPs) have in recent years proposed new services that would require companies like Google to pay for transferring data from their websites to an ISP's customers. Companies have expressed concerns because they would have to pay to serve an ISP's customers, and this has drawn the eye of regulators in Congress who proposed a bill that would mandate network neutrality.

ISPs have lobbied extensively to prevent such a bill, claiming that such a law would restrict them from providing high service quality and restrict them from offering different tiers of speed.

Cerf was dismissive of these claims, however. "This is all a distortion of the basic principle that the network does not discriminate based on who's using it," Cerf said.

Cerf also spoke about the various socio-economic effects of the Internet. One trend he described is consumers becoming producers thanks in part to blogging.

"Anyone is free to introduce content into the network," he said.

He also said a vast variety of business models were emerging as a result of the Internet's proliferation, discussing the new areas of social networking, video gaming and Internet Protocol Television (IPTV). In addition, he discussed some of the challenges associated with adapting Internet access for mobile devices.

Cerf also gave an update on his most recent project, a protocol for interplanetary networking-IPN. The new protocol is much more tolerant of the delays and disruption associated with communicating with something like the rovers on Mars, millions of miles away. According to Cerf, previous space missions have each used their own protocols for communicating with the space probes, but by standardizing a protocol old yet still functioning equipment will be able to be reused in new expeditions.

Cerf concluded his lecture by taking questions from the audience. He responded to a question about the way governments interact with the Internet, particularly those that choose to censor certain websites.

"You can't stop technology. It's like trying to stop a tsunami by standing in front of it and saying stop," Cerf said.

He also gave some advice to students who want to become innovators, and emphasized that you can not set out to change the world. "Some people imagine that when we started working on the Internet we knew what was going to happen," he said, noting the Internet was "an experiment that never ended." Rather, according to Cerf, the key to success is to do something you love and doing it for a long time.