Cyber Measures Could Ensure Security but Compromise Freedom

The key to providing greatly enhanced cyber security may be at hand, but it may also eliminate one of the Internet's greatest characteristics, and a middle ground may be hard to achieve. Carter Bullard, president and chief executive officer, QoSient, told the audience at a MILCOM 2010 Wednesday afternoon panel on cyber security that technologies are needed for three elements-attribution, mitigation and deterrence. Attaining attribution and mitigation will lead to deterrence, he maintained. A key means of attribution is non-repudiation, which he described as having the potential to go after the entire threat matrix. This discipline would provide comprehensive accountability that prevents any interloper from concealing that they attacked, thus creating the concept that a hacker can get caught. Bullard bemoaned the fact that no one is building technology for non-repudiation, calling it "the most misunderstood countermeasure." However, one of his fellow panelists raised an alarm about its incorporation. Elliot Proebstel, on the technical staff of Sandia National Laboratories, warned that building in non-repudiation might threaten valued Internet freedoms. The existing anonymity that every Internet user takes for granted might disappear as every user could be identified. This would be a boon to dictatorships that seek to identify and stifle Internet users opposed to their regimes, he offered.