In 2002, faced with rampant bugs in Windows XP and a general security malaise across its various product lines, Microsoft did something that was previously unthinkable: It simply stopped developing new software and went back and reassessed its then-current and in-progress products from a security standpoint. This effort became known as the Trustworthy Computing initiative and it was later formalized and then enhanced over time to ensure that all of Microsoft's supported products were developed correctly and shipped with a "security first" mentality.
Trustworthy Computing was a sea change for Microsoft. Remember that throughout the 1990s and early 2000s, Microsoft subscribed to the "more is always better" philosophy for software design. So when Windows 2000 popped up, the IIS web server wasn't just installed by default, it was also enabled by default, and it wasn't configured in a particularly safe way either. This was purposeful, as Microsoft wanted people to discover and use IIS. But it was insecure.
There are many examples of security issues from that era. Like many others, I was hacked by the Chinese about a decade ago thanks to the Code Red Worm. (Trivia alert: None of my data was overwritten because I coincidentally stored the contents of my website in a non-default directory.) A major UPnP vulnerability in Windows XP was the trigger for Trustworthy Computing, and resulted in Windows XP Service Pack 2 being the first product released under that development mantra. Later, Windows Vista—which included such security features as Bitlocker, User Account Control, Defender, and many others—was the first Microsoft OS to be completely developed under this directive.
Today, of course, Microsoft is a different company with a different outlook on security. And the hacking landscape has changed with it: As Microsoft's dominant OS has become more hardened over time, hackers have moved to lower-hanging fruit, first with Microsoft's popular Office applications and then with third-party applications, especially those from Adobe.
And that's the problem: Despite Microsoft's high-profile switch to a more secure development process, and despite documenting the changes it's made so that others could make similar changes, most software makers, virtually all of them in fact, haven't caught on. And as we move into a new generation of ever-connected systems and cloud services, our exposure to vulnerabilities—or what Microsoft calls the attack surface—has grown exponentially.
(I should throw out one bone to Adobe: Of all the major non-Microsoft software vendors out there, only Adobe has thrown its hat in with Microsoft and has gotten the security religion. It's too early to say whether Adobe's efforts will be as successful as Microsoft's, but let's at least give them credit for trying.)
I'm thinking of course of the recent high profile Anonymous/Lulzsec hack attacks on AT&T, Fox, Sony, various US and international governmental organizations, the Arizona State Police, and others. Suddenly, the world is being held virtual hostage by what appears to be a loose knit (if not totally disconnected) group of disaffected teenager and young adult loners. One perhaps imagines them sitting in their parents' basements, peering at their monitors over giant cups of Mountain Dew or whatever. But you can forget these outdated stereotypes: Today's hackers have a much richer, more connected, and more damaging set of computing resources to attack. And they're doing so with gusto.
It's time to stop them. And what's required, I think, is an industry-wide agreement to do for Internet- and cloud-based computing what Microsoft's Trustworthy initiative did for the software giant. That is, we need a Trustworthy Internet initiative.
Not surprisingly, some work toward this inevitable future has already begun, though I hesitate to even imagine what disaster—or, more likely, combination of disasters—needs to happen to get all the major players to actually come to any form of agreement.
The first hopeful sign in a new version of the Domain Naming System (DNS) called Secure DNS, or DNSSEC. This scheme, which is being tested in Singapore, is perhaps the model for the future Internet. It's based on three secure data centers, in Singapore, San Jose, and Zurich, which are protected by five layers of physical, electronic, and cryptographic security. According to a report in the New York Times, four of the five layers are now in place, with the fifth, the physical security, now being built.
Without getting into the technical aspects of Secure DNS, the design aims to guarantee the identity of the sources with which you communicate online. Theory being that, today, most successful electronics attacks involve some sort of identity spoofing, whether it's a malicious email purporting to be from a trusted friend in your address book, a malicious website masquerading as your bank, or whatever. Secure DNS will create a trust model and make it much easier to track down the bad guys.
And if your understanding of Internet history is up to date, you'll appreciate the irony here: The Internet was of course designed to ensure communication in the event of a nuclear disaster, so it was designed without a center, or core, and is instead distributed with a means for messages to continue seeking alternate routes until delivered. But this resiliency is what now makes the Internet so insecure, since it provides the bad guys with many ways in which to hide their identity and pose as others.
Regulation, too, help a bit. For the time being, it appears that certain European nations are prepared to be far more aggressive about this than the US, though I have to think that recent attacks on peripheral US government sites (including the CIA) may have created at least a private initiative to change that. The broader issue here, as with security, is that the model under which the Internet was created has led to a situation where no one group, country, or other entity is responsible for Internet governance. This will likely lead to a short term situation where regulation differs wildly between regions, as it does today. But as the Internet comes to be regarded as the world's first truly global utility, this too, I think, has to change.
However it happens, I think it's time for mankind to step it up collectively, work together, and fix what is very clearly a broken patchwork built on an insecure foundation. As with a growing body of other issues—global warming, the food and water supply, and global nuclear security—this is a problem that increasingly affects us all.