by Constantine von Hoffman

FBI Idea for a “Secure Second Internet” is Clear, Simple, and Wrong

Oct 27, 20113 mins
CybercrimeData and Information SecurityFraud

Networks are inherently unsecure. The more access you allow, the greater the risk. As the old saying goes, “Three can keep a secret only if two of them are dead.”

FBI executive assistant director Shawn Henry has a simple, understandable desire: A second, secure internet where critical systems could run safely. Even if it were feasible, it would be a bad idea.

The FBI'
Henry, speaking at the Information Systems Security Association conference last week, said that only a secure network could protect critical utility and financial systems from attack. He envisioned this second internet as separate  from the regular public Internet. It would be safe because it wouldn’t allow anonymity; only known and trusted people would have access to it.

Mr. Henry’s idea betrays a worrisome lack of knowledge about both the internet and security.

For one thing, there is already an Internet2. It is used by universities for research and was built to provide maximum performance for high-end computing. So this would be Internet3. That may seem like nitpicking, but it suggests he either didn’t know about it or that he was sloppy in his thinking. Neither of those will boost your credibility in Geekistan.

First among many problems with this idea is that networks are inherently unsecure. Allowing access means depending on the security of the organizations which have that access. The more access you allow the greater the risk. As the old saying goes, “Three can keep a secret only if two of them are dead.” That is one of the fundamental facts about security. He even said as much later in his remarks when he spoke of the FBI being in favor of taking sensitive information offline completely. It is disheartening that Henry, a former leader of the bureau’s Cyber Division, didn’t think through what that implied about his Second Internet plan.

Henry also seems to have far too much faith in the ability to certify and guarantee identity. Clearly he believes that these known and trusted people wouldn’t use this Internet maliciously because everyone would know who they were. If Henry can come up with a foolproof way to guarantee online identity he should retire from the FBI and get rich.

Finally, there is a problem that remains even if you could solve all the other issues. Who decides who is known and trusted? For example, which part of the Russian government gets to approve who gets access? Even if there was someway to guarantee this couldn’t be subverted by criminals you would still have the problem of nations, corporations or other users wanting to use access to further their own interests.

His own agency would be chomping at the bit to get at the information contained in this system. That information would be as valuable (and dangerous) as the ability to hack into critical financial and utility systems. The FBI would be incredibly unhappy if this system were ever to be put in place and in time they – or some other participant – would concoct what they thought was a legitimate reason to undermine it.

As H.L. Mencken put it, “For every complex problem there is an answer that is clear, simple, and wrong.”

(This secure internet seems to be an obsession with FBI-ers. Three years ago the same idea was put forward by Patrick Dempsey, a former FBI agent, in an article. To his credit, Dempsey said he wrote the article as a way of starting a conversation. He told Ars Technica: “The main catalyst for writing this article was to bring to everyone’s attention the fact that the same positives that the Internet provides for information sharing, also create negatives in terms of ‘bringing to task’ those that wish to use the Internet for illicit purposes.”)