The Internet is incomplete, says its co-designer, Vinton Cerf
WASHINGTON - The co-designer of the Internet's basic architecture, Vinton Cerf, said the Internet "still lacks many of the features that it needs," particularly in security, in a blunt talk to a tech industry crowd here.
Cerf, who is a vice president and chief Internet evangelist at Google Inc., co-designed with Robert Kahn the TCP/IP protocols that underpin the Internet. That was in 1973. And despite becoming operational in 1983, and commercially available in 1989, the Internet remains incomplete, he said.
Cerf is influential because of his accomplishments, but he may be even more so today because of his affiliation with Google. President Obama's administration has appointed a number of Google employees, including CEO Eric Schmidt, to important positions.
One of the most critical needs is authentication, Cerf said, and he told the crowd at a TechAmerica gathering Wednesday that anyone who performs transactions over the Internet - which is everyone - should "should be deeply concerned about that technology."
The lack of authentication is pervasive and is even a problem in simple cases, such as authenticating entries in the domain name system, he said.
"Authentication isn't available on an end-to-end basis at all layers of the architecture," Cerrf said. While users are good "at building concrete tunnels" using simple SSL (Secure Sockets Layer) techniques, they don't identify the end points and just secure the channel, he said. You can have an e-mail with an attached virus, thoroughly encrypted, and send it through an encrypted tunnel, and once it gets to the other end "it gets decrypted and then, of course, does its damage," he said.
Mobile is another problem. "We do a terrible job serving up mobile," Cerf said, referring to the ever broadening use of the Internet via mobile devices. He said protocol work is needed to address it.
Asked later what the White House should be doing in regard to this issue, Cerf cited the work that's been assigned to the National Institute of Standards and Technology in coordinating standards on the smart grid and health IT. However, he said he would anticipate that Obama's new CTO and CIO will "have some things to say about what the U.S. government hopes will emerge in the infrastructure of our digital communications system."
The Obama administration recently released a report on cyberspace security and has promised to make this issue a priority. The actions have been met with cautious optimism by the security industry.
Computerworld
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
cerf
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
