Kaspersky Labs CEO for end to net anonymity

[estra]

The Register has published an interesting article where it discusses comments made by Eugene Kaspersky who calls for an internet police body that would require users everywhere to be uniquely identified.

Full article is located here, - Security boss calls for end to net anonymity.

The following is an excerpt:

The CEO of Russia's No. 1 anti-virus package has said that the internet's biggest security vulnerability is anonymity, calling for mandatory internet passports that would work much like driver licenses do in the offline world.

"Everyone should and must have an identification, or internet passport," he was quoted as saying. "The internet was designed not for public use, but for American scientists and the US military. Then it was introduced to the public and it was wrong...to introduce it in the same way."

[seti]

This is a very interesting debate that has been started. Firstly it would allow the Police etc to track down criminals and child abusers more quickly and prove their cases against them. I would also act as a catcher for the spammers etc. So there is a lot of good. On the other hand, there could be a case that govenments could use it to track down those who speak out against their oppressive regimes! So it is a matter of being between a rock and a hard place! Personally I have no problems with it, providing it was voluntary, as I have nothing to hide and live in a place where I am able to express my views freely. On the other hand I would not want another harmed for doing so.

[estra]

I've recently read the paper by Daniel J. Solove (associate professor of law) called "'I've Got Nothing to Hide' and Other Misunderstandings of Privacy" it is available for download here at Social Science Research Network.

So when I've read your words, it instantly came to mind. Of course not that I am saying that your opinion is wrong or anything like that.

[seti]

I read through the paper of your link and I still say that I have nothing to hide and nothing to be afraid of either. I do not see the harm in my internet actions being directly related to me as I do nothing wrong on it nor does the vast majority of people. If my being given a simple code helps to prevent a single child from being hurt then it is a very small price to pay and one I am only too willing to do so. I did not take your remarks personally my friend as we both agree that this is an interesting and complex subject to discuss,all express opinions freely and here with respect.

[Corrine]

I read the Register article last week. My immediate reaction was that Kaspersky's idea would result in a black market for internet passports and increased identity theft. In the U.S. we are required to have a Social Security Number. Contrast the U.S. identity theft statistics from 2005 below to more recent statistics:

From 2009 Identity Theft Statistics:

There were 10 million victims of identity theft in 2008 in the United States (Javelin Strategy and Research, 2009).

{Snip}

It can take up to 5,840 hours (the equivalent of working a full-time job for two years) to correct the damage from ID theft, depending on the severity of the case (ITRC Aftermath Study, 2004).

{Snip}

More than 35 million data records were compromised in corporate and government data breaches in 2008 (ITRC).

Contrast those numbers to 2005 from http://www.ojp.usdoj.gov/bjs/abstract/it05.htm:

About 1.6 million households experienced theft of existing accounts other than a credit card (such as a banking account), and 1.1 million households discovered misuse of personal information (such as social security number).

So, I ask,

• With 35 million data records compromised just in 2008 from corporate & government breaches, would you trust an Internet passport?
• How many unique numbers would be required to identify everyone worldwide who has an internet account?
• What would happen if someone inadvertently used the wrong ID?
• How many fraudulent accounts do you think would be created?
• Want to Internet access at an Internet Cafe, sure, enter your Internet passport -- oh, not secure? Oops, the world has your number.

[seti]

I take your points Corrine, but for every solution there is a risk and for every risk there is a solution. Something will have to be done and for all we really know the governments may already have our internet actions targeted so they know exactly what we are doing. I just feel for all the risks that for me it worthwhile exploring and to remember another number is just part of that.

[whs]

There was talk about a completely new internet that would require people to log-on with a clear identity. But that is a big investment and migration problem. The identity theft problem would have to be resolved - that is critical indeed.

[Corrine]

It is more than solving the identity theft problem. Here's an article about hijacked websites that use the infected PCs as part of a botnet that, in turn, are used for sending phishing e-mails. Those who fall for the phishes, end up with an infected PC -- and what do you think would be the target should Kaspersky's idea come to fruition?

Hijacked Web sites attack visitors

[leofelix]

I think that a effective cyber police is an utopia, even if in my Country there exists a special internet police corp (called "Polizia postale") they cannot violate other people privacy

[seti]

@ Corrine I know there are many problems my friend, but where there are problems then there are solutions. At least let the debate begin and get the best minds working on it. All I will say is that anything that makes the world safer I am in favour of.
@Leofelix in the UK the Police can monitor and do child abuse sites and have brought about proseuctiins as a result. If the cyber police is a utopia then it is a place where I want to be.
Finally if we like it or not it will happen one day, and we will all be issued with a number.