Among the initiatives Richard Clarke is pursuing is the creation of a separate-but-better Internet that would be immune from security attacks. Dubbed Govnet, it would have no connections to public phone systems, traditional ISPs, or the current network backbones. In an age when federal agencies rely so much on the Net that a single disruption could halt the business of government, Clarke's plan has drawn support from numerous jittery officials.
It's not an idea original to Clarke. The Pentagon and the NSA already use an independent system known as JWICS, the Joint Worldwide Intelligence Communications System, which supports T1; carries data, voice, and video; and is approved to handle information at any level of classification. And the military uses a host of communications networks, some for tactical communications, some packet-switched, some top secret and some not. But Clarke argues that a separate Govnet is necessary for redundancy, and 167 tech companies - including Sun and Sprint - have responded to Clarke's request for possible designs.
Critics of Govnet, meanwhile, point to the huge cost of building a dedicated network and to the temptations of users - even at the highest levels of government - to transfer files via floppy, or move their laptops, between Govnet and public networks, thus compromising the supposedly hermetic system. Fiercer critics say Govnet's just another wasted effort, borne of Clarke's fears of a "digital Pearl Harbor," which has never come to pass.
Automatic System Repair
Gabriel Rocha is not normally a religious man, but he "swears to God" he'll never let anyone perform remote security repairs on his computer. The former systems administrator fears that patches installed automatically by vendors might create new vulnerabilities or crash important programs - in other words, trigger the law of unforeseen consequences. "What happens," asks Rocha, currently a security consultant in Geneva, "when they fuck up the patch?"
That's a prime question for Richard Clarke, who has proposed that software companies try harder to plug security breaches for customers, even if that means doing it for them. For someone like Clarke, who's paid to be paranoid, the idea of millions of users trusting their secrets to bug-riddled versions of Windows is a nightmare. Especially, that is, when fixes are available and need only be installed. "There's a technological problem that I don't think is beyond the wit of man to solve," says Clarke, "and it's the following: When they get patches now, systems administrators don't apply them."
His solution? Send out the digital equivalent of flu shots, which inoculate machines against malicious code - and send them out automatically.
Redmond is willing to go along. CTO Craig Mundie says Microsoft is working on both increasing security during the design stages and building a system that will "automatically apply patches as new vulnerabilities surface." Of course, auto-updating gets you nowhere if it's not enabled: In December, Microsoft admitted that Windows XP included a vulnerability and sent out a patch, but since XP's auto-update feature is turned off by default, relatively few users benefited.
Most security experts agree that spontaneously delivered fixes are a must for home users, who aren't known for perusing security newsletters warning of the latest perils. But managers who oversee hundreds of machines don't trust the remedy - with good reason. When Microsoft released Windows NT 4.0 Service Pack 6, a collection of fixes for the OS that was guaranteed to be worry-free, it ended up wreaking havoc for Lotus Notes users; a chastened Redmond security team had to create Service Pack 6a. And in the Unix world as well, auto updates pose dangers: Sun's Solaris patches can mess with third-party email software, or worse, savvy attackers can sabotage the updates and insert backdoors.
But Clarke isn't deterred: "I know systems have lots of applications running, but it should be possible to securely deliver, with authentication, a patch, accompanied by a diagnostic that says, 'If you apply this, the following programs will be impacted in the following way.'"
Good. Next step? Persuade sysadmins like Gabriel Rocha to use it.
