By Brian Krebs
washingtonpost.com Staff Writer Tuesday, July 30, 2002; 5:51 PM
The expected wireless Web revolution may prompt the federal government to fund a redesign of the protocols that underpin the Internet, the White House's chief cybersecurity adviser said today.
Richard Clarke, the administration's cybersecurity czar, said it may be time to consider replacing the "creaky, cranky" 20-year-old protocols that drive the Internet with standards better suited to accommodate a flood of new wireless devices -- and the security holes that may come with them.
"We need to think a little bit about the underlying mechanisms of the Internet if there are going to be billions of wireless Web
enabled devices all over the world," he said. "We have a positive obligation to be proactive in the development of voluntary standards and in funding the necessary research."
The White House is working with the private sector to draft a national plan designed to secure the country's most vital computer
networks from cyberattack. That plan, set to be released Sept. 18,
will include several policy recommendations to beef up wireless
security, Clarke said.
Clarke said the companies that make and market wireless networks
have an obligation to notify their customers of the security risks
that may come with their products.
Wireless networks are cheap - about $100 - and easy to use, but they
are also easy to misconfigure. Companies that deploy poorly
configured wireless networks virtually invite hackers to explore
their internal networks, Clarke said.
"It seems irresponsible for industry to sell a product that could be
so easily misused by customers in a way that jeopardizes their
proprietary and confidential information," he said.
Vinton Cerf, the computer scientist who helped co-develop
the protocol that allows computers to communicate with one another
over the Internet, welcomed the chance "to rethink" the role of
security in today's World Wide Web, saying he is similarly disturbed
about the security problems posed by the proliferation of wireless
devices.
"Dick is right to highlight this as a major issue," Cerf said. "The
hope is that his words will stimulate work in this area so that the
bulk of devices out there will one day have better security than
they might have otherwise."
Nearly 81 percent of major businesses today use or plan to use wireless networks, according to a recent survey by the World Information Technology and Services Alliance and the Wireless IT Research Group.
Clarke acknowledged that government could be forced to foot the
bill in fostering the development of stronger security and
communications standards, given the current economic outlook for
the telecom sector.
"We have an obligation to think about ensuring the health of the
Internet," he said. "If that means we need to get back in and do
more funding of research and development, if that means the federal
government has to be the lead deployer of new technologies to see
if they work, then I think we shouldn't shrink from that."