Arming the guards

Online security is on everyone’s minds these days and for a good reason: This ain’t your father’s Internet anymore.

If I had to compare today’s Internet with a city, I think I would choose Los Angeles. This is because L.A., even to the most jaundiced palette, is undeniably weird.

L.A. is made up of lots of separate areas – clusters of industrial zones, clumps of “power” architecture buildings for Fortune 1000 companies, a few really wealthy neighborhoods, loads of strip malls and a seemingly endless sea of suburbia. And the whole mess goes on forever.

To beat the analogy to death, on the Internet each of these areas corresponds to the registrars/ISPs/infrastructure organizations, the big online businesses, the small online businesses and the millions of consumers. And just as L.A. swims through a miasma of air pollution, everyone on the ‘Net is bathed in a fog of spam.

In L.A., just as on the ‘Net, there are huge opportunities. But there are also huge risks and, unlike L.A., there’s no real police force. So if there is no effective law enforcement and, indeed, hardly any laws that can be enforced, what do you do?

You could rely on the company that built your dwelling to deliver a safe, sturdy structure, but we have learned the hard way that certain construction companies have neglected to put catches on the Windows or have installed faulty locks.

You can add all sorts of extra protections and, if you are really serious about security, you could post a security guard. But should the guard be armed?

In the real world it might seem like a good idea to give your rent-a-cop a big noisy gun, but in L.A. it is common wisdom that if you shoot someone you must ensure that a) it is the right someone and b) you shoot them dead.

Apparently in California should you wound and/or incapacitate someone in self-defense you might be sued even if he was on your property, in your bedroom in the middle of the night and wearing a stocking over his head. Go figure. In Texas I understand that such intruders are considered fair game and if you don’t kill them the authorities will take them away and do it for you. But I digress . . .

On the ‘Net the guards are firewalls and intrusion-detection systems (IDS). But I just read about an IDS that effectively gives your guard some serious weaponry. The product, from Symbiot, is called iSIMs. The basic features of iSIMs are way cool and include what the company calls Graduated Response – a selection of standard countermeasures that include techniques such as traffic blocking, rate-limiting, honey pots, simulated responses and quarantining. So far, so good.

But things get a little iffy in the features that provide what are essentially “black hat” techniques such as Reflection (sending attackers’ packets back at them), Invasive Techniques (“obtaining access privileges on the attacker’s system, and then pursuing a strategy of disabling, destroying or seizing control over the attacking assets”) and Counterstrikes (“sending exploits and other attacks which are specific to vulnerabilities on the attacker’s system”). Symbiot explains, “This retaliation could be far in excess of the attack that the aggressor has underway.”

Symbiot also notes that it is “evaluating the legal aspects of these more aggressive countermeasures” and that it plans to provide these features only for “authorized deployments” – whatever that means.

I suspect that more than a few of you are muttering “let me at it!” While the John Wayne impulse is appealing, we have to be careful. For example, what happens when you make a mistake? You go to shoot the intruder and miss and the bullet goes through the window and wipes out a neighbor?

And what happens when you don’t kill intruders and they turn around and sue you? In that case you’d better hope the Internet is more like Texas and less like L.A.

Geographic analogies to backspin@gibbs.com