Home / Blogs

Trust, but Verify

By Paul Parisi Chief Technology Officer at DNSstuff.com

We are at an inflection point in our lifetimes. The Internet is broken, seriously broken. Why is it broken you ask? The root cause is trust, that there is trust built into the fabric of the Internet. Each “part” that works in the Internet trusts the other parts, think DNS, BGP and the like. When these were designed they were all designed in a framework where they could trust each other. I co-opted Ronald Reagan’s phrase of “trust but verify” for a previous company I started which was involved in corporate email forensics, that we should trust our corporate email users but be able to verify what is passing through that system.

Almost all of the systems currently in use on the Internet are based on implicit trust. This has to change. The problem is that these systems are so embedded in our everyday lives that it would be, sort of like, changing gravity, very difficult. There are many things that can be done and are being done, but the fact is they are almost all “band-aids” and do not really offer any substantial lurch forward. Or we could really fix it, how about we start with not allowing spoofed IP packets to be routed by ISP’s, this would go a long way toward reducing the risk, of course so would IPv6 and DNSSEC. But until something radical is done we should say “Houston, we have a problem”! So, as I said in a recent TV interview, if you are concerned about privacy, identity theft and the like, simply don’t use the Internet. I am out of time for now; I need to go check my bank balance…

By Paul Parisi, Chief Technology Officer at DNSstuff.com

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

Cybersecurity

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

DNS

Sponsored byDNIB.com

View All Topics