back to article Kaspersky defends 'unworkable' web passports

Flamboyant anti-virus guru Eugene Kaspersky has defended his controversial internet passport plans. Kaspersky, chief exec of malware exterminators Kaspersky Lab, first outlined plans to mandate use of a hardware token-based passport to get online around two years ago. The scheme is designed to deter abusive use of internet …


This topic is closed for new posts.
  1. Fuh Quit
    Thumb Down

    This would be like the TSA for the Internet

    Bad guys don't play to our rules. So here's what'll happen:

    1. The majority of Internet users will be penalised

    2. The bad guys will continue to get away with their crimes

    3. If it becomes reality, trade in such "IDs" will be great. Stolen or just sold by the "owner"

    4. Let's face it, the web of trust in something "simple" like TLS is crumbling. If we can't make HTTPS work perfectly, how in buggary are we going to get hundreds of jurisdictions to mandate the uptake of such a scheme? How would it be protected from abuse?

    Fail, whale.

  2. Anonymous Coward
    Anonymous Coward

    I actually agree with Kaspersky's argument.

    Oh, wait, my mistake, they're all rubbish.

    An "Internet Passport" will just create another kind of underground market.

    Dancho Danchev is, in my mind, one of the most intelligent cyber-crime bloggers and researchers, and his arguments against Kaspersky's ridiculous scheme are far more eloquent than mine ever could be.

    The cat is out of the box now, and putting it back in just will not happen. I'm sorry if Kasperky's regrets that the internet is now free-to-all, but that's just the way it is. Eternal September isn't going to go away.

    *AC puts on sunglasses*

    Deal with it.

  3. jubtastic1

    All your base

    Its not about whether it will work or not (it won't, for fairly obvious reasons), it's about an Industry with an uncertain future*, creating a new profit centre that's so irresistible to the omnipotent ambitions of western governments, they're likely to make it mandatory.

    To paraphrase the BOFH, you can't help but admire the sheer balls of it.

    * that would be the AV industry, Android offers sales for them in the short term, but the trend on OS X and Windows is about locking everything down to such a degree that AV products can do little more than check themselves for infection, in the long term, I'd expect Amazon to essentially fork Android to provide a similar 'safe' experience**.

    ** for a given value of 'safe'.

  4. Big Al

    So who...

    ... would be managing the necessary database(s) of Internet users?

    Surely not governments, who famously can't keep hold of data?

    Or major corporations, who famously want it for their own commercial ends?

    Or idealistic IT types, who have trouble even on agreeing what kind of domain suffixes should be allowed?

    So... who?

    And even if we can understand who, how would THEY be secured, why should we trust them, and how (and by whom) would they be selected?

  5. BristolBachelor Gold badge

    Fail Fail Fail

    This is fine in a world where people don't use Windows, IE, Adobe Flash and Adobe Reader. All you need to do is click 1 link (or open an email) and someone else effectively owns your passport. All their mis-doings will be redirected from your computer, and you will get the blame for it all.

    Oh, and the best thing is that since it was _your_ passport, _you_ are guilty. Go straight to Guantanamo bay, do not collect £200.

    I would be worried if I used any products from this company, if their chief exec is such a thick-as-2-short-planks fuckwit.

  6. Anonymous Coward
    Anonymous Coward

    "Driver's licence for free speech"

    Technical quibble: A driver's licence is (ostensibly) about having the basic technical prowess to not unduly endanger fellow users of the road. You could argue that there shouldn't be a name on it, or at least that plod wouldn't be allowed to do anything with that name unless there's been an accident that needs a name to assign the blame. Of course that isn't how it works in practice, but strictly speaking that's administrative lazyness. The justification is in having to show you can drive well enough to be allowed to drive. Yes, that's splitting hairs but the difference might turn out to be important in this discussion, so please keep it in mind. Anyhow.

    So, is he doing a "thinking of the children" moral panic? 'twould be sad to see an IT professional --you'd think such a someone would know better-- go down that path. Or is he just trying to sell a corporatise-the-world "security" solution?

    Personally I dislike "impossible" counter-arguments; we've seen time and again that very few things turn out to be flat-out impossible, though with enough care they'll turn out intractable for the foreseeable future for a fair application to all, ie there will be holes, it won't be perfect, it won't work very well. But something can always be made to work given a sufficiently small scale (which might not be all that small: China being a point in case) and for some that is enough argument to ignore "impossible" objections.

    To me the salient point is that pinning down everyone, everywhere, everywhen, with that one state-issued "identity" tag, isn't just a bad idea, unworkable, or any such objection. It is something we should not desire. In fact it is something we cannot have without making a mockery of our freedoms.

    In this respect ardent proposers of schemes like this are, quite simply and just to return the favour of unduly labeling people, haters of freedom. And then it suddenly becomes really interesting to see which politicians buy into, say, this guy's arguments.

  7. Anonymous Coward
    Anonymous Coward

    The global police state is coming...

    "Attempts to banish anonymity from the internet won't affect those savvy enough to bypass it, would cost billions, and would have only a negligible effect on security,"

    The same is true about the real passports, isn't it? The savvy criminals use forged or stolen passports. This hasn't prevented the governments from mandating passports for their citizens, because it means that the vast majority of people are more easily monitored and controlled.

    Which is precisely why something like this WILL be made mandatory on the Internet. Not because it will stop the criminals (it won't) - but because it will allow the governments to suppress dissenters and wikileakers better.

  8. Tchou

    "Security" firms..

    are just trying to appear more indispensable than they really are. Passports would be a new source of revenue for them, nothing more.

    Their marketing made you believe they are trustworthy. Maybe they are not.

  9. Kubla Cant Silver badge
    Thumb Down

    We've been here before

    Just dig out all the objections to the dead, unlamented ID card scheme and scale them up to reflect the world population rather than that of the UK.

  10. Anonymous Coward
    Anonymous Coward

    Great thinking

    I mean no governments would ever, ever abuse such a system for their own gain or to shut down shouty dissenting types, would they?

  11. David Pollard

    Keep him away from the EU !

    To the mindset of control-freak bureaucrats this would be perfection.

  12. Anonymous Coward
    Anonymous Coward

    Only the rich want to control things

    Once you are at the top of your game in life then the next goal is to control other peoples lives.

    That is how it goes when you are at the top of the economic food chain.

  13. Captain TickTock
    Thumb Down

    Works so well for telephony...

    doesn't it?

  14. Dan 55 Silver badge

    Well he would defend his ludicrous idea without blinking

    This is from the antivirus vender whose antivirus manages to break Windows Update.

  15. Robert Carnegie Silver badge

    Oh, those Russians!

  16. Anonymous Coward
    Anonymous Coward

    Actually, it is doable - his idea isn't that bad

    Most of the commentards confuse ID with privacy. You can have an ID without going naked on the Net. The challenge lies in what that ID represents, and that problem has already been solved in another field (a bit of a side effect of what I was doing).

    I've emailed him and had a response - let's see where this goes.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020