As part of our IBM Research Q&A series we sat down with Dr. Wietse Venema to talk about his induction into the ISSA Hall of Fame.
Dr. Wietse Venema, IBM Research’s authority on Internet security, has been inducted into the Information Systems Security Association’s Hall of Fame for lifetime achievements which include Postfix, the Coroner’s Toolkit and many other information security applications. In this interview, Dr. Venema talks about what inspired some of these tools, today’s security issues of the mobile Internet, and more.
Q. Your work on security goes back to 1990 with TCP Wrapper. How was web security approached at that time? Did TCP Wrapper defend networks against
threats that still exist today?
Wietse Venema: To set the scene, the worldwide web was not invented; the Internet connected mostly universities and large-company research labs. Firewalls were almost non-existent. Microsoft’s Windows did not have Internet support until four years later. And most “computer hackers” did not work for governments – or criminals.
As my early contribution to security, TCP Wrapper implemented a burglar alarm and firewall for server applications, at a time when firewalls were still exotic things, and people had no idea what was happening on their computer networks.
Even today, many server applications, including the SSH (secure shell) server, support TCP Wrapper rules that can block unwanted connections. However, most of today’s systems (both clients and servers) have a firewall built into the network protocol stack.
Q. Fast-forward to 1996, email was still a new technology to many. What particular issue inspired the Postfix mail server?
WV: UNIX was the dominant server platform, and Sendmail was the dominant mail server application. Originally developed 15 years earlier for a much friendlier network, Sendmail had a history of serious security holes that allowed hackers to take remote control over computer systems.
The rationale for work on Postfix was that a more secure infrastructure would make people more confident to use the Internet for e-business. And of course what’s good for e-business was also good for IBM.
Today, we’re banking, shopping, and tweeting on the web — and on the mobile web. Did this expansion of how the web is used introduce new security threats, or just new avenues for existing threats?
You have this computer in your hand that is more powerful than a desktop machine from 10 years ago, that is on the Internet all the time, and that you use for electronic payments for all kinds of
personal information, and nowadays even to access sensitive data at work.
Bringing all of this information together on the same device creates new opportunities — not only for legitimate users of those devices, but also for those with other intentions. Let’s suffice to say that a lot of work lies ahead of us to ensure that this great technology remains safe to use.
Q. How do you personally securely surf the web? Any tips for individuals to consider, beyond trusting off-the-shelf security software?
WV: Many (but not all) attacks take advantage of similarity. People are running the same versions of the same programs on the same operating systems and hardware platform. Many attacks target monocultures, and we know from biology how vulnerable a monoculture can be.
I rely on software diversity. I don’t use the exact same web browser as many other people, and I don’t use the exact same operating system as many other people. That doesn’t make me 100 percent secure but it makes the attacks more expensive, and that is all that really matters. In the past, I have also used different hardware from many other people, but it has become unaffordable.
We can also read about security breaches of large companies on a near-daily basis. What issues are businesses asking you and IBM Research about?
IBM Security Research is currently helping companies to find out where their valuable information is stored; how that information moves around; and what can be done to protect that information.
Just like your money does not sit in a safe all the time, valuable information does not sit in a database all the time. It moves around as people handle it as part of their jobs, and may end up in environments that have insufficient protection — whether by accident, or not.
Q. If we could start over and rebuild the web, how would you make it secure?
WV: That, unfortunately, is not just a technical problem. Our systems reflect the conflicting needs for performance, cost, ease of use, security, and many other needs from businesses, consumers, and other parts of society. Some of my work has shown “in the small” that a system can be secure, low in cost, easy to use, and perform, all at the same time.
To achieve security “in the large,” many people would need to agree on what course to take, while at the same time avoiding the problems that monocultures can bring.
Given the conflicting needs, making many people agree is hard. More often, one company goes out and leads by example. IBM is in a good position to do such things.
Coming back to the question, I don’t think that the Internet will ever be rebuilt. Instead, every four years or so we have been putting another layer of functionality on top what already exists – social
networking being the most recent one. With each new layer comes new benefits and risks that we must learn to live with.
The net grows in layers just like the large cities of ancient civilizations.