Security

Want privacy? Build a new Internet

Image Credit: Shutterstock

The Internet was simply not designed with privacy in mind.

We don’t have to look much further than the continued cybersecurity revelations to prove that state-run agencies and hackers alike continue to carjack the Information Superhighway.

And as we work to make the Internet integrate deeper into our personal and professional lives, it is time to recognize the importance privacy must play; as such, it is dependent on us to create a Web where the browser reigns supreme and servers, rather than acting as data repositories, are mere functionaries.

If we want to respect privacy on the Web, we must redesign it. There is no other way.

Internet innocence lost

The web should come with a disclaimer: Don’t trust me.

Last year, hackers stole 12 million passwords and breached nearly 30 million accounts from sites including Apple, Twitter and LinkedIn. Nation-state agencies went around the encryption of banks, medical records, phone calls on 4G networks and emails. And as has now been fully reported, the NSA tapped fiberoptic cables of companies including Google and Yahoo, creating an unbeknownst “backdoor,” according to recent reports. And then, of course, several companies willingly shared user information with the NSA.

It’s harvest time, and plain text is the bounty. Most online applications store user passwords in plain text. Even when encrypted, data located in a cloud storage system can easily be decrypted by anyone with access to the encryption keys (the user password). Hackers break into servers to make quick use of plain-text passwords, rogue employees pluck passwords from their own databases, and the government can expect to receive passwords if it asks for them.

The secure socket layer (SSL) that protects data in transit isn’t foolproof, either. SSL generates a certificate stating that source code is coming from a verified server. “Man in the middle” attackers, for example, buck the system by controlling a user’s network or DNS. Browsers then go through the attacker’s proxy, decrypting all communications with the real Gmail, Yahoo, or other website.

Mobile complicates the equation

The proliferation of mobile apps provides new opportunities to break web cryptography. Developers today are coding for small screens first. This “mobile-first” development is driving web pages to act more like apps. Developers now can build a web app once — in an open-standards language like HTML5 and JavaScript — and package it for deployment on iOS, Android, and other mobile platforms. We are now seeing browsers becoming nearly as sophisticated as the operating systems they run on top of.

A sophisticated ecosystem leads to new inroads for intruders. For several years, a hidden vulnerability in Android 1.6 let intruders create malicious versions of real Android apps without systems or individual users noticing. Other security holes let hackers do everything from remove device locks to transfer Bluetooth phonebook information. The opportunities are abundant, and a counter-movement is needed.

Fighting the good fight

Everything from our bank account information to medical records to the thermostats in our homes is now online. Soon this will spill out to anything with an on/off switch. We have no choice but to make the connected environment a safer place.

For developers, the name of the game is: How can we leverage this new medium while also making it safe to use? Developers must be aware of exactly what they’re protecting, and against whom, so that applications live up to the promised levels of security. The faster developers participate in the movement to build the new, private Internet, the more quickly users can benefit from this heightened privacy approach.

The gears are already in motion to construct a new kind of web. Some app providers are building websites and apps with a “privacy-first” orientation. They put cryptography at the core of an app or site, so that apps barely share any information at all with servers. It’s an important way of circumventing the plain-text problem.

Another important effort is the un-hosted movement. Here, apps operate primarily on a peer-to-peer basis, with data encrypted at the platform level. Servers are little more than traffic lights, establishing and routing connections between devices and browsers. Real-time communication (for example WebRTC) lets users broadcast, record and videoconference without server intervention, except to negotiate a path from user A’s browser to user B’s browser in a “peer-to-peer” fashion.

For data in transit, content security policy (CSP) is a new way of keeping people from spoofing a site. It lets users lock down websites so that only specific sites or servers can provide images, scripts, and other assets to a site. On the browser level, X-Frame headers regulate where and how websites can display pages. Chrome is further examining with features that will allow the browser to verify the JavaScript that is loaded by web pages to ensure it is coming from the correct source.

Building the private web

This patchwork of efforts is fertilizing the movement towards online privacy by design. When developers push the community and browser vendors to work on better mechanisms to make apps more trustworthy, and companies conform to all available Web security standards, we’ll have made great strides towards a more private Internet. As for users—the old adage of “buyer beware” has never been more true than it is today, on the Internet. And even more confusing, we are told it is all free.

Ethan Oberman is CEO of security company SpiderOak.