Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] Article: Agency Weighed, but Discarded, Plan Reconfiguring the Internet,
This article from 
has been sent to you by wiegold -!
- focus-r -
 de -

Agency Weighed, but Discarded, Plan Reconfiguring the Internet

November 22, 2002


The Pentagon research agency that is exploring how to
create a vast database of electronic transactions and
analyze them for potential terrorist activity considered
but rejected another surveillance idea: tagging Internet
data with unique personal markers to make anonymous use of
some parts of the Internet impossible. 

The idea, which was explored at a two-day workshop in
California in August, touched off an angry private dispute
among computer scientists and policy experts who had been
brought together to assess the implications of the

The plan, known as eDNA, called for developing a new
version of the Internet that would include enclaves where
it would be impossible to be anonymous while using the
network. The technology would have divided the Internet
into secure "public network highways," where a computer
user would have needed to be identified, and "private
network alleyways," which would not have required

Several people familiar with the eDNA discussions said such
secure areas might have first involved government employees
or law enforcement agencies, then been extended to
security-conscious organizations like financial
institutions, and after that been broadened even further. 

A description of the eDNA proposal that was sent to the 18
workshop participants read in part: "We envisage that all
network and client resources will maintain traces of user
eDNA so that the user can be uniquely identified as having
visited a Web site, having started a process or having sent
a packet. This way, the resources and those who use them
form a virtual `crime scene' that contains evidence about
the identity of the users, much the same way as a real
crime scene contains DNA traces of people." 

The proposal would have been one of a series of technology
initiatives that have been pursued by the Bush
administration for what it describes as part of the effort
to counter the potential for further terrorist attacks in
the Unites States. Those initiatives include a variety of
plans to trace and monitor the electronic activities of
United States citizens. 

In recent weeks another undertaking of the the Defense
Advanced Research Projects Agency, or Darpa, the Pentagon
research organization, has drawn sharp criticism for its
potential to undermine civil liberties. That project is
being headed by John M. Poindexter, the retired vice
admiral who served as national security adviser to
President Ronald Reagan. 

Dr. Poindexter returned to the Pentagon in January to
direct the research agency's Information Awareness Office,
created in the wake of the Sept. 11 attacks. That office
has been pursuing a surveillance system called Total
Information Awareness that would permit intelligence
analysts and law enforcement officials to mount a vast
dragnet through electronic transaction data ranging from
credit card information to veterinary records, in the
United States and internationally, to hunt for terrorists. 

In contrast, with eDNA the user would have needed to enter
a digital version of unique personal identifiers, like a
fingerprint or voice, in order to use the secure enclaves
of the network. That would have been turned into an
electronic signature that could have been appended to every
Internet message or activity and thus tracked back to its

The eDNA idea was originally envisioned in a private
brainstorming session that included the director of Darpa,
Dr. Tony Tether, and a number of computer researchers,
according to a person with intimate knowledge of the
proposal. At the meeting, this person said, Dr. Tether
asked why Internet attacks could not be traced back to
their point of origin, and was told that given the current
structure of the Internet, doing so was frequently not

The review of the proposal was financed by a second Darpa
unit, the Information Processing Technology Office. This
week a Darpa spokeswoman, Jan Walker, said the agency
planned no further financing for the idea. In explaining
the reason for the decision to finance the review in the
first place, Ms. Walker said the agency had been "intrigued
by the difficult computing science research involved in
creating network capabilities that would provide the same
levels of responsibility and accountability in cyberspace
as now exist in the physical world." 

Darpa awarded a $60,000 contract to SRI International, a
research concern based in Menlo Park, Calif., to
investigate the concept. SRI then convened the workshop in
August to evaluate its feasibility. 

The workshop brought together a group of respected computer
security researchers, including Whitfield Diffie of Sun
Microsystems and Matt Blaze of AT&T Labs; well-known
computer scientists like Roger Needham of Microsoft
Research in Cambridge, England; Michael Vatis, who headed
the National Infrastructure Protection Center during the
Clinton administration; and Marc Rotenberg, a privacy
expert from the Electronic Privacy Information Center. 

The workshop was led by Mr. Blaze and Dr. Victoria
Stavridou, an SRI computer scientist, one of those who had
originally discussed the eDNA concept with Darpa officials.

At the workshop, the idea was criticized by almost all the
participants, a number of them said, on both technical and
privacy grounds. Several computer experts said they
believed that it would not solve the problems it would be

"Before people demand more surveillance information, they
should be able to process the information they already
have," Mark Seiden, an independent computer security expert
who attended the workshop, said in an interview. "Almost
all of our failures to date have come from our inability to
use existing intelligence information." 

Several of the researchers told of a heated e-mail exchange
in September over how to represent the consensus of the
workshop in a report that was to be submitted to Darpa. At
one point, Mr. Blaze reported to the group that he had been
"fired" by Dr. Stavridou, of SRI, from his appointed role
of writing the report presenting that consensus. 

In e-mail messages, several participants said they believed
that Dr. Stavridou was hijacking the report and that the
group's consensus would not be reported to Darpa. 

"I've never seen such personal attacks," one participant
said in a subsequent telephone interview. 

In defending herself by e-mail, Dr. Stavridou told the
other panelists, "Darpa asked SRI to organize the meeting
because they have a deep interest in technology for
identifying network miscreants and revoking their network

In October, Dr. Stavridou traveled to Darpa headquarters in
Virginia and - after a teleconference from there that was
to have included Mr. Blaze, Mr. Rotenberg and Mr. Vatis was
canceled - later told the panelists by e-mail that she had
briefed several Darpa officials on her own about the
group's discussions. 

In that e-mail message, sent to the group on Oct. 15, she
reported that the Darpa officials had been impressed with
the panel's work and had told her that three Darpa offices,
including the Information Awareness Office, were interested
in pursuing the technology. 

This week, however, in response to a reporter's question,
Darpa said it had no plans to pursue the technology. And an
SRI spokeswoman, Alice Resnick, said yesterday, "SRI
informed Darpa that the costs and risks would outweigh any

Dr. Stavridou did not return phone calls asking for

For information on advertising in e-mail newsletters 
or other creative advertising opportunities with The 
New York Times on the Web, please contact
onlinesales -!
- nytimes -
 com or visit our online media 
kit at

For general information about, write to 
help -!
- nytimes -
 com -

Copyright 2002 The New York Times Company

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.