“I don’t need to kill you to get what I want.”
We read that Chinese hackers, once again, are poking around on U.S. government and corporate servers and stealing important data files related to national defense and patented inventions.
I am perplexed. As a computer professional, and a database specialist, I always immediately ask myself how they got in? And then I ask myself, how would I manage a data set that required a very, very high degree of security?
The answer is pretty simple. You don’t expose data like that to an external network.
In the simplest form, this kind of security can be implemented very easily. You locate the files, the applications, the data bases, configurations, libraries, code, whatever, on a local network. You don’t connect it to the internet. All the people working on your project have to be located within your physical network, that is, one or more buildings physically connected by network cable, and not connected to any external modem or line, and certainly without a wireless connection.
I would guess that, from the point of view of industry or government, this might be unacceptable in some way. Anyone working on almost any information technology would need to access the internet often. But what is “unacceptable”? Is opening your information systems to Chinese hackers “acceptable”?
How quickly could we get used to a new acceptable: when you work on a very important project that requires a high level of security, you get off the grid. That’s the way it is. The same way that scientists working in micro bacterial research now have to wear white suits, visors, and gloves and work in sealed rooms, in secure buildings.
I think it can be done. Inevitably, some scientists or engineers will need some information only available on the internet but that can easily be handled by having a physically isolated internet connection to a separate, non-networked computer in the same building. It’s not technically difficult to keep it separate from a LAN. If the information is copied or downloaded, it can be copied onto a flash drive and then transferred to the LAN. Then, even if an employee inadvertently downloaded a virus from the internet, it would have no effect. It won’t be able to connect to a mother ship. The flash drive could be reformatted before ever being used again for extra security. What’s so hard about that?
[It might be argued that all computers nowadays come with built-in wireless connectivity. But it is possible to build computers without it if there was a demand for it.]
I know: the engineers and scientists will insist they need immediate, continuous access to the internet. If you insist, and the government or industry accedes to this demand, they should quit whining about hackers stealing the data: you have made it available to them.
If you want to rent a car and drive to Italy and park it on the street, please don’t come to me with your crisis about someone stealing your GPS out of your glove compartment– I can tell you right now, that is what will happen. If you don’t like it, go somewhere else.
We have bigger problems with China. Today, the “Inside Washington” program with Gordon Peterson and gang decried the fact that the U.S. is not preparing for war with China. Even Mark Shields seemed to believe we should not be conducting war exercises with China while they are trying to steal our data.
I think he’s wrong. I think that is precisely what we should be doing: engaging China, developing relationships, sharing knowledge with them. If you prepare for war, you will have war. If you prepare for peace, you might not.
The great problem with China is caused by us. Walmart, especially, uses China as a vast pool of cheap labour to produce millions of trinkets to be sold cheaply at the mall outside of your town, thereby driving local businesses out of business and driving more and more American workers into minimum wage jobs supporting the dispersal of the products of Chinese productivity and providing the capital China needs to build a navy that can challenge the navy of the country they expect some day to go to war with, the United States. Apple has found a congenial home in China. All the big American corporations are drooling at the possibilities of a billion new customers. That is what drives U.S. foreign policy and anyone who pretends otherwise is running for president.
If you don’t want China to become big and powerful and rich, you will cut Walmart off at the knees. Walmart will then shift their production to Bangladesh or India or Mexico. Maybe a few jobs will come back to America.
Because both sides know two things. Firstly, there is not enough oil in the world for both the U.S. and a future China when it begins to catch up to American industrial might. Secondly, neither country has the moral or rational ability to say: let’s share.
If you don’t like the Internet, get off. I mean it. Who asked you on? Who the hell insisted that corporations should be able to store their data on public networks, advertise their products, and sell their services, online? Get off. Lock your LAN up. Disconnect. Use the telephone instead. Use the courier. Fax your information. Send it by carrier pigeon.
There is no divine ordinance that says that governments and corporations must be allowed to store their data on the internet and should expect that information to be secure.
Get off, get off, get off.
One More Thing
I just think I need to take a moment and remind everyone that Wolf Bitzer at CNN said this about Sarah Palin’s acceptance speech: “She hit one out of the park.”
Let’s not forget.