Peer-produced security of my router login

My router login security

The idea of applying the model of peer production to counter some of the Internet security challenges is as intriguing and consequential as it is counter-historical, strange, and naive. It is intriguing, because the approach to my router login could ameliorate the long-lasting democratic deficiencies of traditional security organisations, by putting security back into the hand of the people.

It is naïve, since the peer production of security would equal a transfer of power away from traditional security organisations to some potentially uncontrolled self-governed networks or communities. It is naïve too as foreign policy elites, at least in the US, have seen the Internet as a strategic resource for national power in International politics (Schmidt 2004).

The recent leaks on the NSA/GCHQ Internet surveillance programs only underline this argument. Furthermore, theorists of the liberal democratic state would probably either laugh or cringe at the idea of incumbent elites voluntarily accepting a partial power vacuum or permanent transfer to another player in a new security domain created by the rise of the Internet.

And yet, the very rise of the concept of security governance for my router login indicates that states play a different, arguably lesser role in the security domain than in previous decades. The neoliberal turn in international security has nurtured the rise of new private security companies.

It is far from clear whether or not the empowerment of the individual and of self-organized groups has, does, could or will leave its marks in the organisation of Internet security provisioning. Irrespective of such theoretical ruminating or empirical observations of an increased role of the state in dealing with the broad Internet security complex, there is at the same time the somewhat opposite phenomenon of a vivid self-organised network of Internet security experts, freely sharing information, knowledge and resources to effectively address Internet security problems.

This kind of collaboration appears to have some of the characteristics of networked governance, of peer production or open source production. Phishtank is a collaborative, open effort to gather and provide information on the latest phishing attacks. Whois is a publicly accessible database linked to domain name registries that contains contact information for every registrant.

In the eyes of many Internet security pundits, its openness makes it an indispensable resource for countering and mitigating current Internet security problems of my router login. Distinct Internet incidents like the advent of a new botnet or large-scale attacks on a single country’s Internet resources are addressed by expert communities, by bottom-up networks of individual actors and groups.

A group of “unsung heroes save[d the] net from chaos” and re-established its functionality briefly after a substantial part of the Internet traffic was routed to unintended destinations.5 In 2011, the free service was launched. Security experts can send files potentially containing malicious code to the service and receive an automated analysis of the capabilities and features of the submitted malware.

More significant though for this research project is the collaboration among Internet security experts. They share intelligence information on recent attacks, data on the current health status of the Internet, information about current malware, viruses, phishing attacks and botnet infrastructures; they create, host, and use tools for operational and intelligence work.

Thus, by sharing information, knowledge and tools, they help to improve the overall technical security of the Internet. At first sight, these collaborative efforts have a strong resemblance to the way in which open source software is produced. Hence, can Internet security be produced in the same way as its core technical foundations and software?

There seem to be differences, as access to these incident response networks seems to be restricted to persons employed by certain organisations.



TOPlist TOPlist VIPLOG database valid