Former FBI Agent Calls for a Second Internet

An anonymous reader writes "Former FBI Agent Patrick J. Dempsey warns that the Internet has become a sanctuary for cyber criminals and the only way to rectify this is to create a second, more secure Internet. Dempsey explains that, in order to successfully fight cyber crime, law enforcement officials need to move much faster than average investigators and cooperate with international law enforcement officials. The problem is various legal systems are unprepared for the fight, which is why he claims we must change the structure of the Internet."

Re:That annoying "internets" word will be real!

[Solder Fumes]

There are already two.

Re:In other words ...

[TubeSteak]

It doesn't seem like you understood what he actually said.

"the problem with investigating international cyber crimes and capturing criminals on the Internet ... has much more to do with the fact that the legal systems throughout the world vary greatly and take a very long time to change."

He's complaining that the rest of the world's laws are the stumbling block, not the USA's incompetence.

That said, I agree with your conclusion.

Re:Also...

[antdude]

Why is there an astrophe in wants? :P

Re:Typical government reaction

[slashname3]

Of course elected and appointed officials are real criminals. Mark Twain said it best,

"It could probably be shown by facts and figures that there is no distinctly American criminal class except Congress." --Mark Twain ...

Re:Security is impossible

[oodaloop]

Funny thing is, we already HAVE a secure internet. It's called SIPRNET (Secret Internet Protocol Router Network). It's a massive secure global intranet totally separate from the internet that the government and military use for Secret-level and below information. Then there's JWICS (Joint Worldwide Intelligence Communications System) for Top Secret and below, which is even bigger and more secure. They both have plenty of problems, but spammers, hackers, etc are not among them. I have one of each of them on my desk right now at work, plus a few others. If the FBI really wanted a new secure network, they could start with the SIPRNET boxes they already have and improve it.

Re:VPN

[LiENUS]

requiring convicted criminals to use a vpn would be a step in the right direction.

What? I fail to see how this is a step in the right direction no matter what your position is. Yes require convicted criminals to encrypt their traffic so as to make spying on them harder. This has two problems. A) you're suggesting they encrypt their traffic so its harder to spy on them and B) how do you enforce this? (and why for that matter would you?!)

'spying' on what people do over the net is really the only way to catch the criminals in the act.

It's also a great way to dig up dirt on those likely to vote against you so you can ruin their lives. We could probably even convince their own kids to do this through rigorous propaganda programs. Maybe even reward kids for turning in their parents.

if i had another billion dollars, I'd wager that in 10 years banks will process checks the way wal-mart does now, before they hand the user any money, and before they can 'wire' the money to another bank account, the original account is checked for the money, and the check is scanned by the computer for identifying marks, that can verify it as original. taking 3 days to verify a cashiers check just doesn't cut it when that's what check cashing fraud scams are banking on.

My bank does this now. I thought all banks did this actually as of 2003 or so.

Self-authenticating identifiers!

[jhantin]

If the data is anonymous, how do you verify its integrity?

If the identifier for a block of data is a hash of the data [freenetproject.org], you can verify its integrity without knowing a hill of beans about who or where it came from.

If the link pointing to a secured, anonymous site [torproject.org] is a hash of the site's public key, you can verify that the site you're talking to can use the corresponding private key, which is the same thing SSL buys you. The high-priced "secure site certificates" just certify that the owner of $DNS_NAME also owns $PUBLIC_KEY; if you got a self-authenticating link from another web site you trust, the level of assurance is comparable.

If the algorithms that underpin this stuff are broken then the whole digital security house of cards is toast, including "High Assurance SSL Certificates" [verisign.com] (Now with green pixel paint for your clients' address bars! Sorry, cross-site scripting protection not included [oreillynet.com].)

We already have a second internet

[rtobyr]

Although it isn't what this guy is looking for, we do have SIPRNet [wikipedia.org].