On Cyber-Security And Big Brother, From An Internet Founding Father
You probably have never heard of French engineer Louis Pouzin. But you might not be reading this website without him. At 82, he offers a unique perspective on Edward Snowden, and us all.
Under the roof of Buckingham Palace, in front of the British prime minister and from the hands of the Queen herself, Louis Pouzin received the 2013 Queen Elizabeth Prize for Engineering last month. Louis who, you say? Pouzin, an 82-year-old French-born and educated engineer and polytechnician(from the famed École Polytechnique).
While the Frenchman remains virtually unknown, in the 1970s he created a technique essential to the development of the global network we now call the Internet. From 1971 to 1975, Pouzin directed a network project called Cyclades, and during that time invented what's known as a datagram. This technology allowed a user to send data packets as a whole by allowing them to travel separately, only to meet as a whole again on the other end. The idea seemed promising at the time, but even he admits that he didn’t expect the Internet to have the global reach it does.
"The concept was to simply exchange data between scientists," he says.
A few years later, as French President Valéry Giscard d’Estaing came to power, research priorities changed and funding to his laboratory was cut.
That could have been the end of it. But his technique was picked up by two Americans, Robert Kahn and Vinton Cerf, who developed what we now call the Internet. After that, a British man, Tim Berners-Lee, created the World Wide Web and another American launched a browser called Mosaic. The invention then became available for large audiences. Together, the five men set the foundations of what has been a constant and unstoppable information revolution for 25 years. On June 25, they were reunited so they could all receive this year's Queen Elizabeth million-pound Prize for Engineering.
The good pioneer that he is, Pouzin couldn’t just sit back and enjoy his 40-year-old invention. He has created a start-up business (more on that later) to address some of what he regards as the Internet's inherent weaknesses. Lack of security is particularly troubling to him, and it's even more bothersome since the vast U.S. National Security Agency's cyber-surveillance PRISM operation came to light last month following the revelations of former operative Edward Snowden.
“I’ve known about this since 2005," he says. "The NSA created an industrial system as soon as 2002 to copy whatever was circulating on the network, and they used to do that with the help of AT&T. But back in 2005, an AT&T engineer talked to The New York Times.” No one took a stand at the time.
"It was the Bush years," Pouzin recalls. "When Obama’s team stepped in, they not only kept this thing going, but voted laws to retroactively clear all the collaborating companies. The senators act as if they were oblivious to this practice, but they knew. The information was out, but no one wanted to speak up."
Of course, the United States is not the only country to use cyber-surveillance. Pouzin reminds us that France sold the company Amesys, which created the original espionage software used by Muammar Gaddafi’s Libyan regime. He estimates that some 50 countries have carried out similar "Big Brother" operations.
"We'll deal with that later..."
Mafias can also carry out large-scale fraud by exploiting the flaws of the Internet. "The Internet was first conceived without security measures," Pouzin says. "The idea of it being used by crooks was marginal. We used to say, "We'll deal with that later." There never seemed to be any urgency."
To fix the situation, the engineer suggests a global collaboration to create common standards, including a security layer. "What we need is a communal tool box in which everyone could help himself," he says. "It would be mandatory to show clean hands to be granted access."
He denounces the use of certificates. These ID keys are on every computer and supposedly can’t be breached. They secure the user’s data by identifying him. "Most of the time, you receive certificates without knowing — from Microsoft, for instance. This is why you get an alert saying: "Your certificates have expired. Do you want to continue?" Almost everyone answers "yes." The problem is they are defined by American sources. It’s very hard to check whether they are legitimate.”
Pouzin doesn’t believe there is a global conspiracy orchestrated by the U.S., but he does think the U.S. has too much control over the global network. One example is the Internet Corporation for Assigned Names and Numbers (ICANN), the American company that owns the monopoly of domain names on the Internet.
"In theory, nothing stops you from creating any kind of domain name such as .lemonde, for instance," he says. But ICANN is reluctant, and about that Pouzin is critical. The idea of submitting new names was approved in 2008, but it is not always implemented.
Pouzin is also circumspect about international Internet norms as defined by the Internet Engineering Task Force (IETF). "Eighty percent of those norms are carried out by engineers working for American companies. It doesn’t mean those standards are bad, but it means they have a commercial advantage." It is in the interest of challenging this domination that Pouzin created Open-Root, a start-up company that allows users to create domain names outside of ICANN's offerings.
In other words, 40 years after his invention, Pouzin the engineer remains true to his calling.