'Father of the Internet' Vint Cerf advocates for stronger encryption technology
| Washington
When it comes to cybersecurity, one of the fathers of the Internet has a lot to say. And topping his list: 鈥淲e need more of it.鈥
Hackings make headlines for major companies, corporations, and governments worldwide. Passwords get stolen every day. Even Google was hacked in 2010. No one is completely impenetrable, according to Google鈥檚 Chief Internet Evangelist Vint Cerf. But that doesn鈥檛 mean protection isn鈥檛 worth the effort.
鈥淲hat is really needed is to take steps to improve the safety and security of the Internet,鈥 Mr. Cerf says. 鈥淲e know how to do that, and I mean we as the Internet community. We just have to keep busy and really do it.鈥澨
Speaking about the growth of Internet connected devices at the National Press Club in Washington on Monday, Cerf said that although freedom of expression is a fundamental right, there are two more equally essential freedoms he wants to preserve: freedom of access and freedom from harm. 鈥淯nless people feel that they are safe in using the Internet, than they will not use it.鈥
鈥淚t鈥檚 essential that we do everything we can to protect people鈥 from cyber threats, said Cerf, who is considered a founder of the Internet for his work on ARPANet, the Pentagon's early version of the Internet. He helped turn the Internet 鈥渙n,鈥 on Jan. 1, 1983.
鈥淲e are all for responsible for improving the safety and security of the Internet. Your own choices, your practices [and] the practices of Internet service providers are all part of the fabric that we have to maintain,鈥 Cerf said. 鈥淭he things that you do to protect your own safety and security and privacy affect me, too, because if you don鈥檛 do a good job of it, you become an avenue through which phishing attacks can be made.鈥
He recommends two-factor authentication as a strategy for ensuring that even if a password is stolen or uncovered, access can be restricted. It works by requiring a secondary real-time password or code for entry, either generated by a small device, or sent to a mobile phone. 鈥淚t means that [even] if somebody got your username and password, they can鈥檛 gain entry,鈥 Cerf said.
He also advocates strict encryption protocols. 鈥淵our laptop should be encrypted, your disk drive should be encrypted, your mobile should be encrypted."
Another recommendation: Using HTTPS for Web browsing.听鈥淭he purpose behind it is to encrypt the traffic between you 鈥 your desktop, laptop, mobile, tablet 鈥 and the server on the other end. Google, in my case,鈥 Cerf said. 鈥淎nd so the idea here is that everyone should be making use of this, so that while you鈥檙e using Web-based applications, the information is kept in encrypted form.鈥澨
But protection at one level does not solve the problem. Internet protocol听addresses can be faked so that something looks like it鈥檚 coming from one place when it鈥檚 really coming from another. E-mail can be compromised. 鈥淲e have to put prevention into various layers of the system, using various 鈥 technologies,鈥 Cerf says. 鈥淎nd each layer and each provider of service at those layers has a responsibility, just as we do at Google.鈥
Expecting the government to be able to build policy that鈥檚 functionally appropriate is not practical, he said. 鈥淚 am a strong believer that the government should step away from this special responsibility or authority and return it to the community which has created and operated the Internet since its inception.鈥
The private sector, tech community, academic community, and governments should share in the task, he said: 鈥淥ur job as technologists is to try to be helpful, to provide clear enough explanations for how this stuff works so that when the policy gets developed, it actually is implementable and makes sense.鈥
听
