To Be Or Not To Be...Anonymous


Online anonymity is undoubtedly a two-edged sword. On the one hand, it ensures that people can express their opinions freely, but on the other it allows some to abuse that freedom by posting untrue, abusive or inflammatory material.

So far, a kind of pragmatic balance has been struck between the two competing demands for total anonymity and total traceability. But according to this report, some are pushing for a shift towards traceability:

A United Nations agency is quietly drafting technical standards, proposed by the Chinese government, to define methods of tracing the original source of Internet communications and potentially curbing the ability of users to remain anonymous.

The U.S. National Security Agency is also participating in the "IP Traceback" drafting group, named Q6/17, which is meeting next week in Geneva to work on the traceback proposal. Members of Q6/17 have declined to release key documents, and meetings are closed to the public.

Just why this could be problematic, to say the least, emerges from a document leaked to the computer scientist Steve Bellovin, which justifies this kind of abiility as follows:

A political opponent to a government publishes articles putting the government in an unfavorable light. The government, having a law against any opposition, tries to identify the source of the negative articles but the articles having been published via a proxy server, is unable to do so protecting the anonymity of the author.

Bellovin's post also has an interesting refutation to the argument that we need “IP traceability” to track down those behind Internet attacks:

First, very few attacks these days use spoofed source addresses; the real IP address already tells you where the attack is coming from. Second, in case of a DDoS attack, there are too many sources; you can't do anything with the information. Third, the machine attacking you is almost certainly someone else's hacked machine and tracking them down (and getting them to clean it up) is itself time-consuming.

Given that there are no real technical grounds for the move, the only reason anyone might demand traceability is to smother dissent – which is also a pretty good reason to resist it, even in these early stages. We already have enough abuse of technology on the grounds of “security” in this country, without needing to add an international dimension.

Find your next job with computerworld UK jobs