Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Books Security The Internet Book Reviews

Book Review: The Death of the Internet 102

benrothke writes "When I first heard about the book The Death of the Internet, it had all the trappings of a second-rate book; a histrionic title and the fact that it had nearly 50 contributors. I have seen far too many books that are pasted together by myriad disparate authors, creating a jerry-rigged book with an ISBN, but little value or substance. The only negative thing about the book is the over the top title, which I think detracts from the important message that is pervasive in it. Other than that, the book is a fascinating read. Editor Markus Jakobsson (Principal Scientist for Consumer Security at PayPal) was able to take the collected wisdom from a large cross-section of expert researchers and engineers, from different countries and nationalities, academic and corporate environments, and create an invaluable and unique reference." Read below for the rest of Ben's review.
The Death of the Internet
author Markus Jakobsson
pages 392
publisher Wiley-IEEE Computer Society Press
rating 9/10
reviewer benrothke
ISBN 978-1118062418
summary Excellent reference on current Internet security threats
The premise of the book is that the Internet is a cesspool of inefficient management and vulnerabilities that threaten to undermine its use.

In the preface, Jakobsson asks the obvious question: is the title a joke? He writes that ultimately, if the Internet can't be secured, and that the underlying amount of crime and fraud make the Internet useless and dangerous, then it indeed will lead to the tipping point where the result would be the death of the Internet. Where is that point? Nobody knows.

Chapter 1 observes that if a hostile country or organization wants to hurt us, they may find that the easiest way of doing so is by attacking the Internet, and our very dependence on the Internet invites attacks. We are more vulnerable to these attacks as our dependence on the Internet grows.

Chapter 3 provides an in-depth look at how criminals profit off the Internet and provides an intriguing overview of how click fraud works. While the click fraud rate at one point was as high as 30%, it is still in the range of 20%. The book notes that while the overall click fraud rate has been on the decline, there is the emergence of new schemes and those that focus on display ads. The click fraud schemes are so effective that the fraudsters are operating large scale automated attacks in a way that is difficult for the ad networks to distinguish between fraudulent and real clicks, thus producing high revenue for the fraudsters.

The chapter also provides an interesting look at the malware industry. It notes that malware development and distribution is highly organized and controlled by criminal groups that have formalized and implemented business models to automate cybercrime. The authors detail the interaction between the various components in a typical cybercrime business model, in which individual groups of criminals coordinate their efforts. The outcome is a product known as CaaS – crimeware as a service.

Many have often called the Internet the Wild West. Chapter 4 details the Internet infrastructure and cloud, in which the amorphous cloud images may help fuel the false perception that the Internet is a lawless and unaccountable entity that exists beyond policy. The book notes that what is breaking the Internet is not lack of policy, but lack of enforcement and accountability. Internet criminals appears to exists outside the policy structure when the reality is that they are embedded in it and their livelihood in fact depends on the Internet functioning regularly, quickly and efficiently.

While much of the book is focused on cybercrime and fraud, the book also points fingers at ICANN (Internet Corporation for Assigned Names and Numbers) for in some ways facilitating this Internet crime wave. ICANN is the organization that coordinates the Domain Name System (DNS), Internet Protocol (IP) addresses, space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD) Top-Level Domain name system management, and root server system management functions. Their premise is that ICANN is more interested in generating revenue and profits than in security.

Due to systemic failures, cybercriminals often hide behind false WHOIS information held by Registrars who do not perform adequate due diligence or enforcement. This is primarily due to the fact that the more domain names that are sold create more revenue for the Registrars. Chapter 4 notes that this weak oversight by ICANN is also one of the biggest threats to the stability of the Internet. The chapter quotes a Godaddy executive who stated that proactive measures to make Internet registries more accurate would not be affordable or useful.

The book provides an analysis of social spam, which has become more pervasive with the emergence of Web 2.0. People are sharing vast amounts of personal data that opens them to these spam attacks. Since the defining characteristic of Web 2.0 is its social nature, it encourages people to share information, collaborate and form social links. These features of social media have the implication that they create a large network of connections between users and content that is controlled almost entirely by the users. This places great power in the hands of well-intentioned users to engage with others and express themselves. But it also provides an opportunity for spammers to exploit the social web for their own interests. As a result, social web applications have become tempting targets for spam and other forms of Internet pollution.

Another fascinating observation around Web 2.0 is that the authors were able to perform use analysis, in which they were able to identify pieces of information about the users which are not necessarily shared directly by their profiles. Items such as sleeping patterns, daily routines, physical locations, and much more are able to be extracted via metadata and other external analysis.

By the time one gets to chapter 5, they have read 200 pages detailing the problems with security and privacy around the Internet core. Exacerbating this is the role of the end user where the chapter notes that if people are offered the choice of convenience or security, then security will lose. The average Internet user is more lazy than security aware; not at all an encouraging observation.

Chapter 7 details one of the banes that have plagued information security; poor user interfaces. It details the four sins of security application user interfaces: popup assault, security by verbosity, walls of checkboxes and all or nothing switches. The book is worth purchasing just for this section.

The book ends with some thoughts for the future, but there is no magic wand or quick happy endings that Jakobsson and his band of ultra-smart contributors offer. Throughout the book, the contributors do though write how there are ways to secure the Internet, but those take thorough and comprehensive strategies and design. There are countermeasures for most of the threats and vulnerabilities detailed and the book provides an unparalleled view of the current state of Internet security.

Situational awarenessis defined as the perception of environmental elements with respect to time and/or space, the comprehension of their meaning, and the projection of their status after some variable has changed. For those looking for a book to gain situation awareness about the dangers of the Internet, one is hard pressed to find a better title than The Death of the Internet.

Reviewed by Ben Rothke.

You can purchase The Death of the Internet from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
This discussion has been archived. No new comments can be posted.

Book Review: The Death of the Internet

Comments Filter:
  • bad checks
    fraudulent PO's to fortune 500 companies in the 80's and 90's

    there has never been a 100% fool proof or secure system any time in history

  • No (Score:5, Interesting)

    by phantomfive ( 622387 ) on Monday April 15, 2013 @02:16PM (#43454577) Journal
    From the summary, it looks like the most serious threat to the internet is click fraud. Which frankly, in the absolute worst case, would mean that advertisers would all leave the internet.

    And really, how bad would that be? I remember the internet before advertisers.
    • Re:No (Score:4, Interesting)

      by Ionized ( 170001 ) on Monday April 15, 2013 @02:31PM (#43454715) Journal

      do you like free content? i do. if all the advertisers go away, expect everything to be paywalled or have donation buttons.

      • by alen ( 225700 )

        half the so called content seems to be linking to stories written by real journalists and adding some comments

      • Re:No (Score:5, Insightful)

        by excelsior_gr ( 969383 ) on Monday April 15, 2013 @03:47PM (#43455619)

        I love free content. In fact, I love it so much that I have created some myself and put it online. You should try it; it feels good!

        Besides, what's wrong with donation buttons? I very much prefer them against an obnoxious flash commercial.

      • by Xest ( 935314 )

        Oh do fuck off, some of us remember the internet before the dotcom boom, where there were thousands of sites without an advert in sight and tons of really interesting content and the word or concept of paywall didn't even really exist.

        The web was built as a tool for easy and open information sharing, and grew on that premise for a decade before people started believing it was all about the ad revenue and paywalls.

        In fact, I still believe the internet was better back then, there was no corporate interference

        • by Ionized ( 170001 )

          oh, those rose-colored glasses you wear.

          yes, advertising has its own set of problems. but let's not pretend that it is only harmful. since you want to take a black-and-white view of the world, here are some specific examples.

          do you like slashdot? funded by advertising.

          do you like penny arcade? funded by advertising. (or basically any other webcomic getting a modest amount of traffic)

          how about google? gmail? let me tell you, bandwidth doesn't pay for itself. your awesome free webmail is paid for by... advert

          • by Xest ( 935314 )

            "do you like slashdot? funded by advertising."

            Didn't used to be, and still isn't for me.

            "do you like penny arcade?"

            Not really.

            "funded by advertising. (or basically any other webcomic getting a modest amount of traffic)"

            Funny, never noticed any on XKCD.

            "how about google? gmail?"

            No thanks, I'm quite content with rich clients that better let me managed my e-mail and keep it under my control.

            "let me tell you, bandwidth doesn't pay for itself."

            No shit. That doesn't mean it has to be paid for by advertising or pa

            • by Ionized ( 170001 )

              my original post said paywalls OR donation buttons. funny that you mention wikipedia, poster child for the donation model. thanks for helping me make my point, i guess?

              slashdot got by without advertising when it was much smaller. i promise you that its operating expenses have gotten much higher. could it survive on premium accounts and donations alone? maybe. maybe not. if it were my company, i certainly wouldn't want to roll the dice to see if it survived.

              yes, XKCD gets by without ads. congratulations, you

              • by Xest ( 935314 )

                "slashdot got by without advertising when it was much smaller."

                This isn't really true, the ads really came into play as Slashdot peaked/started to see somewhat of a decline.

                In this respect, I think you're missing one of the most important methods of site survival that's been key in shaping the web along the way, and that's that many people who have built successful sites along the way, managed to sell them, get bought out, or were given corporate sponsorship without ads because it benefits an agenda. Slashd

                • by Ionized ( 170001 )

                  i don't doubt that the internet could survive without any ads. but it would be a very different place than it is today. It would ALSO be a very different place than it was before advertising. the cat is already out of the bag, so to speak.

                  you seem pretty confident that the outcome would be entirely positive. i am a bit more skeptical of that conclusion, and feel that the end result would be more in the neutral zone, probably tending toward the negative. we could both be right, as a lot of it would be a matt

        • The internet is less an issue of paid adverts vs. Free content. What the pre-2000s internet was was a series of largely university and privates pages where academia was the top of the heap. It was social by the late 90s but the commercial internet really didn't quite exist. Post-2000s the rise of better HTML and protocols allowed the internet to grow into a full virtual world democratically dominated by corporations and uneducated masses alike. The world of academia lost the war and there is no shame in

    • From the summary, it looks like the most serious threat to the internet is click fraud.

      The idea that I should sell space on my website on a per-click basis makes no real sense. Think about it:

      * The amount of money I make is tied to the quality of the ad, which I don't control.
      * If people see the ad and decide to buy a product without clicking it, that means I'm giving away ads for free.

      The problem isn't click fraud, it's that clicks aren't an appropriate way to get paid for advertising in the first place.

  • by frovingslosh ( 582462 ) on Monday April 15, 2013 @02:16PM (#43454579)

    Principal Scientist for Consumer Security at PayPal

    How many oxymorons can you find in that title?

  • by Anonymous Coward

    ... if people are offered the choice of convenience or security, then security will lose.

    I think we all knew that!

    I have mixed feeling on this one...

    Due to systemic failures, cybercriminals often hide behind false WHOIS information held by Registrars who do not perform adequate due diligence or enforcement.

    I have had a few websites in the past and due to the policies of the hosting company, my real name was used. There's nothing more annoying than some schmuck who knows how to use 'whois' to blast your name and everything on message boards - it's a long story and I'll spare all of you.

    As far as the rest of the Internet is concerned, I only visit certain sites now. I may google for information and avoid WOT red sites and even orange sites. I've got

  • by Anonymous Coward

    I am not so sure about this book, though.

    The Internet can be secured. Much of it already is.

    Click fraud - who cares, really? Certainly not a problem for "The Internet". It merely means that "pay per click" is a flawed model that invites abuse. Someone found that easy to implement, someone else found clicks easy to fake. But the net does not depend on "pay per click" - or even on advertising in general. If that market dies completely, there will still be webshops and informational sites around. Anyway, adve

  • by Kwyj1b0 ( 2757125 ) on Monday April 15, 2013 @02:44PM (#43454867)

    When people were in small tribes and villages, crime was low. You knew everyone. You needed to work together to survive, and if you committed a crime, you were very likely killed or driven out. However, the rise of cities helped criminals hide among millions of anonymous people.

    The truth is, the internet is almost indispensable now. Security will be addressed, as it has always been addressed, after the fact. People will learn to be careful (just as, you know, you don't walk around in certain neighborhoods in the middle of the night wearing jewelry). The reason the internet has so many problems is because it became too popular too fast. It was an attractive target before anyone thought of the security flaws. But they can and will be addressed - there is no alternative.

    What you should be worried about is the crippling of the internet. Legislators will try to pass laws based on physical-world-analogies (and corporate interests). That is a far bigger problem than crime on the internet. E-crime won't make things unusable, but stupid laws will.

    • "When people were in small tribes and villages, crime was low."

      That's the 'noble primitive' myth. It's only a myth.
      • That's the 'noble primitive' myth. It's only a myth.

        I wasn't talking about the idea that people in smaller tribes were inherently more moral people (which is what the noble primitive myth deals with), but that crime is low because of social pressures in small groups (where everyone knows everyone, and it is harder to get away with crime) or for other reasons. My point was that crime rate is smaller in a smaller social group, but more and more people prefer to live in/around cities.

        • Social pressure, that's what makes small sects feel so safe compared to the modern world.
        • That's the 'noble primitive' myth. It's only a myth.

          I wasn't talking about the idea that people in smaller tribes were inherently more moral people (which is what the noble primitive myth deals with), but that crime is low because of social pressures in small groups (where everyone knows everyone, and it is harder to get away with crime) or for other reasons. My point was that crime rate is smaller in a smaller social group, but more and more people prefer to live in/around cities.

          depends on the type of crime, i guess.

          i know that at least homicide is much lower in today's "western" society (about one in a hundred thousand per year [wikipedia.org]) in comparison to contemporary hunter-gatherer tribes (one in a hundred to one in three thousand [johnhawks.net]).

      • It's called the noble savage, dolt. It's specifically a reference to literary works where a person from a 'lesser' civilization is viewed as more in tune with nature and inherently more moral due to the lack of greed, money, or other social ill. It was generally used as a juxtaposition to industrialized man who saw himself as a social elite.

        There is plenty of proof from anthropologists proving that small societies tended to have less social ills because there is a more interconnectivity within the group s

  • it ain't hoes, it's backhoes.

  • by jd659 ( 2730387 ) on Monday April 15, 2013 @03:04PM (#43455143)
    The summary of the book seems to focus too much on the “criminals” and claims that the end of the internet is in the “unregulation” of the internet. While it is a factor, let’s not forget that the growth of the internet was also attributed mainly to the same factors. Internet gave power to ordinary citizens and it’s not possible to have that power and not to have anonymity. But with anonymity comes the criminal side as well.

    The web is changing now. With every day we have less and less privacy. Large companies got to be very good at tracking everyone’s move on the web. Practically nothing remains anonymous on the web any longer. Getting an internet service in the US requires presenting a government-issued ID and SSN (wasn’t the case a few years ago). The ISP now start the deep packet inspection where everything becomes monitored and certain undesired connections are dropped. Welcome to the world of censorship where no lists will be provided of what exactly is censored. And that, not the “wild west,” will be one of the causes for the death of the internet.

    There was an interesting article in Wired magazine on the topic: http://www.wired.com/magazine/2010/08/ff_webrip/all/ [wired.com] It provides insights about how we, as users, choose the closed platforms (e.g. google, facebook). And the more we turn away from the true open and anonymous internet, the more irrelevant the internet becomes.
    • There was an interesting article in Wired magazine on the topic: http://www.wired.com/magazine/2010/08/ff_webrip/all/ [wired.com] [wired.com] It provides insights about how we, as users, choose the closed platforms (e.g. google, facebook). And the more we turn away from the true open and anonymous internet, the more irrelevant the internet becomes.

      This doesn't make any sense at all. This is like saying that cars are becoming irrelevant because people frequently use toll roads, or that roads are becoming irrelevant bec

      • by deimtee ( 762122 )
        I think it is more like driving becoming irrelevent as driverless cars bocome more common.
        The main cause of accidents is people and eventually there will be sufficient pressure to actually ban manual driving.
        Then you can only go where the car will let you, and you will be tracked all the way.
        • I think it is more like driving becoming irrelevent as driverless cars bocome more common.
          The main cause of accidents is people and eventually there will be sufficient pressure to actually ban manual driving.
          Then you can only go where the car will let you, and you will be tracked all the way.

          Perhaps, but this doesn't apply very well as an analogy to the internet, Google, or Facebook. You could make a valid argument that human-driven cars should be phased out because 1) humans are more dangerous/accident-pr

  • by k6mfw ( 1182893 ) on Monday April 15, 2013 @03:44PM (#43455593)

    If usenet was still around, I can post question like, "I'm having difficulties of getting audio to stream on my video via ustream.tv. Video stream is ok but I cannot get my Win7 to show audio from the Dazzler video-to-usb." and "Anyone have issues of choppy video when streaming on ustream.tv?" "Anyone know how to deal with this 'dinosaur' part of error message when attempting to stream on justin.tv?"

    Right now all there is this are bankrupted sites like fixya or forums of people with same problems but no answers.

    I miss usenet, had lots of fun reading/posting on rec.arts.dance, sci.space.policy, and rec.skydiving (which some called it wreck.skywhining)

    • by jgrahn ( 181062 )

      If usenet was still around, I can post question like, "I'm having difficulties [...] I miss usenet, [...]

      Who told you Usenet is not around? I was there an hour ago. Some groups are still pretty decent.

    • Re: (Score:3, Insightful)

      by arbulus ( 1095967 )
      The worst one of all that is the forum sites that seem to do nothing but mirror other forums sites. Out of one page of google resutls, all of them are completely different forums that have the exact same thread. It makes no sense. Or bullshit sites like Experts Exchange or others where you see the exact question you are searching for, but have to pay to view the thread. My assumption is that they're just repeating back your question to you to make it look like the have the answer to get your money. Forums
      • by Anonymous Coward

        Really?!? How many people who knew Usenet don't know that you can just turn off JavaScript and scroll down to see the answers on Expert Sexchange?

    • by Burz ( 138833 )

      From my experience being a system polyglot, the phenomenon you speak of is specific to Windows, IMO. Because of the opacity of the underlying system, I notice people on these sites trying to troubleshoot odd problems tend to quickly hit a brick wall whereas this is less likely to happen to people on OSX and Linux-based systems. Although in OSX's case it has more to do with being tightly integrated to the hardware and each model of Mac having a greater critical mass than their many Windows-based counterparts

      • by Burz ( 138833 )

        From my experience being a system polyglot, the phenomenon you speak of is specific to Windows, IMO. Because of the opacity of the underlying system, I notice people on these sites trying to troubleshoot odd problems tend to quickly hit a brick wall whereas this is less likely to happen to people on OSX and Linux-based systems. Although in OSX's case it has more to do with being tightly integrated to the hardware and each model of Mac having a greater critical mass than their many Windows-based counterparts.

  • He writes that ultimately, if the Internet can't be secured, and that the underlying amount of crime and fraud make the Internet useless and dangerous, then it indeed will lead to the tipping point where the result would be the death of the Internet.

    The attempts at "securing" the Internet are what's killing it.

  • The Internet will always be the greatest cookbook that ever existed!

  • by Anonymous Coward

    What about electricity? We are now highly dependent on that too and electric sources could be a potential target. So can water lines, gas lines, cell and LAN line phones (though LAN lines are now used less), radio and television, etc... Why does the book mainly focus on the Internet and doesn't focus on other things that we are also highly dependent on as being potential targets. Sure, the Internet may in some ways be more vulnerable but still. At one time, while electricity lines or television were relativ

  • The Web however, is fucking toast. As a portion of web traffic the WWW is a shrinking percentage. The web no longer has your interests at heart. It is now just a conduit, like the phone lines used to be. It's mostly filled with video data and stupid "phone home" bullshit, where a jillion smartphones report their position every few seconds, etc. So, no, the internet is far from dead. The Web however is a dying beast.
  • You must mean jury-rigged [wikipedia.org], or jerry-built [wikipedia.org]. Pick one!

Keep up the good work! But please don't ask me to help.

Working...