Net guru: Encrypt everything

 

Connecting state and local government leaders

Ray Ozzie believes in shared workspaces. The inventor of Lotus Notes collaboration software founded Groove Networks Inc. in 1997 because server-based architectures 'fundamentally could not address the dynamic collaboration requirements of a decentralized business environment.'

Ray Ozzie believes in shared workspaces. The inventor of Lotus Notes collaboration software founded Groove Networks Inc. in 1997 because server-based architectures 'fundamentally could not address the dynamic collaboration requirements of a decentralized business environment.'Ozzie has had a hand in groundbreaking applications, including Lotus 1-2-3 and VisiCalc. His current Groove Workspace software can extend collaboration services through enterprise firewalls.'We have just begun to see the wide deployment of PCs and e-mail in the last five years,' Ozzie said. 'Imagine where things are going to be in 10, 20, 30 years. On the positive side, how will this affect our lives? On the negative side, how will our enemies use it against us?'The crucial skill, he said, will be to master networking technology 'more effectively than our enemies.'A University of Illinois computer science graduate, Ozzie worked in the 1970s as a systems programmer on the university's PLATO shared-learning system. He has said he is 'haunted by concepts rooted in online community that I experienced at PLATO.'GCN chief technology editor Susan M. Menke interviewed Ozzie by telephone from his Beverly, Mass., office. OZZIE: People tend to think of the personal technologies'PCs and e-mail'but they can also become a burden. I don't know about you, but I've got too many PCs and too much information to deal with on a daily basis.We're at the beginning of what will be a hundred'a thousand years'of the Internet as a utility, a pipe. We're just at the beginning of learning to use it effectively to communicate.We're stumbling a little right now. Maybe it'll be our kids or our kids' kids who have the rhythm down so that they can have a life and use technology, too.There's ample opportunity to connect, but we need ample opportunity to disconnect. Mobile technologies let you disconnect yet continue working. The most challenging thing is finding the right balance between being highly responsive to people's expectations and not being overwhelmed by information.We're all trying to juggle many projects and relationships. A lot of the reason I started Groove Networks was that I saw people trying to use technology to interact with one another. As technologists, we have to help them make the most of their attention and their time.OZZIE: Because there are no natural barriers to spam, we face the prospect of 10 times what we have now. If you asked most people what tool they use most to work with other people, they would say e-mail. The phone also, but mostly e-mail. Yet it's becoming an increasingly noisy and hostile environment.We can be defensive and try to set up more barriers, but I've looked at the tools, and they commonly filter out things you need in your work. I'm seeing customers turning to weblogs and instant messaging'moving their interactions out of the e-mail environment into ones that are more appropriate, quiet or secure.I don't think e-mail's going away by any means. It's the most convenient way of initiating a conversation. But once you're working with someone on a document or presentation, those interactions will move to other environments.OZZIE: I think ultimately that, for the same reasons we have fax legislation, there will be e-mail legislation.As a practical matter, however, it really won't stop spam. A lot of spam emanates from overseas and is difficult to identify. The protocols on which e-mail was based are 30 years old now, and they weren't really intended for this scale of traffic.More and more, we're going to view e-mail more or less as we do postal mail'a daily pile of which 80 percent is unsolicited and commercial, and some of which we need to pay attention to, like bills.OZZIE: There's a great migration happening right now from the desktop PC to the laptop, in one form or another. The notebook will represent the vast majority of devices for some time to come. The tablet PC is a logical extension of the notebook. It still has a keyboard, but if you feel like sketching, you can just flip the screen around.A few years ago, we were on a path to make the PC a browser appliance. Now I think we're going in exactly the opposite direction. We're on a path to more and more PCs in our lives'at work, on the road, in the den at home, in the kitchen. The challenge now is helping users cope with synchronization and security.OZZIE: I believe pretty much everything is moving to wireless, and manufacturers are building it in so it becomes easier.I'm a bit of a contrarian: I don't believe we should be worrying so much about wireless network security. I believe we should be using software that automatically encrypts, whether it's over the air or over a wired network. Just because something's on the wire doesn't mean it's secure.I have a theory, based on the 15 years I worked on Lotus Notes, about where the real systems security issues are. I keep thinking of complacency and insecurity'systems have to be designed to be secure even though the people who use them don't understand security.We in the industry should build software that has security down to its core, out of the box. Anything that goes over wireless or wired networks should be encrypted automatically without anyone doing anything special to configure it.Once at a conference, I witnessed a sniffer called EtherPeg watching all the graphics going by and displaying them on screen. We could see what the conference attendees were doing on that wireless network.It's pretty bad. We should be more aware that everything we're doing on the Internet is tappable. The intelligence agencies of foreign governments are looking at what we're doing. If we focus too much on the wireless problem, we lose sight of the fact that it's a much deeper problem'and a fixable problem, if customers demand that it be fixed.Encrypt everything. Software should just automatically encrypt everything that gets stored on disk, in case you happen to lose your laptop. Encrypt what goes over the wires. There's no reason not to'computers are very powerful now. They have a lot of extra CPU power that could be going into encryption.OZZIE: That's the primary one we use, but there are many algorithms appropriate for different uses'public-key algorithms, secret keys.That's less important than the overall security design'getting security into products to begin with. Rather than mandate encryption for wireless, I'd much rather see the government mandate encryption within the software that people use.OZZIE: Any serious infrastructure changes are going to take tremendous amounts of money and years. We don't have that kind of time. To address the threats, we have to act now.The first order of business is getting the employees to work effectively together. Who needs to work with whom? Ensure that the processes and practices at the edges of the organizations give people an incentive to work with one another dynamically and act on situations quickly. The deeper IT systems related to merging the databases and doing unified analyses should be well thought out over a period of years. But we shouldn't overanalyze the problem now. We need to get the people working together effectively.OZZIE: Use decentralized technology, different from conventional server-based technologies. Decentralized technology'tunneling through firewalls'is key to connecting different security enclaves so that people can work together across enterprise boundaries.

Ray Ozzie bio

Age: 46

Family: Wife, Dawna; two children, Neil, 19, and Jill, 15

Last book read: Emergence: the Connected Lives of Ants, Brains, Cities and Software by Steven Johnson

Favorite Web site: news.google.com
Hero: Don Bitzer, creator of PLATO, the world's first online community

Worst job: Working the punch press in an Illinois factory

Best job: CEO of Groove Networks

Ray Ozzie, seeker of a collaborative groove












GCN: What are the most important technology breakthroughs of the last two decades?











GCN: Almost half of all e-mail now is spam. What's going to happen to e-mail?







GCN: Do you think e-mail will become subject to government regulation?







GCN: Is the PC going to evolve into a tablet?





GCN: Will all or most networks eventually be wireless, and how do you fend off eavesdroppers?















GCN: Which algorithm should be used? The government's Advanced Encryption Standard?





GCN: What are your thoughts on how the proposed Homeland Security Department should integrate its systems?







GCN: How do you cobble together all the different networks, including radio networks?

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.