Dangers of monopolies and closed practices are key to debate on digital inclusion PORTO ALEGRE, Brazil -- The audience at a seminar on "New technologies and strategies for digital inclusion and social change" at the World Social Forum in Porto Alegre were given a rare first-hand account of the potential for a worldwide collapse of the Internet because of the dominance of the virtual Microsoft monopoly on computer software. Carlos Afonso, APC representative, and technical director of RITS, a nonprofit Brazilian Internet company, told the shocked audience that he had been up since four o'clock in the morning, fighting to get the World Social Forum and other Brazilian sites hosted by RITS back online after they were knocked off line by a major attack on computer servers that connect the Internet across the world. "At 3.30am Brazilian time," announced Afonso, "a digital worm was launched into the Internet and in many countries, the Internet was shut down." The worm which, partly due to its tiny small file size - just 367 bytes - propagated extremely quickly. It attacked a weakness in the programming code of Microsoft SQL databases across the world and generated millions of millions of copies of itself, flooding the Internet with so many server requests (messages sent between computers) that it actually managed to bring down some of the world's thirteen route servers - the powerful computers that allow the Internet to connect from one region to another. "At 11am, there was still no sign of South Korea," said Afonso, who blamed Microsoft's policy of denying errors in its software programmes and concealing the programming code of its products from technicians such as himself. "This happened because of a Microsoft vulnerability. Another Internet would exist without Microsoft!" he declared to strong applause from the audience. According to Afonso, it has been Microsoft's policy to deny such vulnerabilities until a member of the public discovers and reports them. "Then they release a fix on a Microsoft site but do not inform their customers or the general public of the problems," Afonso told APC later. "Given the grave consequences of these vulnerabilities in Microsoft software, which are putting the entire Internet at risk, it is obvious that Microsoft and several other software makers must radically change their support policy and approach to design secure programs - which still remains just a promise from Mr. Gates. The fact that a fix is available but that thousands of Microsoft SQL servers were hit proves they did not have the fix - not because of lazy operators - but because of lax Microsoft security support policies. No wonder administrators are migrating to Linux - it is not only a question of open or proprietary code, it is also a question of a near-monopoly which, as such, absolutely disregards the Internet community, and its own customers. By contrast, the open source community is regularly producing information on potential or actual vulnerabilities of their code which are instantly made available - there is no market interest in hiding any vulnerability, but a collective concern of trying to avoid any damage beforehand." Afonso, who has been called the Father of the Brazilian Internet, did not only denounce the poor security support policies of the giant US software producer. He also criticized the anti-democratic nature of Internet governance. He explained to the audience that the Internet is governed by an organization existing in parallel to other formally elected governments. There is a worldwide Internet government with a pyramidal structure. A not-for-profit that heads it manages the thirteen root servers controlling the Internet. This organization, ICANN, is registered in the USA and is hence subject to US laws, not the international community. Many people are not even aware of the existence of this body, said Afonso. The antidemocratic nature of Internet administration filters down and is reproduced at national level, claimed Afonso. The management of the Brazilian Internet is in the hands of the Brazilian Internet Steering Committee, a group of volunteers who are appointed by the ministries of Science & Technology and Communications. Despite having a two year mandate, the same people have remained on the committee since 1995. To make matters more obscure, the administrators typically make their decisions behind closed doors. For instance, recently, the organization decided unilaterally to reduce the price of domain names (ie. website addresses) in Brazil. This may seem a positive move, however the sale of domain names is not uncontroversial in Brazil. Each year, $5,000,000 US dollars is raised from the sale of domain names and the money is not accounted for, said Afonso indignantly. As a technical director, he knows that the administration costs of domain name sales are much lower. "The remainder of the money could be used for digital inclusion projects but it is not," said Afonso. "The Brazilian Internet Steering Committee does not even reveal what it does with the income." Afonso believes that the move to reduce domain name prices (which are already just US$12 per year per domain) is an attempt to gain sympathy with the Brazilian Internet community in the wake of news of the committee's mismanagement. "This price reduction means that if the excess funds fund digital inclusion projects by the new government, less money will be available for this, so civil society would like to discuss this first. Messing with prices in this arbitrary way and without public consultation just shows that the mismanagement continues." Afonso called for the social control of Internet and telecommunications infrastructure by the new Lula government to loud applause from the audience. "We've been working with the new administration to do this," he explained, "without risking security and quality of the Brazilian network. Public policy must be changed!" Karen Higgs Khiggs@apc.org ICANN (the non-profit which governs the provision of Internet): http://www.icann.org RITS: http://www.rits.org.br APC: http://www.apc.org About Carlos Afonso: http://www.idrc.ca/reports/prn_report.cfm?article_num=1067 World Social Forum: http://www.worldsocialforum.org Originator: --- (Karen Higgs) Date: 01/26/2003 Location: PORTO ALEGRE, Brazil Contact: khiggs@apc.org Category: Internet Rights Source: APCNews ========== HURIDOCS-Tech listserv ========== Send mail intended for the list to <huridocs-tech@hrea.org>. Archives of the list can be found at: http://www.hrea.org/lists/huridocs-tech/markup/maillist.php To subscribe to the list, send a message to <majordomo@hrea.org>, with the following text in the message: subscribe huridocs-tech To unsubscribe from the list, send a message to <majordomo@hrea.org>, with the following text in the message: unsubscribe huridocs-tech If you have problems (un)subscribing, contact <owner-huridocs-tech@hrea.org>.
[Reply to this message] [Start a new topic] [Date Index] [Thread Index] [Author Index] [Subject Index] [List Home Page] [HREA Home Page]