The government is at it again with several moves designed, according to their press releases, to help the feds fight cybercrime. A recent report by Arbor Networks suggests that 2% of the traffic on the Internet at any one point in time is purely for DDoS and other cyberattacks, with peaks of up to 5%. In response, Air Force Colonel Charles W. Williamson III has proposed using outdated hardware to form a massive network of zombies to help them fight back against cybercriminals.

2% of Internet Traffic Raw Sewage (Arbor Networks)

Air Force Colonel Wants to Build a Military Botnet (Wired)

Of course, the proposed botnet would presumably be less damaging than the zombie networks that Department of Homeland Security chief Michael Chertoff decried as an “imminent threat” when he laid out his plans for a “Manhattan Project” for cybersecurity, as the botnet would be controlled by the government. Another component of this project would seem to be indicated in the recent announcement of “Project 12,” a program to collect and share information about cyberattacks with corporations willing to share their own data. In addition, the entire system will be simulated by DARPA, which is creating a “fake internet” that will include programs that imitate users, zombies, and malware.

Zombie Computers Decried as Imminent National Threat (Wired)

Behind “Project 12” (Newsweek)

DARPA Creating Fake Internet Complete with Fake N00B Users (Wired)

Put me down as supporting these new initiatives with misgivings. While I agree that we have a long way to go before our computing infrastructure could be accurately described as “secure,” I am not convinced that privacy rights will be first on the minds of the people creating these systems. At least one government official described security and privacy as a “zero-sum game,” or a situation where we will have to give up one in order to get the other. Personally, I am of the opinion that privacy is a more important ideal in a society that purports to have liberty as its most basic tenet. Ben Franklin said it far better than I ever could…

“They who would give up an essential liberty for temporary security, deserve neither liberty or security.”

Do you think that privacy and security can coexist?