Kaspersky co-founder Eugene Kaspersky recommends a government sponsored ID scheme for computer users
Eugene Kaspersky is advocating the use of hardware confirmation, known better as 'hardware IDs', for Internet banking, saying that some Baltic countries and some British banks already have them in use today.
"They need to have these hardware IDs for everyone," Kaspersky says, calling for mass adoption of peripheral card readers for all internet banking users. The idea sounds simple, but the setup could be costly for banks.
Kaspersky envisions a world where many of us, whether we like it or not will use ID card readers as a type of digital passport. The idea behind these devices is that physical counter-measures are much harder for a cyber criminal to infiltrate. "Banks could be big drivers of this kind of hardware", says Kaspersky. In Australia, hardware tokens have been introduced in the past by some banks as a security measure.
Facebook and IDs
For all this talk of better seciroty practices, Kaspersky, the self-made security guru and part Russian superstar has become a father figure to the next generation of security experts - some of whom already work for him. Each day of the year, Kaspersky monitors social networks for malware and phishing scams, alerting users to the dangers that lurk beneath the halo of instant online friendships. It's here in particular, that Kaspersky envisions IDs and their ilk taking off.
Kaspersky believes IDs could be used to combat security issues associated with popular sites such as Facebook and MySpace, and for the ignorant, provide a veil of security.
In recent weeks, Facebook has been criticised for a number of security and privacy vulnerabilities; Kaspersky regards it as the world's premier breeding ground for phishing schemes. In a research study commissioned by Kaspersky Lab, Facebook ranked in the top four worst places for phishing globally, in addition to eBay and PayPal.
"In social networks, most users are very careless...They trust everyone - it's a very bad idea. Many people behave in such a way that they disclose personal information", he argues.
"There is more and more malware designed to live in the social networks," says Kaspersky. Malware generates messages which are designed to make friends and pretend to be Facebook users, he says. Social networks have become increasingly vulnerable, not just because of the way they harvest data, but by the way some users give their privacy away.
In a California example that made the headlines late last year, a group of middle class kids from the L.A suburbs took to robbing celebrity mansions, tipped off by Twitter announcements by clueless celebs telling the world that they're were out of town each weekend. With a bit of help from Google Earth, the 'Bling Ring' as they were named, got away with millions and they had social networking and it's trusting users to thank. It's this basic sense of online trust that Kaspersky hopes to demystify: "Ordinary people think they are anonymous, but they're not", he says.
ID for computer users
To prevent the misuse of social networking accounts, Kaspersky is pushing the idea of government IDs as a prerequisite for all computer users. "I've been talking about this for four years already, that we need to have a secure design for the (entire) internet," he says.
In Kaspersky's perfect world, all digital citizens would carry some form of ID to go online, hopefully creating greater hurdles for malware creators - but creating a nightmare for privacy advocates.
"Every computer, every digital device must have ID, like a MAC address, so there will have to be kinds of regulations where you can sell systems without hardware ID", Kaspersky says.
"Many people accept it as a big brother concept, but forget about it. We're already there. 95% of people don't know what a proxy is. They go to the internet and think they're anonymous and they can do anything they want."
Kaspersky argues that by regulating everybody who uses a computer, in the same way we drive a car or purchase firearms, governments can keep a closer eye on who's doing what online.
"When you buy a car, the car is registered and you have a drivers licence. If you want to have a gun, the same thing - it's registered to the person who bought it. The question is why? Because it's dangerous. With computers, you can make much more harm than with a gun or car."
Kaspersky says that in Dubai "they are going to introduce regulations that in public places, to get access to public WiFi, you have to present your ID."
Says Kaspersky: "ISPs check your ID address, they check your MAC address. They already have it. They need it already for police investigations, so what's the difference? The difference to the ordinary user is almost nothing."
While Kaspersky believes smartphones will eventually replace computers, he's worried that most people are reluctant to install antivirus software on their phones and even more are careless about the type of data they keep on their phones.
"Computers will die very soon," he predicts. "They will be replaced by smartphones. And in the smartphone area, it's much easier to introduce security regulation."
And forget about your mobile phone staying private. Ever according to Kaspersky, it's too late to start worrying about that. "They already store your SMS. They have them in storage. When you pay with a credit card, they know where you are and what you are doing. And when you check into in a hotel, they know where you are", he says.
As for internet freedom, the idea is a myth says Kaspersky. "If you want to be free, go somewhere in Siberia or the Australian desert", he says with a wry smile. As for internet freedom, the idea is a myth says Kaspersky, not afraid to tell it how it really is.
"There is no freedom. If you follow regulation, you are free", he says. "Just don't forget to pay your taxes."