As an individual whose work deals specifically with network traffic security/integrity I am still constantly reminded just how much I,  even as an "IT person" still don't know/understand about same.

I can however agree with everything kryo said above.  The individual referenced in the OP most definitely has little to no "real idea" what he is talking about and unfortunately without knowing "why" something works it is pretty pointless to debate changes to the "how".

Anything can be changed. It was created to be one way, but it is not immutable. Nothing really is except entropy...and being the head of Israeli cyber security - probably means he knows a little something. Maybe even more than you guys. If he says it can be re-engineered, it certainly can be. Which was my original point.

Yes, anything can be changed.  The argument revolves around should it and how?  These questions however cannot and should not be debated by people like 'the professor' who simply see the internet as a 'series of tubes'.  

In the world of physical security we secure things via (my favourite principle) 'least privilege'.  We secure rooms, floors and even entire buildings via this principle.  It is when an individual human is compromised (ie. a security guard etc.) that breaches in our systems happen.  The same happens in the digital world.  The only way to truly secure anything in the digital world is using the 'least privilege' computing principle (anyone worth anything in the industry knows this) so then why are breaches still so common and seemingly becoming more so?  Because the individual users are still being compromised faster than they are being secured.  The individual users and their digital machines are the weakest link in world 'internet security', not actually 'the internet' (network infrastructure) itself.  This is the 'key something' real network engineers understand and something Mr. Professor does not.

More often than not, the 'heads of security' I've encountered in my many many years of service in IT, resemble the fat doughnut-eating security guards who are seen to 'protect' our sensitive buildings when the reality is the 'least privilege' enforced by the elevator card-access systems, fingerprint/retina scanners etc. are the ones actually doing the protecting.

Once again, there is little to no point in debating how to change something, when you really know next to nothing about why it works in the first place.  The good professor should stay good at what he knows, and leave the other things up to those who specialize in the correct field(s).

'least privilege' might be all well and good (iff everyone uses it, and if anyone would post about it ), but attributability would do plenty in catching the evil doers (another global ransomware attack in progress as we speak).

The good professor is running a prestigious cybersecurity conference as we dither about something which (as I've noted ad nauseum won't happen anyway). And, you and I should realize we're getting the non-linear conversation via a non-tech reporter who might, just might have needed verbally inaccurate descriptions of things. 

To think the Israelis would make someone ignorant of IT a Major General in charge of it, and that a University like Tel Aviv U. would do the same is ridiculous.

Hey, I know Fido!  Used to run one of his kennels.

Anyone recall Gen. Groves and a little thing called the Manhattan Project?  He knew sod-all about physics, but somehow they muddled through...

But this isn't about the American Army, nor the Manhattan Project, nor Gen. Groves.

Apart from that...

Actually it is not.  If appointed persons the world over actually knew a thing or two about the things/people/decisions they so often preside over, this planet would be a much different place.

More often than not the 'people in charge' simply know/knew the right someone and not so much of the right something!

How ironic. You really shouldn't make judgments about people and their capabilities you so casually make assumptions and generalize about. 

Oh I didn't say any of what I've said here 'casually' and as an actual 'IT person' with real experience and knowledge pertinent to the subject at hand I'd say I am at least somewhat qualified in 'passing judgement' on someone who claims title but whose verbiage (even if secondhand) belies capability.

https://www.a-star.edu.sg/About-A-STAR/Corporate-Profile/A-STAR-Board/Prof-Isaac-Ben-Israel.aspx

Geee...all that without knowing anything about IT or the net. Fascinating. Amazing, actually.

The professor is definitely very capable at managing people and/or sitting in positions of oversight.  No argument there. 

I still and always will believe he doesn't actually know much (if anything) of the deeper structure of the things he talks about.  This is so common (maybe especially so in this particular field) that if I had a dime for every 'specialist' I actually know more than (in this field) I would be pretty wealthy! 

To me, nothing you have linked or that I have independently searched out and read has indicated to me that I made an incorrect judgement about him.  His is a fantastic 'manager' of people/things.  His in-depth knowledge of the subject matter he presides over certainly seems lacking enough to be called into question.  It is that simple really.

He may or may not be an "IT expert".  But is this thread about people, or ideas?

Doc, it's easy to point out the drawbacks (I won't say flaws) of the current architecture,  But there seems to be a real dearth of proposals on what to do about it.  And no, a set of requirements for what we want to accomplish does not constitute a proposal.  Without real ideas, the rest is just wishful thinking ... or a jobs program.

When the 'ideas' touted in this thread come from 'people' lauded as experts in the field (and whose verbiage has been shown not only to be wrong simplistically but actually fundamentally incorrect), then yes.......it is about both actually!

But really......I've said enough.   I am now entering the realm of 'broken record' so I think I'll let my previous replies stand now.

Same here...

 Stopping the bad guys by forcing the good guys to give up their freedom (and anonymity is a freedom) has never worked.  Kind of like disarming law abiding citizens to stop criminals from using guns.

Nothing of the sort, and that's really a completely false analogy. Anonymity is not freedom at all. In fact, it is used by those who are the greatest enemies of freedom to act against freedom. Remember that freedom requires responsibility. There is no responsibility in anonymity because there is no accountability.

http://caselaw.findlaw.com/us-supreme-court/514/334.html

https://www.eff.org/files/filenode/unspecialrapporteurfoe2011-final_3.pdf

We're teetering on the wobbly edge of politics......

Odd that part of your quote. Exactly what I'm referring to.

That anonymity can be abused was never in dispute.

The SCOTUS made that comment specifically for purposes of calling out that abuse of anonymity is not valid grounds for eliminating the anonymity of the law-abiding. It is a small part of a decision finding that the outlawing of anonymous speech was unconstitutional. Ergo, anonymous speech is not only a freedom, but a legal right in the US. I mean, it's even right there in the text you quoted... "the right to remain anonymous". The SCOTUS does not use verbiage like that in error.

Who's talking about free speech? I'm talking about the abuse of criminal conduct. Crime is not entitled to free speech. It is not free speech to cause others' property damage.

So how do you propose to eliminate the anonymity of the criminals?

You cannot take anonymity from them without taking it from everyone. And the internet is a communication medium, so yes, freedom of speech applies. See the EFF paper I linked for their opinion on the applicability of the SCOTUS ruling quoted.

Do you object to screening of bags and pat downs while getting on a plane, also? Don't you willingly go through that invasion of privacy to prevent criminals from harming you and others? Look at what just happened to the Ukraine, look at the damage done by hacks... I see nothing terrible about attribution and accountability considering we really have zero privacy anyway.