De-anonymizing the Internet
Well, I've recently undertaken a quite interesting project--- attempting to de-anonymize specific portions of the Internet. This is by far not a new idea. I can think of 10 "projects" in different forms that have all attempted, with various degrees of success. I'll list three of them.
eBay feedback system: Forces buyers & sellers to treat each other with some degree civility. But, is easily circumvented by creating dozens of accounts through different proxies and leaving positive feedback on fake items sold between two non-existant accounts.
USAF Bot Network Traceback: The USAF solicited bids for a R&D project to trace back through bot nets to discover the controller of the bot network. I saw some of the bids, some were very brute force (root all of the bots and then root the botmaster, then root all of his friends, his mother, and then kick his dog), others were much more creative. If you run a botnet, maybe the Air Force is watching you right now?
Google Toolbar: If you have advanced options enabled with the Google toolbar, any page you visit is transmitted to Google. Google does this primarily to track relevancy of its search results.
Obviously there are lots of ideas about reducing anonymity on the internet. Some (like the Google Toolbar) require huge scale. Others rely on technology (USAF project) and others rely on communities volunteering to give up anonymity for increased trust (eBay feedback). This all lends a question, is a de-anonymized internet better? Is it more secure? You can bet that most businesses and governments would love an internet where your IP was tied to your SSN and then to thumbprint. (Of course, this would be lame, because IPs, SSNs and even thumbprints can be spoofed by high school kids with nmap, photoshop and elmers glue, respectively) .
Its a hard question. If you look at society 200 years ago, people had a very little degree of anonymity in their daily lives. You were an apprentice for a trade (meaning you had one boss for life and you lived in his basement), you knew your neighbors, you likely had little ability to travel place yourself into new surroundings where you could pretend to be someone else. Were people better off? It would be impossible to measure, and if it was, it would be equally impossible to control for other factors, such as healthcare, political representation, etc.
Generally if you are going to do something bad or unethical, you are going to want to be anonymous (or at least assume some other sucker's identity). Conversely, if what you are doing is deemed "bad" by the powers that be, but is truely ethical and moral, you are also going to hang out on "anonymous networks" with all of the truely unethical folks.
So, the question becomes, if you have been tasked with reducing or eliminating anonymity on the Internet, how do you distinguish the bad guys from the good guys? What can you build into the system so that it can only detect traders of child porn, state-backed Chinese hackers getting into government networks, and click fraud dorks making 100k a month from Adsense?