I started on the internet in 1995. The way we secured things then — or didn’t — turned into a thirty-year retrofit. AI is in the same place now. Here is what watching the first wave taught me about the second one.
When email was wide open
In 1995, three years out of Penn State and working at Advacom, sending email was wide open. Port 25. Plaintext. No authentication. You could telnet straight to someone’s mail server, type a few SMTP commands — HELO, MAIL FROM, RCPT TO, DATA — and a message would fly across the network to the recipient. No password. No encryption. No questions asked.
That was not a mistake. It was the design. The early internet was built on an assumption of trust — because the people on it at that point were mostly universities, government labs, and a handful of companies. The protocols literally assumed everyone was acting in good faith. They had to. There were only a few thousand mail servers in the world.
“On a personal note, I can still remember setting up my first mail server at Advacom back when I was a network engineer just starting my career. It was incredibly enlightening as we moved away from sending physical letters to sending emails to one another. It was an exciting time to be part of a new way of communicating—one that eventually revolutionized the world.”
The security stack got bolted on
Port 465 (SMTPS) showed up in 1997. Port 587 with STARTTLS was defined in RFC 2476 in 1998. But it took until the mid-2000s for any of this to become widespread — and arguably until 2014, in the aftermath of the Snowden disclosures, for major providers to actually require encrypted submission. Before that, you could happily run a mail client with no encryption and nobody blinked.
The whole spam problem of the early 2000s was a direct consequence of that 1995 assumption. Once spammers figured out that any mail server would relay for anyone, the open-relay era ended fast. SPF. DKIM. DMARC. Encrypted submission. Sender authentication. All of it was bolted on after the fact, fighting the original design.
Every layer of internet security you use today exists because the original layer did not have it and we paid the price.
“Back in the day when I was working at Erie Insurance, I remember setting up the first firewall at Hamot Hospital and configuring their email relay system. Eventually, Erie Insurance adopted the same technology Hamot used because executives from both companies knew each other. Around that time, we were also starting to get overwhelmed with spam; our inboxes were completely overloaded with junk mail. We actually had to set up individual, dedicated computers just to tackle the issue. It was a bit overwhelming at first, but we eventually figured it out. Today, while we still get spam, at least we have a lot less of it in our inboxes and more of it filtered into our junk folders.”
AI is in 1995
AI right now is in roughly the same place the internet was in 1995. The capabilities are racing ahead. The safety, oversight, and governance framework is being assembled in catch-up mode, after the technology is already deployed at scale to hundreds of millions of users.
The pattern is identical. A foundational technology gets built on assumptions of trust and good intent. The user base explodes beyond anything the designers anticipated. Bad actors find the gaps. Researchers and policymakers race to retrofit the safety stack while the technology keeps moving. The retrofit is always more expensive, slower, and less effective than getting it right at the start would have been.
The internet’s first ten years gave us SMTP open relays, IP address spoofing, no certificate validation for ordinary users, and a generation of malware that we are still cleaning up thirty years later. The AI equivalent — what we are building right now without enough guardrails — will be the thing the next generation spends thirty years cleaning up after us.
“The examples above seem small now: early scams, the first viruses, a web that trusted everyone by default. They were minor next to what came later, but they taught us something we didn’t want to learn — the world we’d built was not as safe as it felt. We are standing at that same crossroads with AI, except the cost of getting it wrong is far larger. There are two sides to this. The first is the security of the technology itself. Today’s best models read code well enough that Anthropic’s most advanced system, Claude Mythos, was kept from public release because of how effectively it can find flaws in software — including the decades-old code that quietly runs the world’s banking systems. That capability is serious enough that central banks and Treasury officials have held emergency briefings about it. We’ve already seen a public preview of the power: in a two-week audit, Claude found 22 vulnerabilities in Firefox, one of the most heavily tested programs on earth. The same ability that can harden our systems can break them. The second side is quieter and, in some ways, harder: how the rest of us use these tools. This is not only a question for engineers. It reaches the teenager, the young adult, the parent, the grandparent, the business owner, the government official — all of us. The danger is not only misuse. It’s that we lean on these tools so completely that we lose something human in the process, and that our children outsource the very thinking that builds a mind before they have built one. Protecting the cognitive development of the next generation is not a side issue. It may be the whole game. In 1995 the internet was wide open and trusting, and that openness was both its gift and its danger. AI is in that same early, wide-open moment now, with hundreds of millions of people using it freely. The encouraging part is that some companies are treating that openness with care — Anthropic, for one, builds in safeguards, restricts its most dangerous capabilities rather than shipping them, and discloses the flaws its models find so they can be fixed. That deserves to be said plainly. But not every company is doing it, and openness without responsibility is exactly how 1995 became a lesson instead of a triumph.“
Leave a Reply