|
Posted by warf on December 14, 2006, 10:00 am
If you were Registered and logged in, you could reply and use other advanced thread options
Given that I have ascertained absolute privacy is impractical and every
advance in mal-tactics results from the challenge of defeating security
hardening improvements: There must be a pragmatic way to design a
worldwide web that is inherently safe no?
Would it, or is it, possible to have various levels of security like the
trusted zones our browsers allow? I understand the ultimate
determinations of 'undesirable practices' would be subjective but; For
EG; countries with lax legal systems could be placed in an echelon
selectable for access but shielded from self determined 'safer' zones.
Moderation of newsgroups is an example on a content basis, physical
access by backbone telecom providers to other jurisdictions must surely
be selectable because the systems are designed to make billing and usage
assessment a fundamental property no?
I also understand MSoft would be the first to be culled for providing
the back doors in the OS most often used at the user level.
IOW, if forced to start from scratch, _could_ a more workable system of
WWWeb be designed with consumer interest paramount? _Would_ is a whole
other topic.
warf.
|
|
Posted by Leythos on December 14, 2006, 10:08 am
If you were Registered and logged in, you could reply and use other advanced thread options
> There must be a pragmatic way to design a
> worldwide web that is inherently safe no?
No, it isn't, at least not in a practical manner. There are too many
applications that interact with the web to make everything safe.
--
spam999free@rrohio.com
remove 999 in order to email me
|
|
Posted by xpyttl on December 14, 2006, 11:01 am
If you were Registered and logged in, you could reply and use other advanced thread options > Given that I have ascertained absolute privacy is impractical and every
> advance in mal-tactics results from the challenge of defeating security
> hardening improvements: There must be a pragmatic way to design a
> worldwide web that is inherently safe no?
It's called EDI, and it predated the web by a long way.
The reason the web is so useful is that pretty much anything is possible.
That is exactly the reason it is so difficult to secure.
..
|
|
Posted by warf on December 14, 2006, 1:33 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>
>>Given that I have ascertained absolute privacy is impractical and every
>>advance in mal-tactics results from the challenge of defeating security
>>hardening improvements: There must be a pragmatic way to design a
>>worldwide web that is inherently safe no?
>
>
> It's called EDI, and it predated the web by a long way.
>
> The reason the web is so useful is that pretty much anything is possible.
> That is exactly the reason it is so difficult to secure.
>
> ..
>
>
Well, I'd like to meet this Edi..th and find out why she is letting
herself be overrun by Web.
Is EDI too restrictive or too secure? The question is valid since a lot
of what motivates a 'means' is the ends...and the end is nearly always
money gained via advantage over competition.
The 'means' in this instance is the 'means whereby consumer
[CONs U & ME] is directly connected AND available [accessible].
|
|
Posted by OpCguy on December 15, 2006, 6:51 am
If you were Registered and logged in, you could reply and use other advanced thread options > IOW, if forced to start from scratch, _could_ a more workable system of
> WWWeb be designed with consumer interest paramount? _Would_ is a whole
> other topic.
>
> warf.
If every computer were a "trusted computer", ie it would only boot, run
or install specially signed executables from a very limited number of
vendors. Where you could not build a working computer from parts, or
reuse decomissioned computers. When you install a program, you must not
only buy it from an authoried vendor, you must have approval to use it
for an authorized reason. Where system administrators have only user
accounts, no root. Opening a case of a computer would be a felony.
If every network device, routers, lans, switches, etc had all ports and
all features disabled. You could only enable ports and features via one
of a small number of authorized vendors, and only if you had a good
reason. Where every packet was archived. Where network administrators
had only user accounts, no root. Unplugging a network or console cable
would be a felony. Pluging a cable into an unathorized port would be
your "third strike" and get you life in prison.
If every user had a device implanted in their body, perhaps in their
brain or between their heart and spine, so to access it in anyway would
be difficult and life threatening, that would authenticate them on the
1 or 2 computers that they are authorized to use. All keystrokes, mouse
movements, etc would be saved. All services, programs, websites viewed,
etc would also be archived. There would be no such thing as removable
media. No ipods, cell phones, etc that would connect to the computer or
be allowed to tunnel through the network in any way. No DVD burners.
Access to printers would be strictly limited by 24-hour security
guards.
If the workforce of the CIA, FBI, the police etc were multiplied by
2048, and they were tasked with monitoring you and the network. If
there were no form of privacy, no warrants needed, etc. If all of the
content of all phone calls, emails, SMS, etc were all archived and were
searchable.
If all computer and electronic education was strickly limited. If you
had to have a security clearence just to change a toner cartidge.
THEN, THEN, THEN.....
......MAYBE the internet would be secure.
Except for the goverment, powerful corporations, former KGB officers,
to organized crime, rich people in general.....
...... no not really, it just would make it very hard, and only really
dedicated or well connected people would be able to do it..... but man
what they could do!!!!!! Ha ha fuck you average joes over big time!
Make 2004 and the S&L Fiasco look like a robbing a convience store!
|
| Similar Threads | Posted | | Internet Security - Finding Someone On the Internet....How?!? | July 26, 2007, 11:54 pm |
| Case Security Question | September 28, 2005, 6:29 pm |
| advapi.dll security question | August 9, 2006, 7:22 am |
| question (and poll?) for security professionals | November 17, 2005, 1:24 pm |
| Question regarding security programming newsgroups | March 21, 2006, 5:54 pm |
| Question about Security Certificate Notices | November 21, 2008, 2:24 pm |
| Newbieish question about standard security practices | June 11, 2005, 11:04 pm |
| Security and wireless internet | December 8, 2006, 4:12 am |
| Use products from Internet Security Agency | April 14, 2005, 12:38 pm |
| Internet Security Strong Authentication | August 24, 2006, 9:47 pm |
|
XML site map