Headline FeedsE-Commerce Times Talkback
|
|
See Full Story
When the inventors of the Internet created the technology, they never envisioned that it would become so ubiquitous -- or that it would serve as a way for malicious hackers to spread worms, trojans and other malware. They aimed for openness and functionality, which they achieved, but with that success came a downside. The structure of the Transmission Control Protocol/Internet Protocol, commonly known as TCP/IP, turned out to be far from secure. In terms of the Internet's future, is it possible to build a solid house on such a weak foundation?
Re: The Porous Internet and How To Defend It
Posted by: geer 2004-04-16 11:11:34 In reply to: Elizabeth Millard
This has to be countered, by people like us, at every opportunity. The Internet (in the ARPA sense) was explicitly designed for availability and that is absolutely a security-centric design point. Without availability guarantees, the rest is irrelevant.
Joan Feigenbaum and I got in a rather public argument with Tony Rutkowski two Fridays ago at Yale on this very issue -- the critical feature, the one that we should all pay homage to every day, is that Clark, Kent and Saltzer concluded that the end-to-end design point was the right one to take for matters of security for individual protocols and entities. No other decision was as critical or as wise. This "was not designed for security" cant is myopic, antihistorical, and misleads lesser minds. Carried to its obvious conclusion is a nanny state for electrons.
-- Dan Geer
Joan Feigenbaum and I got in a rather public argument with Tony Rutkowski two Fridays ago at Yale on this very issue -- the critical feature, the one that we should all pay homage to every day, is that Clark, Kent and Saltzer concluded that the end-to-end design point was the right one to take for matters of security for individual protocols and entities. No other decision was as critical or as wise. This "was not designed for security" cant is myopic, antihistorical, and misleads lesser minds. Carried to its obvious conclusion is a nanny state for electrons.
-- Dan Geer
Re: The Porous Internet and How To Defend It
Posted by: WhiteG 2004-04-15 04:24:52 In reply to: Elizabeth Millard
Bellovin is right that the problem is insecure hosts and can't be solved using firewalls and or new protocols. The internet is a global community. If you consider communities around the world there are some where it is safe to go out at night and others where people who can afford it never mingle with ordinary people and live in guarded compounds. Because governments have a duty to be accessible, "best security practices" for government sites should not be copied from a business model. Governments should assume responsibility for shaping the internet community.
Bellovin's suggestions are a step in the right direction.
Bellovin's suggestions are a step in the right direction.
