Educause Security Discussion mailing list archives
Re: New Internet for Security
From: "Jeffrey I. Schiller" <jis () MIT EDU>
Date: Sun, 15 Feb 2009 12:56:09 -0500
The Internet isn't the problem, and neither are its users. I decided to write: http://qyv.net/jisblog/2009/02/15/we-dont-need-a-new-internet/ The Internet is just a highway system and people are people. We cannot change human nature, so we aren't going to change the way people behave on the macro scale. The Internet is just supposed to be a bunch of pipes. Imagine a highway system if at every intersection you had to present ID to cross, or worse give the crossing guard an identical copy of your drivers license that they could then use to impersonate you! We need computers (aka an OS) that is not only secure, but remains secure in the presence of human operators who are not and never will be security experts. We need to get rid of passwords, badly! In fact most of the problems we face with all of the various breaches have been about the compromise of secret values (SSN's, credit card numbers) that we have to share in order to use! This is just nuts. Think about it. Why do all of our credit card transactions have to carry around sufficient information to permit impersonation? The problem isn't that we have to figure out how to protect all these terrabytes of sensitive information which are stored all over the place (which is what the Payment Card Security Standards [PCIDSS] is all about, I know, I have been living that pain as well). We need to figure out how to conduct business without having to handle sensitive information. -Jeff ----- "Gene Spafford" <spaf () CERIAS PURDUE EDU> wrote:
The following link is to a blog entry someone wrote about John Markoff's piece in the NY Times yesterday. Not surprisingly, I agree with it: http://davidakin.blogware.com/blog/_archives/2009/2/14/4093378.html
-- ======================================================================= Jeffrey I. Schiller MIT Network Manager Information Services and Technology Massachusetts Institute of Technology 77 Massachusetts Avenue Room W92-190 Cambridge, MA 02139-4307 617.253.0161 - Voice jis () mit edu =======================================================================
Current thread:
- New Internet for Security Theresa Rowe (Feb 15)
- <Possible follow-ups>
- Re: New Internet for Security Marty Manjak (Feb 15)
- Re: New Internet for Security Gene Spafford (Feb 15)
- Re: New Internet for Security Tracy Mitrano (Feb 15)
- Re: New Internet for Security David Shettler (Feb 15)
- Re: New Internet for Security Jeffrey I. Schiller (Feb 15)
- Re: New Internet for Security John Bambenek (Feb 15)
- Re: New Internet for Security Leo Song (Feb 15)
- Re: New Internet for Security Dennis Meharchand (Feb 15)
- Re: New Internet for Security Kevin Shalla (Feb 16)
- Re: New Internet for Security Hugh Burley (Feb 16)
- Re: New Internet for Security Keith Schoenefeld (Feb 16)
- Re: New Internet for Security Valdis Kletnieks (Feb 17)
- Re: New Internet for Security Valdis Kletnieks (Feb 17)