RE: The Future of Security

["Scott, Richard" <Richard.Scott () bestbuy com>]

          Damir Rajnovic wrote:
        >At 19:36 30/11/1999 -0500, Marcus J. Ranum wrote:
        >>I think many things will become appliances, as computers move
        >>into an ever-increasing household penetration. This will bring
        >>up new sets of problems. What if someone hacks your toaster oven?
        >>OK, that's probably not realistic, but what about Dreamcast, and
        >
        >I was unable to resist. There is, or rather, may be an implication
of
        >'hacking a toaster'. Toaster may not be so good example but fridge
        >is much better. Let us assume that fridge maintain time and date
        >when door was opened last time. If one can hack into fridge and see
        >that door was not opened for a several days one may assume that
        >fridge owner is absent and one may attempt to break into a house.
        >

          Sun has come up with the "Jini" technology ( www.jini.org )
        and to quote from the web page:

          " Jini connection technology provides simple mechanisms
          which enable devices to plug together to form an
          impromptu community -- a community put together
          without any planning, installation, or human intervention.
          Each device provides services that other devices in the
          community may use. These devices provide their own
          interfaces, which ensures reliability and compatibility. "

        To take this further, think of every appliance siting on it's own
address space provided by the new super duper Internet.  Every application,
be it a toaster to a firewall has a unique "Internet" address.  What
encompasses security  will vary.  Just think at the potential, that MP3, and
other downloadable and burn media.  Not that I necessarily think that they
are good quality services, but the public or rather the media men would like
you to think they were amazing.
        So we may see more online services, maybe online fixes(Diagnostics)
of toasters, TV's. Computers(Arh!) and videos.

        I wouldn't want a DoS attack on my toaster as much as on my
firewall.  I buy these appliances in the hope they function as that of how I
understand it.  Things can get pretty hectic when alarm systems, CCTV and
other physical security products are used and controlled over a network.
Then tampering with these appliances can cause a huge problem.  One could
hack the CCTV and make the cameras point away for a potential crime scene.

        Implementing IPSec would help alleviate some immediate problems, but
it only takes time to find potential flaws.
        And, I do believe, along with numerous other Security experts that
universal "Internet" address for every appliance will someday come about.

        Second handful of 2cents is my concern over Home Computer Security.
I can not believe that Joe Blogs who wants to surf the net is going to spend
money on security his computer, be it Dial-up modem or *DSL.  If I had a
*DSL service and I believe I had been hacked, I think the American public to
rely on a legal battle to receive compensation from the DSL provider.  May
be a text book example in court would then ensure ISP companies to provide
adequate security as part as their service.  Just how this is done, is yet
to be seen.  Furthermore the use of new payment systems could make the ISP's
enforce better security, by providing the hardwares to perform filtering,
processing of information from these payment systems.  I believe that this
market will totally change once a court case has been found in favour of the
service user.

        <End of Rant>
        <Define Weekend>
        <sleep(2 days)+weekend>
        Weekend undefined


        r.
Richard Scott   
BestBuy.Com
* Tel: 001-(612)-995-5432
* Fax: 001-(612)-947-2005
* Best Buy World Headquarters
7075 Flying Cloud Drive
Eden Prairie, MN 55344 USA

The views expressed in this email do not represent Best Buy
        or any of its subsidiaries.