Secure before internet...
[Posted to Random Bytes on January 9, 2003 12:25 AM| Links to this post ]

Sclavos: "The bigger concern is whether the open Internet allows someone into a network that is less resilient--into a power grid, for example, or into a water treatment plant. Because the Internet now has an open connection, and somehow you can figure out a way to get into that other network that was thought to be secure before. That's where the greater risk is. It' s not the Internet itself, but to what the Internet now allows access. "

Frankston: "Naive models of trust have not only festered but have become endemic. Simple (minded) file sharing has an us/them model with the assumption that them is still us. Microsoft's Trust model and Verisign's certification give me a Hobson's choice of 100% trust or 0% trust. I can't have qualified trust which might allow a program to help me edit a picture but not run rampant through my file system. This naive model of trust is endemic throughout Microsoft's systems. Microsoft is far from alone in this naiveté. Identifying someone as a spammer is little different -- I might want the catalog that you consider junk. This is a complex topic in its own right and I will write about this in more length. There are many related issues including confusing identity with certification. "

Post a comment