Fixing the Internet is…easy?
There’s no need to enumerate the dangers that Internet use poses for our security and privacy – we are, sadly, all too aware of what they are and how much they influence our daily life.
I recently heard a colleague of mine pose the following rhetorical question: “How is it possible that we are able to send people into space, but still have problems making the Internet and computer users safe?”
I have to agree that sometimes the issue Internet security seems insurmountable, but not everybody feels the same. Roger Grimes, computer security veteran, thinks the solution to the problem within our reach. He recently made public a white paper, in which he offers his two cents on the subject.
“All it would take is a global group of security technologists from the private sector and government to agree on what values to put in a few different tables. That’s it. We already have the technology and protocols to do it. We all know what we need to do. We just need to do it,” he says in his column. “Contrary to established, knowledgeable critics, this goal is readily achievable, today, using already existing open standards.”
Aside from using open standards, he deems that the solution has to be vendor, platform, and performance neutral; use a transparent process; be opt-in; be able to integrate with legacy systems; and, of course, not be disruptive to users and services.
“A new Internet infrastructure must promote default identity, authentication, and attribution,” he says. Unfortunately for all of us, he believes that nothing short of a massive disaster will force us to start moving in the right direction.