
Do We Need a New Internet? - peter123
http://www.nytimes.com/2009/02/15/weekinreview/15markoff.html
======
fauigerzigerk
So I'm supposed to give up anonymity and expose myself to moral and religious
fanatics, corrupt governments, incompetent IT departments, inconsistent
international law, predatory industry associations, greedy lawyers and whatnot
to gain what exactly?

Less spam? Freedom to choose weak passwords for my ebay account? Avoiding a
multi hour internet outage once every few years? Allow the military to save
money on computer security? Are these the Pearl Harbors and Maginot Lines the
article talks about? Exuse me, but were people not dying in the millions
during the second world war?

This coalition of computer security "experts" and sensationalist journalists,
both with massive vested interests, has been pounding us with this nonsense
for decades now. It's boring and stupid and I wish they would just go away and
stop threatening my freedom.

~~~
Dobbs
Hear Hear, I'm all for anonymity by default, and allowing the user to opt-in
for confirmation of identity.

Possibly it might be nice to have a service where you can get your gpg key
connected with your person. Then you have the ability to sign electric
documents and such naught. I do believe this type of option needs to be a
private industry and completely optional.

------
wmf
"Proving identity is likely to remain remarkably difficult in a world where it
is trivial to take over someone’s computer from half a world away and operate
it as your own. As long as that remains true, building a completely trustable
system will remain virtually impossible."

Conversely, complete identification on the Net won't necessarily slow the
spread of worms; if you're absolutely certain that you're getting owned by
John Smith's computer... you're still getting owned. Even if Microsoft
implements extensive forensic logging, at best you could track a worm back to
"patient zero" in a dorm room in Whereverstan.

~~~
jodrellblank
A system that a corporation tells me is "completely trustable" is not one I
trust completely.

------
tokenadult
"'In many respects we are probably worse off than we were 20 years ago,' said
Eugene Spafford, the executive director of the Center for Education and
Research in Information Assurance and Security at Purdue University and a
pioneering Internet security researcher, 'because all of the money has been
devoted to patching the current problem rather than investing in the redesign
of our infrastructure.'"

It probably is time to rethink the problem of spammers and worms at a more
fundamental level.

------
CalmQuiet
I'd gladly do everything I currently do _without_ anonymity... if it gave me
access to the viewing and up/downloading I need to do... and made sure that
the info/sites with which I need to work stayed available.

But when will enough people come to value such access that all the
sites/servers I want to talk to get on that same theme and guarantee that they
(or their networks) don't get DoS'd, etc.?

Is it maybe time to change laws that currently make it illegal (even for gov.
& gov-sanctioned contractors) to intervene in infected/botted machines? We
currently _require_ treatment for carriers of resistant TB to roam freely
without treatment. Are not the bot-zombies the technological equivalent?

------
joshu
Part of the problem here is that anonymity provides cover for misbehavior
(spam, hacking, etc.) The aggregate cost for this is paid for every site that
allows free access.

There already exists systems that authenticate known people - credit cards,
for example. So it's at least doable. I wish credit card people opened their
infrastructure for authentication as well as payment.

I do think this is largely the browser vendor's fault. Create physical tokens
(cert on a usb stick, perhaps) and allow people to have real identity on the
web (when you want it.)

------
mootymoots
I blogged about this similarly a few weeks back where I discussed whether the
whole call/response mechanism needed to be rethought... I still believe it
does... <http://www.reynoldsftw.com/2009/01/is-the-internet-broken/>

------
lacker
_There have been immense efforts to bolt on security, to little effect._

Not really true. https is good enough to buy things online. It's better than
giving your credit card to a waiter.

------
Ardit20
NYTime does know how to scare people, that's for sure. I guess someone forgot
to tell them that you can not have good without bad. You see we are not in
heaven and we do not want heaven, perfection is boring, complete safety is
boring.

