How to secure the Internet with a single service.

I've been writing about how to secure the Internet for almost a decade, including in this InfoWorld position paper (PDF), which gives most of the details. My proposal is this: A new Internet channel must be created to establish pervasive authentication and improved services for identifying the bad guys. That might seem like a tall order in today's ultramalicious online world, but it can all be readily done using existing protocols and integrate with all legacy systems. In the past, many readers have recoiled from the notion of pervasive authentication. An Internet where everyone knows who everyone else is a contentious idea. But those concerns can be addressed by having anonymous and pseudo-anonymous identities, and channels that don't mind those types of identities with less trust assurance. In all modesty, I think the best part of my solution is a new centralized service that serves as a sort of "DNS for security." Like DNS, the new security service would be everywhere on the Internet, available for all to us, and mostly invisible behind the scenes. I envision a centralized service that keeps track of all the bad things going on around the Internet and lets everyone else know when badness is confirmed. For example, Microsoft recently confirmed that four brand new computer brands contained malware installed at the factory -- and also discovered a single parent domain, 3322.org, hosting 500 different malware strains across more than 70,000 sub-domains. Wouldn't it be wonderful if both the computer vendors involved and the 70,000 exploitative sub-domains were immediately announced to the world as "bad actors" so that the rest of us (and our software and computers) could respond appropriately? Much of the anti-malware world knows most of the malicious places and things on the Internet. I believe this sort of information should be freely shared with the entire world, rather than held by particular vendors. What's needed is a new service that has the simplicity of a DNS query ("one packet sent, one packet received"), which can tell the originator whether or not a particular subject has been previously determined as malicious or not. Some vendors have already built this sort of functionality into their products. But what I'm talking about is a service the works no matter what product, operating system, or device you use.
By Roger A Grimes

Comments

Post a Comment

Popular posts from this blog

‘WHY I LEFT NIGEZIE’ – HOST OF NIGERIA’S GOT TALENT ANDRE BLAZE REVEALS

Image
Prolific TV host Andre Blaze has opened up on why he left popular cable TV channel Nigezie where he worked for four years. ‘Expansion! It was time for me to grow‘, the young dark skinned presenter who started working at Nigezie from August 2008 told NET. Andre Blaze says he officially turned in his resignation in May 2012 but left in June. ‘It’s been an incredibly, the most educational experience‘, Andre Blaze reminisces on his stay at Nigezie. Before joining Nigezie, Blaze was head of programming at Rhythm FM 93.7, Port Harcourt. Andre Blaze was recently announced as the host of the first ever edition of ‘Nigeria’s Got Talent‘ show. He is however not new to hosting talent shows. ‘I’ve hosted shows like ‘Zain Nigeize True Search‘, ‘Battle of the Year‘, ‘Peak Talent Show‘, but this one looks even more impressive’, Blaze told NET.
Read more

CHRIS OKOTIE AND STEPHANIE

Image
Since ending his four year marriage to Stephanie Henshaw in June this year, Pastor Chris Okotie has never really opened up about what led to his decision to end his marriage. Pastor Okotie & Ex-Wife There has been a lot of speculations in the media and he finally decided to react to some of it. He gave an exclusive interview to City People magazine through a minister in his church, Rev Grace Funmi Paul, a member of House Hold of God for the past 25 years. Rev Grace Paul: A blind person knows that my pastor loved his wife, Stephanie, passionately. This year before the separation, he had taken her out of the country at least three times to different places like Dubai, US and so on. He loved her, so did the congregation but the bible says that two cannot walk together except they agree. In the establishment of the kingdom of God, the rules change because the rules are made by God and not by man. So, it didn't have to do with what pastor wanted to do, because left to him, his l...
Read more

MICROSOFT DISCOVERS BUG IN INTERNET EXPLORER.

Image
Microsoft Corp warned a newly discovered bug in its Internet Explorer web browser makes PCs vulnerable to attack by hackers and urged customers to download a piece of security software to mitigate the risk of infection. The security flaw affects hundreds of millions of Internet Explorer browser users. Microsoft said attackers can exploit the bug to infect the PC of somebody who visits a malicious website and then take control of the victim's computer. The software maker advised customers on its website late on Monday to install the security software as an interim measure, buying it time to fix the bug and release a new, more secure version of Internet Explorer. The company did not say how long that will take, but several security researchers said they expect the update within a week. The free security tool, which is known as the Enhanced Mitigation Experience Toolkit, or EMET, is available through an advisory on Microsoft's website: blogs.technet.com/b/msrc/  The EMET sof...
Read more