] "Let's make all end user devices nonprogrammable," he ] says. "No one can connect to the Internet on a machine ] that creates code. If you want a computer to do ] programming, you would have to be licensed. We could ] license software companies to purchase programmable ] machines, which would be completely traceable along with ] the code created on them." ] ] That would blunt the information security ] problems - suddenly all that intelligence at the edge ] of the network that Amoroso wants to pull back in isn't ] just gone; it's physically stripped. On the other side, ] new levels of accountability and liability are created ] through licensing developers and eliminating anonymity ] from coding. A collection of ideas for working on the computer security problem. Some are good, some are naive, some are absolutely orwellian, none of them are new. The fact that they are being considered at this level is worth noting. Its all about power. The way the Internet works today, with the end user controllable devices, and the security problems, is the result of a power stuggle with the phone company about who gets to control innovation. Most of the solutions proposed here involve changing that balance of power. In favor of whom, is the question. All of these things will involve a fight. Some you'll want to fight for, others you'll need to fight against. The reason DHS can't keep anyone in the computer security czar job for very long is that the people who want that job beleive it should be a peer of the surgeon general and the administration doesn't feel that its THAT important. Its all about power. There are a lot of people in this industry who see so red over a few spams that they are ready to lock everyone in a cell. These people need to be checked. My fear is that this list is like Patriot Act ][. A collection of poorly considered authoritarian ideas that is kept close by. Break glass in event of major catastrophy. Then let them all spill out with little or no critical consideration and never get rid of them later. |