Create an Account
username: password:
 
  MemeStreams Logo

Bellovin RE: The National Strategy for Trusted Identities in Cyberspace

search

Decius
Picture of Decius
Decius's Pics
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Decius's topics
Arts
  Literature
   Sci-Fi/Fantasy Literature
  Movies
   Sci-Fi/Fantasy Films
  Music
   Electronic Music
Business
  Finance & Accounting
  Tech Industry
  Telecom Industry
  Management
  Markets & Investing
Games
Health and Wellness
Home and Garden
  Parenting
Miscellaneous
  Humor
  MemeStreams
Current Events
  War on Terrorism
Recreation
  Cars and Trucks
  Travel
Local Information
  United States
   SF Bay Area
    SF Bay Area News
Science
  Biology
  History
  Math
  Nano Tech
  Physics
Society
  Economics
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
    Surveillance
   Intellectual Property
  Media
   Blogging
Sports
Technology
  Computer Security
  Macintosh
  Spam
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Bellovin RE: The National Strategy for Trusted Identities in Cyberspace
Topic: Computer Security 1:43 pm EDT, Jun 26, 2010

Steven Bellovin

People often suggest that adding strong identification to the Internet will solve many security problems. Strong, useful identification isn't possible and wouldn't solve the security issue; trying to have it will create privacy problems.

Agree.

The problem with security in cyberspace is that exploits target bugs in software to make them do things the designers didn't intend. Authoritarians have this fantasy that if they can just design a system that requires everybody to be tracked and tagged they'll be able to arrest those dirt bags who commit crimes on the Internet. One problem with this idea is the assumption that the identity system will be any less prone to software bugs then any other part of the infrastructure. It won't be, so it won't work. Another problem is the idea that you can actually manage an identity system for everybody in the entire world. You can't.

This, much like the ill considered efforts at "whois accuracy," will only serve to make it easier to target, arrest, or sue people who aren't intentionally out to commit crimes but for some reason run afowl of well heeled interests.

The secret is that some of the supporters of these systems know this, and thats exactly what they want. Other supporters don't care - they stand to benefit financially from these requirements regardless of how effective they are.

Bellovin RE: The National Strategy for Trusted Identities in Cyberspace



 
 
Powered By Industrial Memetics
RSS2.0