Trash the Internet and start again?

Printable View

April 22nd, 2003, 07:24 AM
Jupes

Trash the Internet and start again?

Over at the Security Supersite I found an article on the merits of "Throw[ing] Away the Internet; Start All Over". See: http://security.ziffdavis.com/articl...1036052,00.asp

It is an interesting look at the Internet that "was designed to be secure from nuclear attack, not its own users." and what could be done to rectify its many problems. While the article focuses on problems with email and STMP and floats a possible solution, it fails to cover other areas in which the internet is vulnerable. So the question is, if we had our time over, how would the internet be designed so it was inherently secure?

I am sure there are many in the AO community that would have some excellent ideas about the architecture of a SecureInternet v1.0, so lets get the ideas flowing and see what we come up with... :)
April 22nd, 2003, 08:16 AM
DigitalSyntax

Stop using Windows boxes for servers would be a nice start ;)
Also i read somewhere that some hackers wanted to help fix up Windows NT since Microsoft is giving it the final reBOOT and calling it quits, i i think since alot of companies still run NT they should allow the hackers access and let them try to fix NT and release a new version free to anyone....but then again its Microsoft so they could make it so if you still use NT and have a valid license you can have a free upgrade because they will still want to make money.
April 22nd, 2003, 08:25 AM
the_JinX

how about checking out the freenet project..

they are trying to make a (terribly slow) secure internet..
April 22nd, 2003, 09:52 AM
Networker

That's quiet a good question,
in my sense a major change in the next 10 years will be the introduction of a new standard for TCP/UDP were each connection header is authenticated. Anyway TCP is a real to old protocol that need evolution at least for bandwith optimization, that's my opinion.

If you're interested into network design project, the MIT leads the NewArch project that aim to define that the future internet could be.
Here comes 2 excellents white papers.
1- a description of the project guide lines (unfortunatly security is not part of requirement architecture)

2- A proposition to abandon the OSI model to a called "Role-Based Architecture". Each internet entity is identifiable and flows can determine wheter or or not they can be redirected and so on.
The idea is quite simple but once more security considerations are not really taken into account.

That's bad news for the utopical IP community, but a good one for security business .....