There's an article over on SecurityFocus by Tim Mullen titled " Stop Being a Victim". I'm undecided as to whether it's a troll or not. He appears to be suggesting that the way to improve the security for Internet users is for those users understand and care enough to secure their computers.... It's a nice idea, but having been a network admin in the past and having supported a lot of users in my time, my initial thought on reading it was "BWA HA HA HA HA"
The idea of getting the X million people currently connected to the Internet to understand what is required to secure a computer on the Internet is quite amusing, given that professional IT people in large corporations regularly get it wrong looking at the ease with which hackers like Adrian Lamo have penetrated their networks.
So, what is the answer then?? There are a couple of ideas which come to my mind.
1. Make ISPs and network access providers responsible (and legally liable) for traffic from their networks. Of course, the knock on effect of that would be a huge rise in Internet access costs and greatly reduced functionality as ISPs would have to install outbound filtering to stop attacks originating from their networks infecting others...
2. Split the Internet. One answer for some users would be for the recreation of walled Internet communities (like AOL and CompuServe of old). Where there is no access to the mainstream Internet from the community (or very controlled access). That would, however, need to be combined with more control over the end-users of the service.... and again far higher charges for access as the provider provided security services to the subscribers...
3. Improve software to make it more secure, and less vulnerable to attack.... This is the one that's currently being tried out by Microsoft, with them improving software quality and adding security feature to their operating systems. However I'm not convinced that this will ever really have the desired effect... At the moment, my perception is that Worm/Virus attacks are on the up and also the number of patches coming out of Redmond is going up, not down....
I'd mention the idea of regulation as a concept, except for in a global Internet, the chances of getting all the worlds governments lined up behind decent legislation is what I can only describe as, extremely unlikely...
So where does that leave us? The answer is, I'm not sure. Sorry, this isn't some published article so I don't have to have a silver bullet solution ;op
