Why we need better Computer Security.

[swestrup]

A recent study has shown that 80% of computer users have spyware currently installed and running on their systems, and 20% have an active virus on their systems. Most of the folks with the spyware or virii were unaware of them, or unable to get rid of them. Now, as a seasoned software proffessional, my instinct is to put the blame where it belongs: on the software industry in general, and Microsoft in particular.

The average user should no more be required to understand the inner workings of the internet in order to be safe than the average car driver needs to know about the carnot cycle in order to safely get to the store. Microsoft has no incentive to fix its horrible security problems, because the average user is unaware when their security has been breached, and so security is not a major selling point for software.

Since Microsoft won't fix the problem, another solution is needed. Linix is a solution of sorts, but not the ultimate one. Linux still has consumer usability problems and while it is vastly superior to Windows in that it actually has a security model, it is woefully out of date, especially considering the sorts of tasks that the internet requires of it.

What is needed is a fully distributed operating system and language for internet operation with a security model designed from day one to deal with questions of resource quotas, authentication, authorization, capability assignment, cryptological identiites, and so on. We already know that any successful system for performing internet transactions will need to be good enough to do banking, voting, signing contracts or the discusion of politically hot topics in a safe manner, and so the needs of these operations have to be addressed in the initial design, not hastily bolted-on later.

Thus we come once again to the reason that _sps_ and I want to scrap the current internet and replace it with something that actually works.

Comments

[swestrup]

I'm going to give a rather short answer, since a fair one would also be rather long and involved. To put it simply, we agree with you, and have a plan to 'evolve' the new system out of the old.

So, while what we want to do is replace the Internet with an entirely new set of protocols and systems. HOW we plan to do that will make it look like an evolution to the new users. Imagine something (very vaguely) working the way flash has, starting out as a small animation plug-in, and slowly aquiring more and more features that html doesn't have. Eventually you could make a push to take over the whole thing.

Only, flash isn't open source, and wasn't designed to have all of the fundamental features needed to produce an alternative to the web. Ours is so designed, and if our analyses are correct, would have a strong ability to lure users.

Of course, we'll never know unless I can somehow come up with the money to fund the development some day.

[joenotcharles.livejournal.com]

By curious coincidence, I'm looking for a new job now, and was thinking vaguely of maybe going into business for myself, if I could find a project I thought was ambitious enough to make money from... We should discuss this.

[swestrup]

I have several dozen ideas for projects that could make money. The NWO one is probably the hardest to do, in terms of the work involved, the money it would take, and the time until a profit was seen. Maybe we should talk about it though.