George,
I spent some time in the past reporting anomalies and what appeared to be breaches, too, but I don't recall ever receiving feedback or any sign that what I did made a difference to anyone. These included reports that I diligently sent to CERT, Compuserve (when I subscribed there) and to other monitoring and enforcement agencies. I subsequently ceased making such reports, I rationalize to myself, more out of the Sisyphean sense that I received in doing so than anything else, reinforced by the fact that nothing that I am aware of ever came of any of those incidents. I imagine that if I had continued doing this to this day, then the sense of futility would have only increased.
Two weeks ago I test ran a popular spyware filter, GRATIS, compliments of the manufacturer. You've gotta love it. The offer was for a free scan and report, but the wipe went for standard retail. It came from a reputable name in the business, and even with this being the case, I had cause to suspect that I was being hijacked by some ruse, despite the vendor's domain name being prominently displayed on the download link.
Performing the scan revealed that I had picked up several hundred agents over the past two years on the laptop that I'm now using -- three-hundred and forty-two (342) agents, to be exact, according to the results that were displayed. Those agents are still there, despite my uneasiness about keeping them. For one thing, I'm not sure how many of them are cookies that I routinely leverage for quick access, and how many are merely counting the dollars I don't spend on the 'Net, since I do not use this machine to perform Web based purchasing, and seldom peruse banner ads. I do plan to do some housekeeping in this regard, and soon, and this discussion will probably catalyze the matter for me once and for all, once I have a better handle on what I'm eliminating, and what I should keep. I will regard any further views on this subject in a welcome manner, along with great interest.
---
What I stated in my previous message about the plausibility of changing the network model that we now use to one that is more deterministic in order to rest more securely was only half in jest. All of the networking qualities that were once cited to drive the creation and subsequent proliferation of networking based on the Internet Protocol have all but ceased being issues today. Line speeds, memory and storage sizes, switching times, bandwidth capacity and processing times - all once characterized as scarce and costly - are, today, many orders of magnitude more abundant, cheaper and more capable than they were during the Seventies and Early Eighties, when IP was conceived.
And the use of a discreet end user address, as was intended with ATM through the use of the ANSI/ITU E.164 addressing scheme (and now again, even in the design of IP version 6) is now more feasible to accomplish and support than ever before, and in fact will find its way back into mainstream through various implementations for Internet telephony, e.g., ENUM.
One of the byproducts that we will see of all of this, in any event, will be all the pages of the Web being cached closer to end users - primarily due to factors related to denser, cheaper storage and cheaper bandwidth in the backbones, so the remaining attributes of speed and switching times would be put to test all the more infrequently if the 'Web were to become suddenly a local matter for the greater majority of page fetches.
Keeping content fresh on those servers, too, has become a more mature discipline, with content distribution and update schemes now common fare on the 'Net. I believe that this dynamic will only increase with the proliferation of Walled Gardens (the closed networking communities of the cable operators and increasingly smaller fttx and wireless operators, as well) as they unfold.
Then again, the ultimate answer may lie in simply finding the bad guys and locking them up. But when I view how this tactic has worked on the war on __________ (fill in the blank), I'm inclined, once again, to think otherwise.
FAC
frank@fttx.org |
