Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
Anne & Lynn Wheeler
lynn at garlic.com
Mon Dec 22 23:24:53 EST 2003
At 03:03 PM 12/21/2003 -0800, Seth David Schoen wrote:
>Some people may have read things like this and mistakenly thought that
>this would not be an opt-in process. (There is some language about
>how the user's platform takes various actions and then "responds" to
>challenges, and perhaps people reasoned that it was responding
>autonomously, rather than under its user's direction.)
my analogy ... at least in online scenario has been to wild, wild west
before there were traffic conventions, traffic signs, lane markers, traffic
lights, standards for vehicles ... misc. traffic rules about operating an
unsafe vehicle and driving recklessly, various minimums about traffic
regulations, and things like insurance requirements to cover the cost of
accidents. infected machines that do distributed DOS attacks ... might be
considered analogous to large overloaded trucks w/o operational breaks
(given rise to truck inspection and weighing stations). many ISPs are
already monitoring, accounting and controlling various kinds of activity
with respect to amount of traffic, simultaneous log-ins, etc. If there are
sufficient online incidents ... then there could be very easy to declare
machines that become infected and are used as part of various unacceptable
behavior to have then declared unsafe vehicles and some sort of insurace be
required to cover the costs of associated with unsafe and reckless driving
on the internet. Direct costs to individuals may go up ... but the unsafe
and reckless activities currently going on represent enormous
infrastructure costs. Somewhat analogy to higher insurance premiums for
less safe vehicles, government minimums for crash tests, bumper
conventions, seat belts, air bags, etc.
part of the issue is that some number of the platforms never had original
design point of significant interaction on a totally open and free internet
(long ago and far away, vehicles that didn't have bumpers, crash tests,
seat belts, air bags, safety glass, etc). Earlier in the original version
of this thread ... I made reference to some number of systems from 30 or
more years ago ... that were designed to handle such environments .... and
had basic security designed in from the start ... were found to be not
subject to majority of the things that are happening to lots of the current
internet connected platforms.
http://www.garlic.com/~lynn/aadsm16.htm#8 example: secure computing kernel
needed
misc. past analogies to unsafe and reckless driving on the internet:
http://www.garlic.com/~lynn/aadsm14.htm#14 blackhole spam => mail
unreliability (Re: A Trial Balloon to Ban Email?)
http://www.garlic.com/~lynn/aadsm14.htm#15 blackhole spam => mail
unreliability (Re: A Trial Balloon to Ban Email?)
http://www.garlic.com/~lynn/2001m.html#27 Internet like city w/o traffic
rules, traffic signs, traffic lights and traffic enforcement
http://www.garlic.com/~lynn/2001m.html#28 Internet like city w/o traffic
rules, traffic signs, traffic lights and traffic enforcement
http://www.garlic.com/~lynn/2001m.html#29 Internet like city w/o traffic
rules, traffic signs, traffic lights and traffic enforcement
http://www.garlic.com/~lynn/2001m.html#30 Internet like city w/o traffic
rules, traffic signs, traffic lights and traffic enforcement
http://www.garlic.com/~lynn/2001m.html#31 Internet like city w/o traffic
rules, traffic signs, traffic lights and traffic enforcement
http://www.garlic.com/~lynn/2002p.html#27 Secure you PC or get kicked off
the net?
http://www.garlic.com/~lynn/2003i.html#17 Spam Bomb
http://www.garlic.com/~lynn/2003m.html#21 Drivers License required for surfing?
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list