[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ISPs offering ssl-encrypted e-mail?

On Sun, Feb 04, 2001 at 09:32:16PM +0100, A. L. Meyers wrote:

> No babble at all. Why don't we millions of e-mail users insist on 
> security? Why aren't ISPs offering number 3 default? Why do the users 
> have to do all the work?

I'll tell you why this happens. For the same reason that users tolerate
crappy M$ operating systems that have swiss cheese security and no
stability. They have been conditioned this way. Because they think that
this is the way that its supposed to happen and there's nothing that can be
done about it. Its not like this in other areas of life. If you were
driving your new car, and at random intervals, you had to pull over, turn
it off, wait and restart, just about every consumer would be down at the
dealership jumping on somebody's desk. 

The other reason that this happens is that security times convenience is a
constant. Make a system more secure and the complexity increases as well.
Most people don't want to be bothered with the added workload of securing
their systems.

> The whole inet must be overhauled: secure by default!

Unfortunately, this will not happen in the near future. The Internet was
designed as a) a headless entity that could survive having multiple areas
of it turned to air pollution by nuclear weapons and still survive, and b)
a think-tank method for researchers to share their research. Neither of
these are conducive to dealing well with the threats. It is akin to
building a house on the sand, realizing its sinking, and deciding to try to
concrete the beach. 

Bradley M. Alexander, CISSP              |   Co-Chairman,
Beowulf System Admin/Security Specialist |    NoVALUG/DCLUG Security SIG
Winstar Telecom                          |   balexander@winstar.com
(703) 889-1049                           |   storm@tux.org
The art of flying is to throw yourself at the ground and miss.
            						-- Douglas Adams

Attachment: pgpY5BboJfjYX.pgp
Description: PGP signature

Reply to: