IT Security E-Business and State LANs
| Are Mono culture operating systems the source for recent worms and viruses, or should blame be cast upon the ignorant or lazy end users who don't secure their home desktops? It was recently reported that an on-line automobile dealership left its patron's personal information -- including completed credit applications -- exposed on the site to whomever felt inclined to see it. And now, several US states are attempting to pass a law that would require all Internet purchases to incur sales tax, where before there was none. |
Its true. An operating system mono culture does have the greater potential for allowing cascading viruses to infect our systems. However, this cascading effect is made orders of magnitude worse by the fact that the Internet is setup as a monolithic structure. End users will never have the expertise, ability or desire to maintain server level security on their PC's. Many of them are running the same insecure software that came on their box when it first shipped.
Whenever these individuals are on-line, they're exposed, and are potential victims of every malevolent hacker on the planet. The auto dealership problem (mentioned above) was not caused by a virus or worm. Rather, it was simply carelessness. It's potential damage was worsened by the fact that the information was exposed to the entire world.
The last straw that prompted me to write this piece was the states looking for sales taxes on Internet purchases. Not because I'm opposed to taxes, but that in their zeal to cure tax revenue shortfalls, the states have abandoned their local brick and mortar businesses. They've given them up for dead instead of looking for innovative ways to reinvigorate their local economies.
The accepted wisdom in computer security (in simplified terms) is 'compartmentalized total lock down'. It involves giving access permissions only as needed, which in turn reduces the risk of security breaches. It also localizes any security breaches that do occur.
If you view the Internet as one global server, the current monolithic structure of the Internet achieves none of these objectives. For example, there is no good reason why someone applying for an auto loan at their local dealership should have that information exposed to a global anything. If properly implemented -- by compartmentalizing the Internet by establishing statewide or local LAN's -- the potential for security breaches becomes greatly reduced.
The cascading effect of worms and or viri would be minimized by having "gate keeper" system administrators manning each LAN's access point, which would prevent infection. As a result, local on-line business transactions could continue as normal and be shielded from the evils on the Internet.
Offering free, greatly reduced (even subsidized) access fees to State LANs, but charging standard fees for access to the Internet as we do today would become a huge boon for our local economies and tax bases. Every local business would want to have a presence on these inexpensive LANs. People would be able to shop at the smallest, out-of-the-way, local niche businesses on-line, and save huge amounts of time, energy and fuel costs by simply accessing them online.
Many who prefer to shop locally but haven't bought computers yet, might feel more inclined to purchase them for the convenience of browsing their favorite service, restaurant, or store's ?mini website.? They would do so even if only to see if something is in stock, check menus etc... before physically driving there. This might even spark a reemergence of delivery services from local businesses, further reducing energy costs and benefiting the elderly, infirm or disabled.
The logical result of this type of compartmentalization would be the E-business mirror franchise or affiliate as seen more commonly in mass media. For example, Instead of Google having their search engine at one central point, the company would run from a collection of one or more servers within all of these LANs. Instead of having to charge a global-sized fee for their advertising and services, they could lower the costs of advertising on each localized LAN, making it more affordable for more businesses.
Also, local Google searches would be far more accurate than they are at present. E business mirror franchises would establish the physical presence needed by the supreme court for the states to collect tax revenue.
The implementation of this type of highly secure system would involve large numbers of small and large businesses having to buy small and large web servers, software and the hiring of IT professionals to set up and maintain them. This would put many IT people back to work because it's impossible to outsource most of this kind of work. The emergence of FOSS (free open source software) greatly reduces the cost of startup and maintenance for small businesses.
Our local economies would spring back to life, not to mention would also the entire IT industry. Orders for first time computer buyers, would start coming in. Local political discourse would take on a whole new meaning because of the home style accessibility. E-everything would become more personalized, meaningful, safer, and more enjoyable for us all.
There are those who would rather leave the Internet as it is, and instead, apply big brother type controls to us and our computers. I for one will resist this to the point of walking away from computing entirely. True, my suggestion would require a lot of work, but there are plenty of people who need work, and our local area businesses need help badly as well.
The Internet's current structure makes a very few people very wealthy while putting many other people out of work. My suggested Internet structure through connected state LAN's, spreads the wealth by making meaningful (home-town) jobs to a whole lot of people.
The ball is on the State's side of the court.
| | |
|
| Reader Rating from 1-5 |
|
|
|
|
|
 |
|
Posted by
drcheap, The Fresh Tux
On Saturday the 1st, November 2003 at 01:53 AM (EST) |
|
|
| Are Mono culture operating systems the source for recent worms and viruses, or should blame be cast upon the ignorant or lazy end users who don't secure their home desktops? |
It's both, you've said it yourself:
| End users will never have the expertise, ability or desire to maintain server level security on their PC's. Many of them are running the same insecure software that came on their box when it first shipped. |
| Not because I'm opposed to taxes, but that in their zeal to cure tax revenue shortfalls, the states have abandoned their local brick and mortar businesses. They've given them up for dead instead of looking for innovative ways to reinvigorate their local economies. |
I totally agree, it's like some sort of unconquered territory that someone else will claim if they don't.
| If you view the Internet as one global server, the current monolithic structure of the Internet achieves none of these [security] objectives. |
But the Internet isn't really monolithic as you describe. It is very large & built upon many standards and conventions, however it is quite diverse and decentralized.
| The cascading effect of worms and or viri would be minimized by having "gate keeper" system administrators manning each LAN's access point |
Sure. Do you realize the amount of data that would have to be analyzed & filtered by these gate keepers...in a matter of nanoseconds!? And a State LAN would have to have many so-called access points, which further complicates this issue. This compartmentalized-by-geography notion you have is no good: Think of States as ISPs, and the gatekeepers are the firewalls, content filtering proxies, & security admins. ISPs peer with one another to pass data, and many ISPs offer customer-only content. The State LAN concept is almost identical to the current internetwork architecture of today, only abstracted to a geographical level.
| Offering free, greatly reduced (even subsidized) access fees to State LANs, but charging standard fees for access to the Internet as we do today would become a huge boon for our local economies and tax bases. |
Subsidized by the taxes charged on Internet commerce transactions, right? Great, there goes that new tax revenue stream right down the drain.
| Every local business would want to have a presence on these inexpensive LANs. People would be able to shop at the smallest, out-of-the-way, local niche businesses on-line, and save huge amounts of time, energy and fuel costs by simply accessing them online. |
These sorts of things exist now, in the form of 'community' websites, typically for suburban neighborhoods of larger cities. If a business is local, then it really isn't out-of-the-way. I don't know about you, but the idea of buying a product from a business 10 or 20 miles away, only to have to pay shipping costs, wait 3 days to receive the product, _and pay tax_ for it too doesn't sound too appealing.
| Many who prefer to shop locally but haven't bought computers yet, might feel more inclined to purchase them for the convenience of browsing their favorite service, restaurant... |
But all this is possible without converting the Internet into a compartmentalized system. The problem here is that not enough business DO this, mainly because there is not enough financial incentive to pump money into the web presence. Fortunately, some have realized that their sites, even if only useful to those who live nearby, are well utilized and appreciated. Now only if others would see this and make better use of technology.
| For example, Instead of Google having their search engine at one central point, the company would run from a collection of one or more servers within all of these LANs. Instead of having to charge a global-sized fee for their advertising and services, they could lower the costs of advertising on each localized LAN, making it more affordable for more businesses. |
Yes, this is true, similar to the way many cable companies have zone-based advertising for local TV commercials. The business pays much less...but also gets much less exposure. And for regional or national companies, the cost to advertise across localities would end up being quite high.
| Also, local Google searches would be far more accurate than they are at present. |
I don't know how you come up with this. Maybe if one was searching for local auto repair shops or something, but that is what online yellow pages and/or directories (like Yahoo!) are for -- they are good at doing geographical searches. About 95% of what *I* search for on Google is not geographically dependent -- in fact, I would find such a 'feature' to have a serious negative impact on the ability to find information online. One of the key features of the global nature of the Internet is the variety and availability of information that can be found by seamlessly going beyond one's locality.
| The implementation of this type of highly secure system would involve large numbers of small and large businesses having to buy small and large web servers, software and the hiring of IT professionals to set up and maintain them. This would put many IT people back to work because it's impossible to outsource most of this kind of work. The emergence of FOSS (free open source software) greatly reduces the cost of startup and maintenance for small businesses. |
Yes, FOSS (which I am ALL for) greatly reduces one component of this, but what business has the capital to fund all this new equipment, setup, coordination, and employee compensation? One major cause for the high unemployment rate in IT is the lack of corporate funds & IT cost reduction goals.
| (insert last few paragraphs here) |
As an IT professional who has worked with the Internet for almost 10 years, I still say it all sounds like idealism.
| The ball is on the State's side of the court. |
The air is going to leak out of that ball before it makes it into any shiny red metal ring with dangling ropes.
|
|
|
| |
