[Dshield] Re: Securing home computers

Kenneth Coney superc at visuallink.com
Sun Jun 29 16:53:57 GMT 2003

It  wouldn't be that hard to create a new (another) bureaucracy under
Homeland Security.  The connection to protecting the infrastructure is
obvious.  Because of the clear and present danger to the world at large
caused by unrestricted or unauthorized hacking (i.e., control of power
grids, stock market, airline auto pilot computers, computerized surgical
robots, remotely operated LNG and oil tankers, satellite control, etc.), we
could set Internet access up to follow the same dance NYC pistol owners
do.   All Internet surfers would have to register, be photographed and
fingerprinted every 6 months and register their current address, present
physical proof of current training and certifications, background
investigation for verification, etc.  Like pistol permits there could be
different classes of permits (i.e., premises, target, limited carry, open
carry, limited conceal carry and full concealed carry (for the lucky
few)).  We could have minor student user, home entertainment user,
intermittent home worker, office worker, at work technician, 24 hour
technician, and for developers a professional license which allows access
to sites anywhere, anytime.  Each permit recipient would have a bar coded
photo id card that would have to be inserted into a slot or a secret ID
number and password typed in for each log on.  There could be a
registration office in each major city similar to the passport office in
NYC where everyone can stand in line and wait for their internet passport
and pre issued site visit approvals.  Of course the initiative can be made
self supporting by charging differing fees for different basic permit
types. A semester student only permit authorizing access to up to 5 (aw,
what the heck, make it 10) web sites could cost only $500 (with additional
website permissions coming in at only $50 apiece).  Companies, like NYC
companies desiring to arm their guards, could pay the fees for the
different corporate access permits.  Maybe $2,500 apiece?  Home surfing
permits with access to 80 to 100 pre approved sites could fall somewhere in
between.  Access to certain types of web sites would require pre approved
visas.  In the same fashion State Dept bans usage of passports and the
issuance of visas allowing visits to certain countries, visits to
politically incorrect sites could be controlled.  

We will require all websites to register of course.  Sites set up will be
required to submit proposed content and links for pre approval.  Periodic
inspections can be done to verify compliance.  Woe to the parents of the
minor student user, or the intermittent home worker caught visiting at an
unauthorized gambling site or shopping online at a site not pre authorized
by his employer.  ISPs would be required to submit usage packet logs to a
Federal office analogous to Dshield where reports and usage activities
could be studied, monitored and archived for future study by our great
great great grandchildren.  Special Agent investigators could investigate
violations and conduct raids to seize unregistered computers and routers
before they could corrupt or otherwise harm a child.  These logs will be
considered an important part of our descendant's heritage.  Megabuck fines
could be assessed for ISP violations and appropriate fines to users who
violate their permit classes or access unauthorized ports either ingoing or
outgoing.  Almost all of the government functions can be farmed out to
authorized contractors and subcontractors.  There is clearly huge amounts
of money to be made off this idea and I think you will probably get a
Congressional or Presidential Medal of Freedom for suggesting it as soon as
someone emails this to a politician so the bill authorizing it can be
introduced into the legislature.

> On Fri, 2003-06-27 at 12:30, Ed Truitt wrote:
> > With all due respect, I think we can expect people to exercise due
> > diligence in running a fairly secure system.  We don't require people to
> > work on their own automobiles: however, we do require that they pass a
> > safety inspection (and, in some areas, an emissions inspection), and if
> > the car needs repairs they get done BEFORE it is certified as fit to
> > operate on the public streets.  We require that, if you own a firearm,
> > you store it in such a manner that children can't get hold of the thing
> > and use it.  And, if you drive a car without a valid inspection sticker,
> > or if you leave a gun out and little Janie shoots little Johnnie between
> > the eyeballs with it, then you are held to account.
> >
> > So, why can't we require people to properly secure their computers?
> An Internet Driver's License has been bandied about (in humor) for a
> long time. The questions are: who would enforce it? Who would set the
> standards and apply the qualifying test? How would we make it apply
> worldwide?

More information about the list mailing list