Intel calls for Internet overhaul

TalkBack 9 of 13:

Next »

« Previous

• Thread View
• Flat View

Can the IETF retain control?

Much of the success of the Internet was actually based on 3 fundamental concepts. First, that all specifications be complete and public, second, that it could be implemented based on the specification (usually was implemented in Open Source), and that it would be free of patents or other proprietary encumbrances which would restrict it's adoption, or give a particular vendor the ability to cash in on the work of the hundreds of thousands who contributed so generously to make the Internet work in the first place.

Microsoft has repeatedly ignored the IETF, often trying to insert their own proprietary protocols and technologies, most of which are the CAUSE of many of the problems such as SPAM, Viruses, WORMS, and Trojans, that we have seen in the last few years.

Microsoft introduced ActiveX controls, a protocol which downloaded application code, and executed it with no means of auditing or control over what got downloaded/executed other than less than reliable "certificate authorities". They added in ActiveScripts, which made it possiblbe to have a simple web page, e-mail, or just an application, download, and execute any program that was "signed" without asking the user. These programs had the ability to read files, write files, download and execute new files, and even perform administrative functions if the user had "Administrator" privelidges.

Microsoft gave us DHCP, which made it difficult if not impossible to reliably and consistently trace a message to it's original source. Arp and Rarp and other registered databases gave administrators the ability to know exactly what system was attached to what IP address, during which periods.

Today, using DHCP, hackers can change their IP addresses at will. A single user, with a single PC could easily send messages from hundreds of different IP addresses within an hour or two.

Microsoft gave us many of those back doors so that they could spy on us. They wanted to be able to "Help" us by keeping track of what software we had installed, making sure it was licensed, and where possible, offering us the opportunity to replace competitor products with Microsoft's products.

In the process, they also left the back-door open to every hacker, phreaker, and script-kiddie on all seven continents. It's pretty bad when a 12 year-old hacker can get more information on you than any law enforcement agency in the United States. But then again, the kid could always provide that information to these agencies as an "anonymous tip". During the inquisition, they had statues that had holes in their mouths. All you had to do to have someone tortured into confessing to being a witch was put their name on a piece of paper, roll it up, slip it into the gargoyle's mouth, and within a few days, the competitor who wouldn't sell, the customer who wouldn't pay, the widow who wouldn't sell her house for half it's value, or the wife who refused her husband's drunken advances, was tied to a rack, being "iterrogated" by the "Confessor" of the Inquisition.

Microsoft want's to get control of the internet by trying to get everyone to adopt their patented approach to e-mail identification and authentication.

If it's really such a great idea, why don't they give back a little of the millions of lines of code and $billions worth of technology they simply "took" from the UNIX community and the Open Source community by donating their patent to the IETF, waiving all future claims and restrictions on it's use.

The fact is that the IETF and the Open Source community had already dealt with all of these issues, and had come up with some pretty good solutions. In most cases, even accidental perpetrators were quickly identified and could easily be prosecuted. But then Microsoft decided to circumvent the entire process, in the name of "expediency".

Maybe the real solution is to stop letting all these corporate special interests try to assert their proprietary standards, and REQUIRE them to follow IETF standards or submit to the standards RFC process.

The FCC regulates the use of airwaves, and makes it illegal to send false identifications, non-standard modulations and protocols (it took years to get them to accept ASCII instead of BAUDOT), and even encryption is carefully regulated.

They seem to be oblivious to what happens on the Internet though. Your big "assurance" of even a valid certificate or ActiveX "signature" is a certificate authority, some of which only require a valid credit card (even if it was stolen) to obtain a certificate. There are no criminal penalties for obtaining a certificate using a false name.

Perhaps we should put the Internet under control of the Postal Service. Let them assign addresses, digital certificates, and signatures.

We already have Kerberos, LDAP, and SSL, but now Intel and Microsoft want to "help" us by adding even more "proprietary technology" (security holes) to fix the problems they introduced in the first place.

Posted by: Rex1Ballard   Posted on: 09/10/04 You are currently: a Guest | Members login | Terms of Use

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

SponsoredWhite Papers, Webcasts, and Downloads

• VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now
• The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
• Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now