Date: Tue, 03 Jan 2006 20:53:56 -0500
To: WSFA members <WSFAlist at KeithLynch.net>,
        WSFA members <WSFAlist at KeithLynch.net>
From: "Mike B." <omni at omniphile.com>
Subject: [WSFA] Re: Crash, thud
Reply-To: WSFA members <WSFAlist at KeithLynch.net>

At 1/3/2006 07:42 PM, Keith F. Lynch wrote:

>I have often expressed dismay that the industry has adopted what I
>believe to be a profoundly broken model of how the net should be used.

The net was never intended to be used the way it is being used.  For
purposes of a worldwide network that anyone at all can connect to, with the
majority of users being essentially computer illiterate (i.e. knowing as
much about how it works as they do about how a SCRAMjet works), the basic
design is seriously flawed.

It's not just the limited address space (only 4.2 billion IP addresses
possible, and broken up into lumps so that there are a lot fewer actually
usable), but more the basic trusting nature of the underlying
protocols.  The folks who invented it *assumed* that everyone on it would
be interested in making it work.  They didn't allow for people trying to
throw monkey wrenches into the system...which we have aplenty today.  Many
of those who worked on it in the early days also tended to be a bit
anarchistic, and liked the idea of anonymity and didn't like central
control of things like authorization (that would have gone against the
distributed idea they had as a basic goal...to keep it survivable even with
severe damage or outages due to war or other problems).

If someone was going to design an internet today, the result would look
very different in some basic ways I think.  Unfortunately, any attempt to
do so will have to be "backwards compatible" due to the established
infrastructure.  There are more modern internets around, but they aren't
for the public, and may never be...though parts of the public net may run
over them someday.

>The way I use the net my chances of getting a virus or worm are zero,
>no matter how careless I am.  But I know not everyone has that luxury.

That's a pretty strong claim.  Can you give some details?  I know you don't
run Windoze, don't do graphics, don't do ActiveX or whatever, and stick to
plain text e-mail so it's all just data, not programs that are coming into
your systems, but don't you have a net connection?  With at least some
ports open?  Using NAT would help there, but even that can be problematic
with the right code errors in your software...and there are no OSs that are
totally free of all bugs (though OpenVMS hasn't been hit with a worm since
the 80s that I know of, and that one was in inside job) and applications
can have them too.  Windows is a bug nest (both by design and
implementation), but even Linux has frequent security updates for various
bits and pieces (most of which are found by code examination rather than
someone getting harmed...one advantage of open source).  I'm just wondering
how you can claim total immunity regardless of user action or inaction.

-- Mike B.