License to Surf, Take Two 503
NaugaHunter writes "A story on Yahoo asks
Should [a] License Be Required to Go Online? It appears to be suggested by Bruce Schneier, chief technology officer for Counterpane Internet Security Inc. 'It could be a four-year college degree, a one-month course. It might be a good idea.' The story also details efforts of some schools from simple orientation to threats of fines for spreading viruses, and questions exactly who would be responsible for keeping track of who is and isn't licensed." Not a new idea, but one that's going to keep coming up. Update: 09/13 18:11 GMT by M : Bruce Schneier notes that he isn't in favor of computer licenses.
All I can say is WOW. (Score:5, Insightful)
Though education is important, it is the software vendors who are really to blame for a lot of the problems... (i.e. RPC holes, etc) A lot of the propagation of viruses and worms is a result of software accessing flaws in the software, without user intervention.
Apple 10 GB iPod [amazon.com]
Re:All I can say is WOW. (Score:4, Insightful)
It's tempting to blame the vendors, and blame for stuff like the RPC holes should of course fall squarely on Microsoft's head, but keep in mind how successful trojan horses have been; some of the worst epidemics have required the uninformed cooperation of their victims.
Re:All I can say is WOW. (Score:3, Funny)
Re:All I can say is WOW. (Score:3, Informative)
Are [wired.com] you [techweb.com] sure [oreillynet.com]?
Re:All I can say is WOW. (Score:3, Insightful)
Re:All I can say is WOW. (Score:3, Insightful)
You sure about that?
I started using the net in 1988. I thought it would be really neat if someday everyone had e-mail.
I reconsider that with every penis enlargement spam that hits my inbox.
The Internet becomes more valuable as more knowledge traverses it; but as Zappa observed, information is not knowledge. Most of what's being added now is static, not signal.
Re:All I can say is WOW. (Score:3, Interesting)
Re:All I can say is WOW. (Score:3, Informative)
Interesting factoid: all telephone use in (at least) the UK is actually licensed. Sure, it's a class license (essentially the kit is licensed by virtue of it being idiot-proof enough to allow the unwashed masses to use it safely) but it's still a license. This license can be, and sometimes is, withdrawn from individuals or groups if they're causing problems with the system.
Re:fsck those 4$$|-|013$ (Score:4, Insightful)
You're an idiot if you don't believe Linux has these security holes. It does, just try reading the changelogs of the kernel, of apache, of ssh, of most of the apps you use. They're there. The simple fact is that Linux isn't as wide-spread as Windows, so when there's a hole in Windows, it's exploited on millions of boxes. When one is found in Linux, it affects a very small number, so no one cares. Once Linux becomes widespread, you'll start to see the same kinds of issues, because there will always be hackers. It will also be a lot worse, because Windows is easy to patch, and it still isn't done...Linux, OTOH hand will always be beyond the capabilities of my grandmother. At least with Windows Update, she can keep her computer moderately safe.
As for buggy code, fuck, dude...the one that was responsible for blaster affected W2K, which is just under four years old. I, for one, am not about to wait for four years of testing to ensure EVERY fucking bug is found. Linux is also not immune to bugs, there are plenty to be found if you just open your eyes. And, don't give me the stale rhetoric of "well, if one is found, it's patched within 24 hours", that might be true, but the patch for blaster was released a full month before the problem.
Nope, I fear the day that Linux becomes the dominant OS. Things will only be much, much worse. Especially with dumb-ass pricks like you who a) don't help people fix their machines, you just whine about "well, it's your own fault, grandma, you use windows!" and b) are ignorant of the flaws in this system you love so much. It makes you immeasurably more ignorant and naive then they are!
Re:fsck those 4$$|-|013$ (Score:3, Informative)
If there were MASSIVE security holes in Linux as there are in windows you can bet your ass that these script kiddies would be all over them like a fly to dung. Linux IS more secure than Windows. Believe what you
Re:All I can say is WOW. (Score:5, Insightful)
It's plainly impractical, (Given the global nature of the internet, how do we go about giving one entity the responsibility to handle all of those registrations?) and it would implicate much privacy concerns.
Also, (and possibly more importantly) I think there are very important First Amendment concerns raised with a mandatory licensing scheme - The internet is a communication medium, and I'm not sure a licensing requirement will strike the correct balance between security/safe computing and free speech; In ACLU v. Reno the Supreme Court viewed the internet as a "unique and wholly new medium of worldwide human communication" and that "the interest in encouraging freedom of expression in a democratic society outweighs any theoretical but unproven benefit of censorship." The Court was concerned with the CDA and its censorship of pornography, but I think the logic applies to all forms of government restrictions on internet communications. I think the court recognizes the importance of the internet and its impact on speech, and but for compelling reasons, free speech will be given more deference over restrictions that provide dubious benefits.
I don't think virus/exploit free computing is compelling quite yet, because I think I am capable enough to prevent most exploits on my computer. Whether someone else prevents it from spreading or not is irrelevant to me - only I have the ability to prevent it from attacking me. I shouldn't blame you for sending me a virus, I should blame myself for not being able to prevent it from infecting my machine
I suppose it's different when an intrusion is per se harmful to a third party (for example, when I start harming the RIAA after a virus infects my computer and starts sharing music files) but those situations should be handled on a case-by-case basis anyway.
Basically, my point is that licensing internet use is a bad idea, and possibly unconstitutional. Let's not even consider it.
and no, IANAL.
Re:All I can say is WOW. (Score:3, Interesting)
Exactly. As much as some people would like a government-approved "way to use your computer" training course, how useful can it really be?
Lycoris recently included a virus-checker in their GNU/Linux distribution, despite the fact that there are no known viruses which propogate on such a system, and their virus definition file was empty. Their reason? "The IT departments won't let
MS' proposed 'cure' worse than the disease (Score:3, Insightful)
Well, here's what the article says about that [emphasis mine]:
Think about this, f
Re:All I can say is WOW. (Score:3, Interesting)
Also, let us consider the fact that the US does NOT exclusively own the internet (or WWW) anymore. World-wide, remember? I think it is time that the US government stopped trying to regulate areas they have no business in. They have no
While we're at it... (Score:3, Funny)
Re:While we're at it... (Score:2, Interesting)
Although, not for the reasons you mentioned... having say a 1 cent tax per email cent, would perhaps be one of the only solutions to solving spam. In a year... I send perhaps... 7300 emails ( figuring 20 per day )
Now just think about how much money this would cost spammers??? It would cut back *ALOT* on spam, at least IMHO.
Granted... this was an off to
Re:While we're at it... small tangent (Score:3, Insightful)
The problem with that is people like me with a private e-mail server. Do I have to become a business? Do I have to stop running the server? Do I have to clear every new account with some external authority and provide a paper trail for every user? Do I have to have someone come into my home and audit my server? Am I responsible for the tax if one of my users doesn't pay? Do I have to pay a tax for administrative e-mail I send?
Re:While we're at it... (Score:2)
Re:While we're at it... (Score:2)
Re:While we're at it... (Score:4, Insightful)
I do, it's an incredibly stupid idea.
I pay several thousand dollars a year to have a small handful of computers colocated so I can run email/web, etc efficiently. *I* paid for the computers, *I* pay for the bandwidth, and *I* pay for the storage. My users in turn, pay me for access to those systems.
Essentially, I own and operate the equivalent of a local post office. Who the hell has the right to tell me I've got to pay the government (or anyone else) to send email?
The Internet is not a public service to be taxed. It is almost entirely privately owned, with a standing "gentlemans agreement" between the owners that each will allow traffic to and from each others' property.
So unless you've got some bright idea for distributing that tax money to the folks like me who actually own and operate the equipment, you can take your email tax idea and put it someplace moist and dark.
Re:While we're at it... (Score:3, Insightful)
But, I dont think thats such a bad idea... lots of things need fixing anyways...
Re:While we're at it... (Score:2)
Once again... its just an idea... I dont have the answers... just a possible solution to what is definatly a problem...
Re:While we're at it... (Score:3, Funny)
In regards to the governement handling it... I agree 110%... in all things, I generally want less government involvement, not more. I would think the only feasible way to "tax" email... would be for the charge to be from the worlds telco's. I should imagine a technology could somewhat equivelant to how phone calls are billed now, could be applied to email. That s
Re:While we're at it... (Score:3, Funny)
Today just isn't a good math day for you, is it?
Re:While we're at it... (Score:2)
Re:While we're at it... (Score:3, Interesting)
That would be a stupid idea. First there is the problem of people who use different os.. so this would mean if I chose to use an os thats not supported by the client I am screwed and can't send/receive emails? Then comes the problem of how trustworthy the government/telcos are. Remember carnivore? Wouldn't the government just love it if they could just ma
Re:While we're at it... (Score:3, Informative)
A luser who runs an open relay and gets socked with a huge bandwidth bill (or worse) on account of spammers using his mailer deserves whatever he gets. Setting up an MTA to only accept outbound mail from selected hosts is trivial, if the software is well-designed. With the access-control software that's available (whether it's an SSH tunnel, POP-befor
this article should be labeled (Score:4, Insightful)
Re:this article should be labeled (Score:3, Insightful)
Its not our fault our software has bugs, it the users for clicking on attachments, or surfing on the Internet with our software. Pass the buck, blame the user.
Lucky it will never happen, nice puff piece. But with all information moving online, you cant require a license to access the information, or read a newspaper.
Re:this article should be labeled (Score:5, Insightful)
That said, I agree... the article is total flame bait. Oh well.
Re:this article should be labeled (Score:4, Insightful)
Given this viewpoint, many Slashdotters would realize (and vocalize about) the idea that requiring licensing from the locally ruling bodies could restrict speech in those localities in terrible ways.
It seems to me that Slashdotters often seem to hold freedom over security.
Can we (Score:3, Funny)
Re:Can we (Score:4, Insightful)
If I need a four year degree to surf the web, what will I need to procreate? A Nobel prize?
Re:Can we (Score:4, Funny)
what will I need to procreate? A Nobel prize?
Panic not, aspiring scientist! First you'll need a girlfriend.
Re:Can we (Score:5, Funny)
World Wide Web or Wild Wild West? (Score:2)
Re:World Wide Web or Wild Wild West? (Score:2)
Blah. Blah and double blah I say. (Score:4, Insightful)
But here's my real question. Why post such flaimbait? This article is just some nobody giving his foolish opinion in a non-influential news site. If this was on CNN, then i could kind of see posting it. It this written by a big name in IT, I could see posting it. If there was ANY chance that this guy would be taken seriously, i might understand posting it. But there is none. This article is pure flaimbait, and Bruce Schneier is a Nazi.
Godwin's law! Damn! (Score:3, Funny)
Damn! There I was, putting my finishing touches on my "+5 insightful" comment and BAM! the discussion is ended!
oh well... there'll be other threads...
Re:Godwin's law! Damn! (Score:3, Funny)
I get tired of amateurs that use it in the first sentence of a large paragraph.
Re:Blah. Blah and double blah I say. (Score:2, Informative)
I actually sent an e-mail to Bruce to discuss some things with blowfish about a year ago and he actually returned a very thoughtful and information e-mail. Most people as busy as him would not do so.
Perhaps there should be required training before posting on
why bother reporting this? To fight it! (Score:5, Insightful)
The user is never at fault for poor software, especially closed source crap the user can't fix if they could or wanted to fix.
Virus checkers, email restrictions, firewalls and all that are in vain when faced with the reality of closed source distribution. I work for a small computer shop. The only software we can put on all the broken computers that come in for repair is the user's original software and any updates M$ lets you. The vast majority of computers out there run EOL'd systems like 95 and 95. Customers lack the skills needed to diagnose the problems or do the best fix, a wipe and reload. It cost them about $75 if they have all of their software, and they are loath to pay for the time it takes to load up all the patches and updates that won't protect them from next week's worm. I can't blame them for feeling that way. Nor can I blame them for wanting to email their friends. Those that have lost their software generally end up throwing their machine away or go find some nasty cracked copy of M$ shit because they don't want to spen the $109 and equpment purchase needed for an OEM copy of Windoze. The net result is the same in every case, boxes that are just as easy to bust as the day they were made. But, so what? Even the dilligent are getting burnt.
I have recomended Mozilla for people who absolutly must have M$. My little brother told me that an XP update broke Mozilla and made it terribly slow, but Netscape still works. Woot.
I'd recomend Debian or Red Hat and sell CDs for the same price as a driver disk, but my boss is worried about support. I'm not sure what kind of "support" could be worse than the mess most Windoze users now find themselves in. Still, he's the boss. The day, however, I can make money doing it, he's going to like it. I'm starting to think that the store's usual $4 per CD burnt and the 30 minutes it takes to install a dual boot of any linux system might be cheaper fixing Windoze. Blinding the windoze side to the network makes it last longer so that it can do the things it does well for the user.
I'm starting to see the path of least resistance here. Demo the system with Knoppix to prove hardware use. Blind Windoze, dual boot and set them loose. Actually doing something beats the hell out of bitching and moaning. It can work.
Just Hold Responsible (Score:5, Informative)
I don't think you can require people to do stuff like take classes, but if they're neglegent, they should be held responsible.
Re:Just Hold Responsible (Score:5, Insightful)
Re:Just Hold Responsible (Score:2)
You choose to use the software. If you can't judge the risks and take adequate precautions, it's your fault.
If a trojan installs a spam spewer on your system: it's your fault.
The software on your system is an extension of you; it is acting as your agent. It's infractions are your infractions. Period.
Blame the victim, eh? (Score:4, Insightful)
Re:Just Hold Responsible (Score:4, Insightful)
They're not getting fined for deficiencies in software. They're getting fined for irresponsible behavior. What's wrong with that?
Re:Just Hold Responsible (Score:3, Interesting)
Good-bye, Software Choice. You were a swell guy.
Re:Just Hold Responsible (Score:3, Insightful)
... And shoot those who leave open relays/proxies (Score:4, Interesting)
I've talked to too many people who've said, "I don't need to bother securing my home system because I've got nothing anyone would want." I've answered, "They want to use your machine to attack me." But the message doesn't sink in.
While these end users are being provided with crap systems, there is a market out there. If their choice of bad systems gets them severly spanked, they will start making demands of their providers.
All it would take would be a couple of high profile cases.
Re:Just Hold Responsible (Score:3, Insightful)
Great... (Score:2, Interesting)
Re:Great... (Score:2, Insightful)
A nice idea, but not too feasible (Score:2)
To really be a responsible and competent net-user, it's not good enough to write a test once - you have to get some basic knowledge, and then use that to continually learn new things as they appe
The problem isn't the users. (Score:5, Insightful)
The article talks about the need to install anti-virus software, and keep up on patches, and to read the fine print in click-through licenses to prevent spyware from being installed. All of these things need to be done to operate a computer safely, true.
But why the hell are they required? We are giving users HORRIBLE software that is prone to constant infection. Some companies are taking advantage of click-through licensing to hijack people's computers. And we're blaming USERS for not doing the right things?
That would be like making cars that exploded if you ran them at exactly 62mph for more than 12 continuous minutes, with brake systems on the outside of the car where anyone could walk by, flip a switch, and disable them, as well as aftermarket accessories that forced cars to drive on particular roads at particular times.... and blaming the drivers when cars blow up, can't brake, or cause traffic jams on certain roads.
People mostly just want to do email and read the web. We should be providing them software that does this with absolute security.
We are blaming users for faulty software.
Re:The problem isn't the users. (Score:5, Insightful)
At the same time, software and hardware manufacturers (closed and open source alike) have to be diligent about shipping reasonably[1] secure products.
And let's not forget the people who supply the pipe through which the lusers with their horrible software are infecting every other computer on the planet. ISP's have to be more responsible for their users. Both in educating them and preventing them from being too dangerous when they do screw up.
All sides need to do their jobs better.
[1]For very large values of "reasonably"
Blaming the user (Score:3, Insightful)
When people choose to buy Pop-Tarts, microwave them, and then eat them, we feel they have nobody to blame but themselves for the burns. Yet somehow when they buy Windows, ignore the safety directions that tell them to keep up to date with software updates, and hose the Internet, everyone seems reluctant to blame the idiots.
Windows is not necessary. I've never purchased any Microsoft software, and I'm doing just fine. In my
Re:Blaming the user (Score:5, Insightful)
And there are, like, so many options too. It's fine for me, I build all my computers from parts. But the truth is, most people buy ready-made, plug-em-in-and-they-work type boxes. And most of those come with Windows. Not to mention that anyone who wants to play most games these days has to run Windows. Or just the fact that they know windows, and are comfortable with it.
And lets face it, if clueless newbies adminned Linux boxes, they'd be almost as insecure Windows machines. Unpatched, permanently logged in as root, all files chmodded to 777 so they don't get any errors, no firewall, cause ipchains is just too tricky. I'd agree that Linux is a technically superior OS, but as we all know, technical superiority don't mean jack when it comes to the desktop market.
Re:The problem isn't the users. (Score:3, Interesting)
The classic example is urban legends, these entirely rely on the misbehaviour of users- I've multiple times received emails warning me about LSD stickers going around that look like superman, about microsoft sending money to anyone that replied to an email etc. etc. These get sent by the hapless orginator who thinks they are doing the right thing, and often are sent to a huge distribution list.
The Micros
Say nay to barriers to entry... (Score:4, Insightful)
No, but perhaps grammar skills should be required to work for the Associated Press...
Seriously, this is a terrible idea. This would open up chicken-and-egg problems across the whole range of learning endeavor computers and the internet offers.
The analogy of needing a license to drive a car is used repeatedly in the article, but I think that's not quite the right analogy; maybe requiring you to know how to rebuild an engine before you ever drive would be more accurate. One of the expectations mentioned is that you must know how to set up a firewall; is this really realistic to require before any unsupervised on-line time?
The internet is growing because it's accessible, reasonably. If I needed a license to buy a book, I might never have started reading--and a book is a more accurate analogy than a car.
Put the responsibility for viruses where it belongs, on the network admins and software vendors, not the newbies. Everybody's got to start somewhere.
Re:Say nay to barriers to entry... (Score:3, Insightful)
Gasp! (Score:3, Funny)
this sounds impossible (Score:2, Insightful)
The article plainly says that we are continually exposed to junk mail, viruses, etc., and this would help to eliminate such things, but one of the reasons that such nuisances exist is because there is no single governing body over the internet. As much as I'd like
Well, you have to have a license... (Score:4, Interesting)
to fly an airplane
to use any radio transmitter beyond minimal power walkie-talkies, cellphones or 802.11.
All these things are done to help enhance the safety of everyone using the medium.
The signal to noise ratio of the Internet (maybe I oughta make that noise to signal) is typical of things which are totally out of control...
Re:Well, you have to have a license... (Score:3, Interesting)
Could ISP's not require _some_ sort of credentials assuring them that you've a clue?
I see an apalling level of ignorance, from modern electronic office workers, whose _jobs_ consist of reading and sending email, building webpages, making PowerPoint presentations, expressing themselves via "desktop publishing" & spreadsheets, doing www r
Re:Well, you have to have a license... (Score:5, Insightful)
I was gonna make a joke... (Score:2)
Re:I was gonna make a joke... (Score:4, Funny)
When securing something equals destroying it, you've got a big problem...
Ooooo...wait till they approve a curriculum (Score:3, Funny)
And you thought the evolution in schools issue was a flamefest...
- JoeShmoe
.
next thing you know (Score:2)
what will the slashdotters do?
Better idea (Score:5, Insightful)
Re:Better idea (Score:3, Insightful)
Don't take the word "press" to literal. It's intent was that everyone had the right to publish their opinion and make it available to the public. At the time the Constitution was written, this meant a printing press. With new technology, the means may differ, but the concept remains the same. When you post a rant in your blog, you are publishing your opinion and making it available
College degree?? (Score:3, Funny)
Um, yes. I'm proud to be a Bachelor of Mouse-Clicking.
Is this industry PR to distract people? (Score:3, Interesting)
The last thing I want to see is the software be subjected to the same liability/litigation as the aerospace industry, but I don't believe a EULA should protect a manufacturer from not fixing a product that is inherantly secure.
The question we need to ask ourselves, "Has Microsoft knowingly done nothing to fix a security hole?"
Nah! Let's just legislate RTFM!
Our Own Network (Score:5, Funny)
I'm serious.
Re:Our Own Network (Score:3, Insightful)
If all the windows viruses would only affect windows systems, I couldn't care less. It's that they affect us all that bothers me.
keee-rist (Score:2)
Oh yeah, great idea (Score:2)
gentility (Score:3, Insightful)
Re:gentility (Score:2)
Re:gentility (Score:2)
Uhhhh, yeah.
fines? (Score:2)
Are they not already imprisoned, at least in the US?
Ok, maybe we could tie it into (Score:2)
Re:Ok, maybe we could tie it into (Score:2)
They now issue the tests ONLINE!
*Groan*
- Yo Grark
Canadian Bred, with American Buttering
Must redefine priorities (Score:2, Funny)
So what do you DO with the license? (Score:5, Funny)
"Please open up. We have reason to believe someone inside is online without a license!"
The license can't just be a smartcard, or everyone will just leave theirs in the slot so family and friends have access - and likely put the whole crew and half the wireless neighborhood on NAT behind them. So we're going to have to build biometric security into every potentially Net-connected device.
That will surely get the Dept. Homeland Security Seal of Approval. Let's have Microsoft build it so it really works!
Prepare to kiss any on-line privacy good-bye (Score:2)
Not good (Score:2, Insightful)
Big difference... (Score:2)
visit "bad" website without checking blindspot (Score:2)
No (Score:3, Interesting)
Comment removed (Score:5, Interesting)
RTFA, for heaven's sake, before you trash the man (Score:3, Insightful)
Idiot.
Indeed.
How to read the article:
(1) Click the link.
(2) Read.
(3) Scroll down when necessary.
Following this simple procedure, you will find the entirety of Schneier's wry little quote, which I will copy and paste here (instructions on that omitted) for your benefit:
Give me a break (Score:4, Interesting)
Furthermore, the idea that a license will solve a problem is just plain idiotic. To suggest that "licensing" people prevent problems is a complete lie. While the author says "motorists must obtain licenses to drive", it is noteworthy that nearly 100% of all accidents occur by licensed drivers. Licensing would just be a new way for someone to tax me and a new excuse for people's own laziness.
If you want to solve these kinds of problems, build better software and prosecute dumb-ass virus writers and script kiddies like the little punk-ass bastards they are.
If you enter my house uninvited and threaten me I can shoot your ass dead. Why shouldn't it be the same way when someone breaks into my computer. Prosecute script kiddies.
What we do need! (Score:4, Funny)
Yeah, I said it.
Just online? (Score:3, Interesting)
Hey, hey - before you mod "Troll", think about this:
* You can't drive without a license
* You can't operate heavy machinery
* You can't practice medicine
etc.
We already cover most points where people can do damage to either themselves or others with mandatory education. It makes sense, too.
It doesn't have to be "elitest". It can be as simple as driving school in most of the US, where you hop in a car with the local sherrif for 10 minutes and show him that you know which pedal does what.
Of course, computers being more complicated, there's also a different answer. I'll post that in a new reply, so you can mod this one down all you like.
Why make an unenforcable licence? (Score:3, Insightful)
Anti-virus - the importance of running one, but also some common sense. Like, if someone sends you an
Automatic patching - seriously, I run an up2date cron job on my Linux box. What's the big fuzz over Microsoft's automatic updates? Your average desktop doesn't have a testbed anyway, so might as well patch when it's available.
Firewall - With anything and everything connecting to the net these days, it's growing less and less useful for Joe Average because there's so many programs, they don't know which are good and which are bad anyway. Not to mention some of the biggest virus sources are web and email (read: Outlook and IE), which are allowed through anyway.
Kjella
Geek cred. (Score:3, Insightful)
There used to be a minimum amount of computer knowledge that was required to get online. It's once the bankers and marketers invaded online space, and tried to make it available to the unwashed consumer masses, that we started having all these issues. Returning the internet to the geeks, who were largely self-policing, would do away with the vast majority of problems.
Doing away with DNS would cure most of the issues, I think. How about having to remember the IP address for every site that you visit? If that's not enough, require three lines of CLI input before going anywhere. That'll stop the issues cold.
I'm only half-kidding, actually. These assholes that broke our internet want to certify us to get back onto it? Maybe they should just be dis-invited.
Flamebaity, but not really flamebait (Score:5, Insightful)
The solution isn't licensing, it's education. Education isn't something that is achieved through licensing, it's learned through a concerted effort to make people aware of the problems. Licensing only achieves getting people aware of knowing the answers to a test.
Re:Flamebaity, but not really flamebait (Score:3, Interesting)
The part I hate the most is the Microsoft snow job. Everyone is using the software, Gates is a genius (which he is with regard to business BTW), something else must be done to preserve motherhood, apple pie and the American way right?
If you toss IE and Outlook, half of this goes away. A company with large cash reserves should not be allowed to push the burden onto its users. Something is wro