Return-Path: <sentto-279987-1579-997430218-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 10 Aug 2001 00:58:09 -0700 (PDT) Received: (qmail 20800 invoked by uid 510); 10 Aug 2001 06:59:04 -0000 Received: from n27.groups.yahoo.com (216.115.96.77) by 204.181.12.215 with SMTP; 10 Aug 2001 06:59:04 -0000 X-eGroups-Return: sentto-279987-1579-997430218-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by fh.egroups.com with NNFMP; 10 Aug 2001 07:56:58 -0000 X-Sender: fastflyer28@yahoo.com X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_3_1); 10 Aug 2001 07:56:57 -0000 Received: (qmail 2075 invoked from network); 10 Aug 2001 07:56:57 -0000 Received: from unknown (10.1.10.142) by m8.onelist.org with QMQP; 10 Aug 2001 07:56:57 -0000 Received: from unknown (HELO web14510.mail.yahoo.com) (216.136.224.169) by mta3 with SMTP; 10 Aug 2001 07:56:57 -0000 Message-ID: <20010810075656.43238.qmail@web14510.mail.yahoo.com> Received: from [12.78.116.63] by web14510.mail.yahoo.com via HTTP; Fri, 10 Aug 2001 00:56:56 PDT To: iwar@yahoogroups.com In-Reply-To: <4.3.2.7.2.20010809132329.00b541c0@poptop.llnl.gov> From: "e.r." <fastflyer28@yahoo.com> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 10 Aug 2001 00:56:56 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: RE: [iwar] Computer and Network Security vs. Information Privacy and Confidentiality Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit --- Tony Bartoletti <azb@llnl.gov> wrote: > At 03:06 PM 8/9/01 -0400, you wrote: > >Tony wrote.. > > The web is already an anonymus venture in some ways, however, if we are forced to accept pervasive encryption as the only manner in which we can protect out privacy, we are headed toward a type of compartmentation that only our pals in the intelligence community have to deal with. Protecting information about classified programs is one thing. Becoming a classified person with the ability to be a peeping tom on the net concerns me a great deal. There is clearly a significant problem when the issue of computer security and personal liberties are conflicted. How can we "deconflict" this situation, or without a oversight body, will the net become more like the "Dodge City" of old? It will be people v security v verification. This has already become a problem with online businesses. What's next? Tony's possible solution is interesting, but does it require all on the net to be as cyber-literate as many on this space? I would like to hear any suggestions. > > > "Anonymized" also offered the general observation that, due to the > > >complexity of the technology, infrastructure management is gaining > De Facto > > >peer rights to information content. Since there is (IMHO) no > practical way > > >to avoid this situation, the only remedy would appear to be laws > that > > >prohibit infrastructure management from taking any actions, based > upon > > >revealed content, that are not aimed directly at infrastructure > integrity. > > > > >In this digital age, the fact that "data" to one process can be > "process" > > >to another process makes the "content vs infrastructure" > distinction > > >increasingly problematic. > > > >Tony, I love it when somebody says "no practical way". Those should > be > >fighting words to a competent group of OS architects. I am willing > to accept > >even a partial solution in this space so how about the following: > > > >An OS that grants inital admin rights only to the data creator. The > inital > >rights are restricted to creator eyes only and no transport. The > creator > >determines the data classification and establishes rules of > modification and > >channels of exchange. Ok, so I admit that an individual will have to > add > >some process to data creation, but hey I remember PAPER and the > issues of > >control and distribution before Xerox appeared on the scene. > Speaking of the > >big X, remember GlobalView.. they were on the right path for a while > there. > > > >On an aside - we often use the example of the bin diving janitor > when > >talking of covert information gathering but in my experience I know > the > >janitor's face better than I know some SA or network geek (pardon to > the IT > >community) in the bowls of the building. A least the janitor says > hello and > >knocks on the door. > > I stand corrected ;) > > No practical way, besides pervasive content encryption. Unless and > until > most all applications support strong end-to-end encryption as a rule, > > rather than as an exception, I cannot see how infrastructure > management can > investigate a network or system problem without consequent access to > the > content being stored or transported. Perhaps there are methods of > which I > am unaware, but I suspect that the system you outline (very > reasonable, > sounds like a system built upon "E"; see "Erights.org",) must rely > upon > encryption for enforcement. > > Cheers! > > ___tony___ > > > Tony Bartoletti 925-422-3881 <azb@llnl.gov> > Information Operations, Warfare and Assurance Center > Lawrence Livermore National Laboratory > Livermore, CA 94551-9900 > > > > > __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/ ------------------------ Yahoo! Groups Sponsor ---------------------~--> Small business owners... Tell us what you think! http://us.click.yahoo.com/vO1FAB/txzCAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:39 PDT