.: has security gently guided technology development?
Does information really just want to be free? Or systems that is?
In the beginning we had ports on systems running their own services. Port 80 had HTTP. We blocked ports we wanted to stop.
Then services started tunneling themselves through port 80. We started inspecting traffic over port 80 and denying what was obviously an improper request, usually HTTP. We even added software installation denials.br>
Applications started going to the web, because then they look like the normal HTTP traffic we didn't want to block, and used an application on the desktop they knew we couldn't fully deny. We need more application-aware blocking (deeper inspection, HIPS, and even DLP types of technology).
Soon, I suppose Google will offer up the OS on the web, and we'll connect to a portal that will offer us everything we need, a veritable AOL "walled garden" on the web. What then? Vista is portending the death of the OS as we know it...right? A return to dummy terminals, only this time enabled on the Internet through the browser?
Is security to blame for part of this?
(Let's say we do get back to client-server types of architecture, does that mean we're done with endpoint security because the endpoints will become expendable plastic? Will the Web OS go the way of AOL? Sure, it may eventually offer a ton, but do users really want the freedom to do what they want, even if those choices and risks are bad? Do you want to decorate your house one way, and just adhere to slim building and fire codes or rather have a cookie-cutter home with small cosmetic differences? Ahh...)
by michael 12.03.07 at 2:23 PM in /general