This conversation is closed.

Why "CAN'T" the Internet every be totally secure?

I feel that if "can't" is NOT in your vocabulary that it may take time and money but it normally ends up happening.(CAN'T seems to be in the vocabulary of ITSEC when it comes to securing the World Wide Web)

What are the reasons it CAN'T be secure? Could those reasons be resolved even if it meant ripping up every cable used, deleting every protocol used, throwing away all current software and hardware, ........... If we would quit believing that we CAN"T secure it and look for ways to securely redesign it, could it be secure? Yes, with the current topologies and protocols like TCP/IP Suite we may not be able to secure the WWW. If you have an old Operating System, you can patch it all I want and it will never be a trusted OS. You could put an alarm system on an old barn, that doesn't make it a fortress! Sometimes you just need to start over and that may just be what we have to do to secure the WWW. Current barriers seem to be. 1) ITSEC has it in their minds that it is impossible, 2) We just keep trying to patch and secure these ideas that were developed 30-40-50+ years ago.

"When networking gurus and researchers developed IPv4 (1974) security hadn't really crossed their minds. IPv4 was never meant to be secure.

IPv6 has been built from the ground up with security in mind. Many of the security features that have been duct-taped after the fact onto IPv4 as optional features are integrated into IPv6 as default requirements. IPv6 encrypts traffic and checks packet integrity to provide VPN-like protection for standard Internet traffic."

IPv6 has been developed for what 15 years but Google users using IPv6 has JUST broke 2%. Really, only about 2% should still be using IPv4!!!!!!

Challenge: White Hats/Gray Hats/Black Hats (Anonymous), IF you could redesign ANYTHING or EVERYTHING(media, protocols, any or all hardware and /or software, packet structures, maybe the entire OSI Model) involved in transmitting data, could you secure the cloud and protect everyone from???

  • thumb
    Sep 30 2013: Because Man's treachery trumps his cleverness.
  • Oct 3 2013: totally secure comes from your heart only...don't expect any else
  • Oct 1 2013: Lol, I think yall are stuck inside the box. George, you say it CAN"T because the logical nature of the beast? I do not believe in can't, can you explain what the limiting factors are in the logical nature of the beast? What would have to change to fix it? Is it because computers are Boolean machines? Let me ask this, with todays speeds, would it be possible to not break up data into several packets but compress it and send it all as just one packet? That way it might be easier to secure one packet rather than several and use a higher level of cryptography to I guess you could say lock the package and since it does take time to decrypt it would only have to do it to 1 packet rather than many. I am just trying to understand what a are all the vulnerabilities and why. Until you have this knowledge can you fix the problem. I do know you can never make anything 100% secure but let me ask you this, has gold ever been stolen from fort knox?

    Snowden claim's NSA can decrypt or data, but other sites claim unless they have the key it is yet impossible this day in age. Is it possible they actually have a working quantum computer?

    If you had a working Quantum computer then would it be possible to secure data transmissions?
    What I mean is rather than a 0 or 1 a qubit can be in 4 states rather than just 2. Now, what if you could make this qubit electron spin as it was transmitted so if captured they are just capturing spinning electrons and once it reaches its destination then they would realign???

    Why in todays age can I go site in Starbucks and see most data transmitted with a simple free packet sniffer in plain text?

    Why by default is all TCP data not encrypted in some form of symmetric encryption. I understand UDP but TCP?
  • Oct 1 2013: Because it can't. It's the logical nature of the animal.
  • Oct 1 2013: Every cryptography code that can be made, can be broken, though it would have a high cost to do so. Also, humans are not perfect. The internet would be 100% secure if humans were 100% honest and no one would not try to break into others' areas. And, may codes in the past have been broken by the information we humans leak out or the mistakes we make (ever been sucked in by a scam email?). And, software always has bugs. It is not planned this way but the complexity makes this so. It is these "holes" that are often used for illicit access.
  • thumb
    Oct 1 2013: I'm going to argue that it is possible to have a totally secure internet through quantum cryptography.

    Basically using photons as a key, which when observed, according to quantum mechanics and whatnot, change. There are some flaws, but I think the potential is there.

  • Oct 1 2013: check out the ipv6 standard - unfortunately, I believe there are ways around the security already.
  • Oct 1 2013: What I describe as secure? Well right now as soon as that packet / data leaves your personal LAN, you legally lose your "right to privacy". I want to see the internet as secure as the USPS where you do not lose your right to privacy until that package "packet" is delivered.
  • thumb
    Sep 30 2013: So you are one of the believers in 100% security?

    Well, good luck with that one ... ;o)

    On your topic 'the Internet' it may help if you could describe what in your view it should be 'secured' of, as this would definitely help to determine your standpoint. It would also help if you could reflect on your views about 'censorship' and 'flawless code' in the given context, as it would allow to understand your intension's more clearly.
  • Sep 30 2013: The simple minded answer is features.

    If your internet interface was restricted to just displaying incoming data, then you could achieve complete security.

    If you want the interface to download data to your disk drive, it will not be completely secure. If you want the web interface to allow the execution of incoming code of any kind (animation, videos, shopping, etc etc.), it can never be completely secure. For the web to be very useful, there will always be some level of risk. The current need to spend 20% of the information technology budget on security is ridiculous, but I hope and expect that figure will start decreasing soon and will eventually be less than 1%

    Of course, that just applies to the risks from outside hackers. We can reasonably expect that powerful governments and corporations will continue to collude. In my opinion, complete security of electronic communications will not occur until everyone learns to respect each others privacy, and then it will no longer matter.