12
submitted 8 months ago by FlappyBubble@lemmy.ml to c/security@lemmy.ml

The Internet was concieved decades ago. In hindsight, many bad design choices were made. Given what was known at the time it's still blows my mind how well it has aged. There are some

Hypothetical scenario: what design choices would we change security wise if we had the opportunity to redesign the Internet from scratch today? Or to tackle the problem the other way around: what are the bad design choices for Internet security that we are stuck with today, unfixible without starting over?

all 5 comments
sorted by: hot top controversial new old
[-] TakiMinase@slrpnk.net 7 points 8 months ago

Fully open architecture so every point can be audited by every connection.

[-] HenchmanNumber3@lemm.ee 6 points 8 months ago

Top down design of protocols by a security- and privacy-conscious organization rather than leaving security to corporations as a side item or PR campaign topic when their primary focuses are marketing, advertising, data collection, and intellectual property.

[-] Godort@lemm.ee 5 points 8 months ago* (last edited 8 months ago)

Stop using email as a trusted authentication source.

This is a case where using it was super convenient because you could have a personal identifier, an easy way to contact the user, and be reasonably sure that password resets would only reach the intended user all in one convenient plaintext string.

However it's also a single point of failure and if a malicious actor can get access to your email account, they can get access to most of your other accounts that use that same address

Edit: MFA being available in more places has reduced the risk of this happening, assuming that you use it and it's also deployed correctly. ie: it can't be reset from the same email address that your password resets go to.

[-] knfrmity@lemmygrad.ml 2 points 8 months ago

Design the internet around principles of communication between people, based on choices everyone makes and can understand the implications of.

Given that the internet was meant and is designed as a means to surveil, sell, and act as a private means of production, there is no way to fix it without completely dismantling it and starting fresh.

this post was submitted on 18 Feb 2024
12 points (100.0% liked)

Security

5005 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS