[discuss] Who is responsible for security
Roland Perry
roland at internetpolicyagency.com
Tue Jan 14 09:26:45 UTC 2014
In message <289D2950-535B-4C27-8612-44B190BB3E0B at frobbit.se>, at
23:42:00 on Mon, 13 Jan 2014, Patrik Fältström <paf at frobbit.se> writes
>On 13 jan 2014, at 17:38, David Conrad <drc at virtualized.org> wrote:
>
>> Everyone is responsible for their own security on the Internet. Relying on third parties to be responsible for your security on the Internet
>>is what facilitates activities such as those disclosed by Edward Snowden.
>
>To put it differently, whenever anyone connect something to whatever is part of the Internet, what is connected ends up being part of the
>Internet, not outside of the Internet and connected to it. And whoever connects that thing is still responsible for the functionality for it.
>
>So, each one of us is responsible for whatever piece of the Internet we are responsible for.
That's a world-view which worked when the Internet was an exclusive
plaything of geeks and academics. But that genie escaped the bottle in
around 1995.
Today's Billion+ Internet users see themselves as customers of a
trillion-dollar platform, not as partners in a grand experiment.
Even most small and medium sized enterprises, let alone individuals,
expect (and some would say deserve) to have security "thrust upon them"
because they weren't "born with it", and "achieving" it themselves is
too much of a hill to climb.
Working out who gets the job of doing this, is what Internet Governance
is all about (ever since the point, around the Millenium, that
governments acting as the representatives of those users noticed that
there was something which they considered needed to be done).
--
Roland Perry
More information about the discuss
mailing list