Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

web browsing security requirements

by avedos Aug 1, 2005 12:12AM PDT

I want to specify a requirements specification for extremely safe web use. Note that this is a preliminary rough draft. The ultimate goal is to create a standard for "safe surfing" that is as safe as possible. Another goal is to create guidelines for the creation of a "computer trespass" law.

1. is it possible for web sites to comply with these specs? The major consideration is cost. A seconday
consideration is what changes, if any, need to be made to the software products that are used to program web sites?

2. is my specification complete? I.E. what did I miss.

Here is my wish list.

1. no cookies: I will not order anything or use any web site that requires cookies.

2. active-x controls: I want to turn them off for ever

3. encryption: I want any and all passwords and/or
financial information( credit card#, etc ) encrypted.

4. java: I want web sites to only use SERVER side java.

5. software installation: I don't want any dependencies
to crop up during my software installation. If the product that I am installing requires that I have Adobe
Viewer v4.5, then the installation should NOT prompt me to install Adobe v4.5, but should write to an installation log a message that Adove 4.5 is required.

6. software installation: I want a log of any and all
software installations. The log should be written to a
standardized location. If this requires changes to the
operating system, then "make it so".

7. viruses, trojan horse, etc.: I do not wnat any files or programs written to my pc. The only way to write files or install anything to my pc is thru a software installation. No exceptions.

8. identitiy theft: No use of Social Security number, either the whole number, the last 4 digits, etc. should be allowed.

9. host connections: I don't want any software installed on my machine to connect to another computer
without amy explicit OK. And I want all connections
logged to a standardized connection log. The IP address
of the site connected to must be written to the connection log file.

10 javascript: is it safe to use?

Discussion is locked

2 Posts
- Collapse + Expand Details
- Collapse -
Re javascript.
by r. proffitt Forum moderator Aug 1, 2005 12:25AM PDT
- Collapse -
web browsing security requirements
by avedos Aug 18, 2005 10:18AM PDT

My main point is that with Identity theft becoming a major issue legal, the web community appears to have 2 choices:

1. redesign the web architecture to protect the web user. Of course no amount of redesign is going to make web use 100% safe. The goal is to minimize the damage.

2. if this is not done on a volunteer basis by the pc
industry, then the law enforcement community is going to be forced to step in and make changes.

Having worked in the computer industry for over 23 years, and on government systems in particular, this will not be be a pretty sight. The government will use the spectre of Identity Theft to increase control of the web, strip us of any privacy we may have, and
in the process NOT protect us.

The Law Enforcement arm of the government has already started to pass legislation in regards to identity theft(The Patriot Act).

3. I made an inventory of changes that I have made to my system(fire wall, virus sw, etc) to protect myself.
These changes cost money, slow my system down, use up cpu time, rob me of disk space, and in general make the use of the web a real pain. Of course, I could refuse to use the web. The web is a valuable tool and must be protected. So, in my innocence, I submit that the architecture of the web can and must be changed to protect the web user.

Back to PC Applications forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info