PC Applications forum

General discussion

web browsing security requirements

I want to specify a requirements specification for extremely safe web use. Note that this is a preliminary rough draft. The ultimate goal is to create a standard for "safe surfing" that is as safe as possible. Another goal is to create guidelines for the creation of a "computer trespass" law.

1. is it possible for web sites to comply with these specs? The major consideration is cost. A seconday
consideration is what changes, if any, need to be made to the software products that are used to program web sites?

2. is my specification complete? I.E. what did I miss.

Here is my wish list.

1. no cookies: I will not order anything or use any web site that requires cookies.

2. active-x controls: I want to turn them off for ever

3. encryption: I want any and all passwords and/or
financial information( credit card#, etc ) encrypted.

4. java: I want web sites to only use SERVER side java.

5. software installation: I don't want any dependencies
to crop up during my software installation. If the product that I am installing requires that I have Adobe
Viewer v4.5, then the installation should NOT prompt me to install Adobe v4.5, but should write to an installation log a message that Adove 4.5 is required.

6. software installation: I want a log of any and all
software installations. The log should be written to a
standardized location. If this requires changes to the
operating system, then "make it so".

7. viruses, trojan horse, etc.: I do not wnat any files or programs written to my pc. The only way to write files or install anything to my pc is thru a software installation. No exceptions.

8. identitiy theft: No use of Social Security number, either the whole number, the last 4 digits, etc. should be allowed.

9. host connections: I don't want any software installed on my machine to connect to another computer
without amy explicit OK. And I want all connections
logged to a standardized connection log. The IP address
of the site connected to must be written to the connection log file.

10 javascript: is it safe to use?

Discussion is locked
You are posting a reply to: web browsing security requirements
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: web browsing security requirements
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Re javascript.

In reply to: web browsing security requirements

Collapse -
web browsing security requirements

In reply to: Re javascript.

My main point is that with Identity theft becoming a major issue legal, the web community appears to have 2 choices:

1. redesign the web architecture to protect the web user. Of course no amount of redesign is going to make web use 100% safe. The goal is to minimize the damage.

2. if this is not done on a volunteer basis by the pc
industry, then the law enforcement community is going to be forced to step in and make changes.

Having worked in the computer industry for over 23 years, and on government systems in particular, this will not be be a pretty sight. The government will use the spectre of Identity Theft to increase control of the web, strip us of any privacy we may have, and
in the process NOT protect us.

The Law Enforcement arm of the government has already started to pass legislation in regards to identity theft(The Patriot Act).

3. I made an inventory of changes that I have made to my system(fire wall, virus sw, etc) to protect myself.
These changes cost money, slow my system down, use up cpu time, rob me of disk space, and in general make the use of the web a real pain. Of course, I could refuse to use the web. The web is a valuable tool and must be protected. So, in my innocence, I submit that the architecture of the web can and must be changed to protect the web user.

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.