In message <401C49BA.5040507(a)saarinen.org>, Juha Saarinen writes:
There's something wrong about neutering the 'Net for newbies instead of going after those who spoil it for them.
FWIW, Dean's talk wasn't solely about people spoiling the net for newbies (although there's a lot of that too), but also that they're inadvertantly doing dumb things because it's not obvious that it's dumb and it's not obvious that there's a better way to do it. (For instance consider a newbie mailing out a 10MB attachement to the whole company when they could have just sent a link.) To that end I think that "seamless integration" of the local network (and local machine) and the Internet is counterproductive -- there really are differences and sometimes you've still got to be aware of them. (Not everyone has a gigabit link to their house yet.)
Given how spammers, phishers, crackers, VXers et al have so far managed to work around every countermeasure devised against them, I have reason to believe even NewbieNet would only be a temporary fix.
Indeed. That was basically my point in one of the talks, that whatever restrictions you put in place would be "routed around" by those with an incentive to do so. Okay you're down to "mere applications", but applications -- especially those used by newbies -- are notoriously insecure. (Some of them even have extra, designed in, insecurity.) Jamie (Baddeley)'s suggestion of thin client is perhaps one of the few ways you might get enough control over the end appliance to control things; another is perhaps Knoppix-style bootable-readonly-device (or perhaps something PS/2, Xbox, etc like). My point was that you can get 75% of the immediate benefit of a "newbie applicance network" right now simply by firewalling customer connections at the edge -- and that if you do, please provide an opt-out mechanism. (I'd really prefer that it wasn't necessary to buy, say, a E1 link (wholesale connectivity) in order to get reasonably unfiltered access. And tunnelling everywhere sucks.) That said, short of a rigorous punishment technique,[0] rigorously applied, I don't think we're going to get all of those that spoil the 'net. Ewen [0] Death. Or perhaps transportation to the colonies. I hear Mars isn't too crowded this time of year.