IP Number

Good point about proxies.



Didn't Intel already try that? (to anyone who's not familiar with the processor serial number feature, it was included on PIII's and Intel took so much heat over it that they discontinued it.)

The whole issue reminds me of John Walker's The Digital Imprimatur It's a lengthy essay and he annoying starts off arguing that NAT is killing the internet as we know it, which I think is a weak argument. At any rate, read through it. It's about a year old now, but it's quite interesting. The basic gist is that in order to gain things such as "strong end to end authentication", it's very likely that we'll give up a lot in the process due to the way it will happen. It's really no small issue. A scheme that could actually guarantee that could stop all spam and virii. This is very enticing indeed. Check out the paper. To be honest, I'm not really sure what to think about the whole thing.

Things will have to go in that direction though. If you believe some, we only have a couple of years left. Although I doubt that, think back a ways. Do you remember the internet 5+ years ago (or perhaps even 2 years ago for that matter....). It wasn't like it is now. There was bad stuff, but spamming, spyware, (possibly) virii weren't anywhere near as prominent as they are today. It definitely feels like we're going downhill here. Changes will have to be made to stop this. Hopefully, users can maintain their rights and freedoms as it happens.

That's the real problem. Most of the "solutions" to these problems either restrict what you can do (e.g. Intel's TCB/Palladium) or force you to give away your real identity when you might not want to. Get rid of spam, but make life easier for identity thieves? No thanks. That's why I suggested that people be able to use pseudonyms. It's not usually necessary to know someone's real identity, just to know the identity and reputation that they have established relative to your business. For example, the value of someone's feedback record on eBay has value independently of whether that record can be tied to a real person.

There's obviously a lot of technical think-work that needs to be done before someone comes up with a system that satisfies the many conflicting needs in this area, obviously, but little of that is rocket science. Most of what we need to know about encryption and authentication and so on is already there; it's just a matter of figuring out how to put the pieces together into a palatable whole - much like having the ingredients for dinner but not knowing the recipe for what you want to make.