The problem with all of these is that they are not profitable. In every company, government bank etc there is a division that sits down and determines the potential loss of a breach versus the costs of preventing one. In 9 cases out of 10 these financial geniuses will determine that the potential fallout from a breach will cost less than paying for it upfront and trying to prevent it. Yup, your personal information is all monetized and a priority set on it.
Now we are not saying there is no way to prevent (or at the very least seriously limit) security breaches. One very novel approach to this would be put these vulnerable sites inside a gated (or walled) garden. To do this would require quite a bit of effort and compliance on the part of the companies that got involved (which means money) but in reality it is very possible.
There is even a company that is trying to put something like this together. The company is called Artemis Internet Inc. would register the top level domain .secure to create a small walled off section of the internet for these institutions. To get in the club you would need to submit your company (or institution) for screening. The screening would be done by a person that would verify articles of incorporation, trademarks, site address, IP address and more to make sure you are how you say you are.
From there (once you passed the screening) you would be given hardware which supports two-factor authentication. You would register this at the location for the edge of your network. But that is not all another requirement would be that all data/web traffic be encrypted. This means using end-to-end encryption, VPN tunnels etc. Mail traffic would need to use OTLS (opportunistic transport layer security). This allows the TLS subsystem to encrypt the data before it is transmitted to the destination server (there are some organizations that already require this).
For their part Artemis will continue to scan all sites with the .secure extension to make sure they are not compromised in any way. If a compromise is detected (the site is infected with Malware etc.) it is removed from the walled garden until it is cleaned up and repeat offenders would be permanently removed.
Now this type of idea is great and this is not the first time someone has tried to do this. There is a lot that has to be put in place before something like this could ever be made live. It also requires the companies involved to be willing to pay for this service and to make sure their sites are running properly. Considering this is something that many companies refuse to do now we are not so sure that we will see companies lining up to grab this one.
We will be checking up on this new company’s progress (especially now that they have been given $9 million in funding) to see if the idea takes off. We will also keep checking on the privacy protecting Calyx Institute to see if their Internet Service can take off and provide something that is seriously needed in the consumer world.
Source Ars Technica
Discuss this in our Forum