> It is regularly done with servers connected to the Internet.
> There is no *COMPUTING* problem or technical problem.I beg to differ. Yes, it is possible for tech-savvy users to secure
their machines pretty effectively. But the level of technical
knowledge required to do so is completely out of line with, say, the
level of automotive knowledge required to safely operate an
automobile.
You need, at minimum, weeks of training in order to safely operate an
automobile. But to safely operate on the Internet, you simply open the
box, plug the DSL cable into the DSL port of the
NAT/firewall/switch/gateway box, plug the brand new unsecured computer
into the Ethernet port, and you can now safely operate on the Internet.
The technical problem has been solved for a long, long time. The same
factors which drive down the cost of computers, have also driven down
the cost of NAT/firewall devices to the point where they could actually
be integrated right into the PC's hardware.
We know how -people with specialized knowledge- can secure them, not
ordinary people - and I submit that we in fact do not know how to
clean and validate compromised systems running modern
general-purpose
operating systems, that the only sane option is
re-installation of OS
and applications from scratch.
This is an entirely different issue. It's like trying to cure AIDS and
syphilis. Maybe prevention is an easier problem to tackle. Condoms are
also fairly simple technology that works.
--Michael Dillon