I was just reading a story in the Inquirer about spyware and adware. I've barely been hit with this stuff since I'm really careful and aware when I'm browsing the web or using freeware. But I've got lots of friends who have been inundated with crap on their computers. I would argue that most net users are not like me and are more like my mom in their understanding of their computers (and by extension the Internet). And that's totally cool. You don't need to understand a thing about your cars mechanics to be able to drive it and you shouldn't need to know a thing about programming or computers to get info from the web.
On the other hand, the problem lies in the fact that there is no clear distinction made between getting and processing information and customizing ones computer. Unlike a car, a computer is easily customized. You may want a new screen saver or a cool mouse pointer graphic or some cool sounds, etc. So a computer user is given all kinds of ways to customize. Using the car metaphor, this is like having my mom go into Pep Boys and buying a new exhaust system and installing it into her car.
On a computer, installation of software has become quite easy and in some ways it has become automatic. This is what makes spyware, adware and viruses so prevalent. Is this a good thing? Well, yes actually it is. Your computer is not a television or a car, it’s a totally different appliance. By it’s very nature, it requires a different way of dealing with it. It is complex and it needs to be made easy to use for the masses.
So what is the solution? Well, I’ve said before that Microsoft and Apple have really missed the boat when it comes to OS design. My theory is that there should be two versions of every operating system. Because there are two classes of computer users. There are power users, people who don’t need system files to be “hidden” for their protection for example. And there are regular users, people who don’t care or even understand the need for system files. But, that’s another post. Let’s just assume we’re in the craptacular middle ground OS mode.. which we are.
My solution to the adware, spyware, virus and spam problem is quite simple and for the life of me I can’t figure out why nobody is implementing it. What we need is a new Internet. Let me explain.
The Internet as it is is quite an amazing beast. It is far more complex than most users imagine. Most users only know the web and email. There are far more applications that can work over the Internet, but everything has been shoehorned into the web interface so we the masses would have a simple to understand interface to the net. As a developer, this makes my job really hard since the rules that the web browsers use are severely kludge like and are a total headache. The rules had to be adapted over time to be backwards compatible so when graphics got added to the web (yea, the web was only text at one point) and input forms and encryption and secure transactions were created, things started to get messy. The same goes for email. It was originally designed to work in a small trusted society where everyone knew each other. There were no attachments, no html, just plain text email messages.
But the net has grown and changed and now it has become much more than originally intended. It was the great design in the beginning that enabled it to change so much so easily. But it is showing signs of decay. In my opinion the largest problem with the Internet the way it is is the concept of Identity – it is pretty much impossible to know that someone is who he says he is on the Internet. This problem is what allows spam to occur, it’s what allows people to install spyware and adware on your computers and not get penalized for it, and it’s what allows viruses to exist. Nobody is accountable. Think of it in real life terms. If you were in a store and nobody could identify you and you had questionable morals, what would stop you from robbing the place?
Of course there are other problems with the Internet the way it is, the web can use a total overhaul and the domain name system can be improved, and encryption could be added, etc.
Anyway, adding Identity to the Internet is pretty much impossible at this point and any other changes would just be new hacks added on top of old hacks. So I propose we go down to the bottom level of the Internet protocols (TCP/IP) and build two new layers on top of it. First would be a security layer which would positively identify all packets via a new non-spoofable identifier packet using encrypted signature keys. The second layer would be a new application layer with a new web-like application, a new email application and a new API other net apps to use.
I bet the original designers of the Web and Email and the Net have tons of amazing ideas that they would love to implement but can’t since they are wed to the net as it is. If they could start again, I bet they would build us something amazing.
Anyway, this new net, combined with my proposed simple OS for the masses would eliminate (yes I believe total elimination is possible) all the nefarious threats we deal with daily. So start clambering for change. Stop accepting the status-quo.. You really don’t have to.