Internet DNS fix isn't - it's wide open and no privacy

Given all the attention to the 'big fix' on the internet, I reiterate that it is NOT a fix, it merely slows down an attacker, instead of seconds, it now takes seconds, minutes or hours, depending on your resources.

All password based logons are just the same as they were a month ago, wide open to attack. SSL, email, ftp, remote access authentication are all pretty much the same as they were last month, wide open to attack. It may take a little more than Johnny the 13 year old next door, unless he has a little botnet (not unknown) and is into FPGA's, it may even take him and a few of his mates all day. What a relief. I feel safer.

The internet is starting to lose that warm fuzzy quality and looking more like what it really is - a dark, cold and dangerous place.

Governments are beginning to move on privacy with the US Senate beginning to wake up to what is really happening out there.

It's rapidly turning from a voyage of knowledge discovery into a carefully crafted and guided behavioural marketing exercise. As you 'surf' the net your actions and mindset are being measured and the experience you get when you hit that next webpage is both governed by what the search engine thinks the advertisers think you want to see and what the advertisers have previously learnt by following you and your every action around the web, using the search engine provider's technology.

The ad you'll see on the next page you hit has likely already been selected to have the most impact on you. Before you even get there.

If you think that you have privacy because you are using a 'random' I.P. address from your internet provider - dream on. The very first site you hit 'reconnects' you to the behavioural marketing machine and your I.P. address is linked to you until you log off and come on from a new I.P. address. The instant you get on the net again you'll likely be connected back to the behavioural marketing machine again.

Millions of websites are merely artificially created hit generators and more than 20% of blogs are probably splogs (collections of skimmed and pasted information from other blogs), just designed to generate visits and possible click-through traffic. There is a difference between providing information and supplementing revenue with advertising to websites which are purely automatically scoured snippets of other sites with contextual advertisements prominently displayed.

If advertisers had their way the web would be nothing other than a temporarily created behavioural marketing opportunity created solely to exploit whatever information was available to anticipate your interest.

While there is a noble side to tailoring the experience according to the web surfer's preferences it is a whole different ballgame when search engines and advertisers conspire to amass vast amounts of information about individual consumers with the sole goal being to exploit you through the information they have garnered from your experiences on the net, preferably by selling you something.

These experiences are being connected to your real world identity and the data analysed and conclusions drawn on the wildest of premises and who knows what ridiculous conclusions will be drawn form the data. It may affect your health insurance, credit risk profile or any aspect of your life. Your personal thoughts and preferences may influence the outcome of your real world interactions without you ever knowing the other party was privy to all your personal information, way beyond name, DOB and credit history. They'll know what sports you play and whether you even play, what you like and don't like, your political views and what your children like and do and probably what limits you'll allow them.

If you were thinking that it's only marketers then just remember that criminals will also have access to whatever information the marketers gather. Not all criminals are fraudsters, in some parts of the world extortion and kidnapping are favourites for instance.

The US Congress will move on privacy and hopefully lead the way to a more fair and equitable experience and stop the internet from becoming simply a tool for both fraudsters and marketers to extract money from consumers. Other governments must act too, or the legacy we leave our children will be the greatest evil ever endowed.

WINDOWS

Windows security is absolutely non-existent and it now becomes common knowledge of multiple ways to inject any executable file into any Windows machine anywhere you like simply through the browser visiting a website - even Vista. (even a legitimate website - because it is child's play to take it over.)

GOVERNMENT SETTING THE EXAMPLE ON IT SECURITY (and p...ing into the wind)

If you think your national secrets are safe, imagine how much IT protection you can get from someone you pay £35k to protect the super-spooks who are supposed to protect you? Can you imagine any serious western government thinking that is enough to hire the skills necessary to protect the virtually unprotectable, let alone even know when they'd been penetrated?

How are those Bobbies in London doing in the the Dedicated Cheque and Plastic Crime Unit? Perhaps they'd like a break in Oz on £35k.