Nine ways developers can rebuild trust on the Internet

Public keys, trusted hardware, block chains — developers should use these tech tools to help secure the Internet for all

1 2 Page 2
Page 2 of 2

Add chaining to Internet interactions

One of the simplest parts of the Internet, the basic HTTP call, does little more than deliver a pile of bits. The HTTPS adds a layer of security that can keep out casual eavesdroppers and flag changes, but it can be expensive to use for all interactions.

A simpler solution is to compute a Merkle tree for all interactions. While not all HTTP traffic falls in a simple ordered list that's easy to hash up into a tree, much of it does. The confusion that comes from the barrage of AJAX calls from some pages can be simplified with small changes to the architecture.

Build out cross-linked certified websites

The basic Git repository provides more than a place to store files. The protocol for saving files and pushing them into other repositories also watches for tampering by computing a SHA-1 hash of all files when they're committed.

But why stop with one repository? Why not swap digital signatures or hash values with other repositories and spread out the network of trust?

The Inter Planetary File System is one experiment that's trying to turn the Web into one big, connected file system. We need to explore more ways to link the information between websites. The curators can work together to build a web of trust between the sites.

Add homomorphic encryption

Servers can store information in ways that are both encrypted and still useful. In other words, the server can continue to store data without compromising user privacy. I detailed some simple versions in my book "Translucent Databases."

In the past few years, there has been great excitement about a wide range of theoretical approaches to the problem of working with data in encrypted form. The databases can sort or search through large collections of personal information without actually holding the unencrypted versions. They can calculate without understanding the underlying information.

Computing with data that you can't see or read may sound a bit like magic, but we already have several good practical solutions. The best may be the Unix password file, which stores a cryptographically secure hash of the password instead of the password itself. When someone logs in, the system can hash the incoming string and compare it to the value in the database. But anyone who gains access to the password file can't figure out the real password because the file only stores the hashed version.

The new approaches are much more ambitious and, alas, far from practical. Some can take years to solve very simple arithmetical challenges, but they are getting better rapidly. More research is necessary, but this remains an exciting solution that promises to make it simpler for companies to do intelligent things with databases and not worry about people's privacy.

Add encryption

It seems silly to end with the biggest, simplest solution, but adding more encryption makes eavesdropping that much harder. A number of prominent sites like Google, Facebook, and Apple are turning on SSL encryption by default, and other sites can follow their lead. The overhead of adding SSL to all traffic is more manageable.

There are a number of other standards that can add encryption. Both IPSec and TLS will do a good job of encrypting the packets between client and server. These algorithms, though, still trust the server, a solution that works for some services but is far from ideal for tasks where the server is an intermediary.

Integrating end-to-end encryption tools with email and chat products is essential for boosting the basic security of our communications. It can be subverted at the server and deep in the OS, but it still is the simplest way to help people trust that the bits they ship across the Internet remain safe and in their control.

Related articles

This story, "Nine ways developers can rebuild trust on the Internet" was originally published by InfoWorld.

Copyright © 2015 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon