February 01, 2005
Centralized trust assurance considered nontrivial
Rumor has it that Netscape 8 will help you decide whether you should trust a site:
Netscape is in talks with various security companies to obtain blacklists of sites that are suspected of harbouring spyware, phishing scams and other nasties. The browser will display warnings when visiting blacklisted sites and disable features like ActiveX, scripting and cookies. Conversely, whitelisted sites will be highlighted with a green light icon.
Let's assume for a second that this new feature would become popular enough that being ownz0red by Netscape's blacklist would translate into a decline in someone's sales of penis enlargement patches. What about companies trying to blacklist their competitors? Who would handle the daily flood of requests to be whitelisted? What if someone was challening their inclusion in Netscape's blacklist? Who would bear the legal brunt of lawsuits from spammers suing for their lost ability to rape the stupid?
I applaud the attempt to draw a clear line between fraudsters and real people. Come the revolution, we would know exactly who to hunt down first. Nonetheless, drawing that line isn't a job I would like to do for an entire planet.
As opposed to hunting them down of course. I could spend a lifetime doing just that.
