Comments on "Secure Cyberspace"

Smart encryption that built in to change when it suspects there is hacking or tampering. It would be impossible to break if it constantly changes.

A special web browser may help a lot..

It is very unlikely that we can make a system that is 100% while being open but what we CAN do is make it so hard to crack that it isn't worth it to hack it.

We Could Create A Program That LOOKS Appealing To Hackers,But Really Is A Virus Eliminater(hee-hee-hee)

PPS: Per the good ideas posted by others, my next-gen system integrates all of them and much more down to the kernel and core communication logic architecture. Additionally, though my approach involves a human engineering component (real world ID verification & multi-biometrics) removing anonymity for critical transactions & communications, it permits maximum privacy & optimal security at all levels & within data streams & routers. While it automates secure coding Schneier says is uncrackable, it also permits flagging of suspect keywords to alert the intelligence community or CSOs of possible threats & risks. All the security & compression functions are integral, automatic, and beyond user control & tampering. It does the same for any network enabled with my system or embedded subsystems.

The major way of authentication in most of the websites is by user name & password which is vulnerable to many types of attacks like Phishing(which happens in many ways).Two-factor authentication is also proved to be vulnerable.There is a necessity of designing protocols or methods such that even though the theft of identity can not do harm to customers or users.There should be multi levels of authentication but not at cost of time & speed!
Hackers are always a step ahead in technology.we are thinking of solutions after attack is done.Instead of that Ethical hacking is to be done & possible know attacks are to be prevented.Educating normal internet user yields more benefit in avoiding phishing attacks.The war between hackers & cyber security people is never ending!

Too many ideas in the information/computer/network security fields rely on stopping vulnerabilities. We can block a piece of malware if we know what it looks like. We can block a piece of confidential information from leaving our network if we know what it looks like. Well, we don't know what these things look like until it is too late. This is why we need more resilient systems. We need a network that can survive, and function well, even if a majority of the connected hosts are compromised and trying to do it harm. We need hosts that can survive even if a majority of the programs and services running on it are compromised. We need information that can survive being processed by a compromised host. In the real world, our bodies are subjected to viruses, bacteria, and many other baddies all of the time. Yet we continue to function fine, a vast majority of the time without being aware of the battle going on inside of us between these interlopers and our own immune system. The body learns about what is attacking it and it comes up with a solution while only compromising what it must. Until we can build information systems that can respond in a similar way, cyberspace will never be "secure."

The concept of balancing the approaches to protect individual privacy rights with out compromising cyberspace security is a difficult challenge. The use of engineering solutions to reduce anonymity is not the precise approach for cyberspace security or protection of individual privacy rights. Fearing someone that is anonymous tells a lot about your data assurance. The problem space is to identify the greatest risk not a user that decides to conceal his identity. The solution is not to develop more anti-privacy software. The theory of being completely anonymous over the Internet to begin with is not possible. There is plenty of security solutions used to reveal the true identity of a user. For Example; when a user connects to the Internet the computer is assigned an IP address which is often logged by a web site or an ISP. Therefore, the problem does not exist in individuals having complete control over their anonymity. This approach would not help prevent against attackers but would open more doors for loss in confidentiality and integrity of information. Reducing the ability to be anonymous could cause leaks in personal information. This could be used by marketers, identity thieves, and online predators. Instead, engineers should focus more on the idea of creating solutions to protect anonymity over the Internet.

@Charles M. Barnard - proactive protection by definition does not detect and neutralize anything, that is reactive. What is needed are mechanisms at the OS level that determines acceptable or authorized behaviors, including data access, and denies everything else in a default deny framework that supercedes the normal kernel mechanisms that allow software vulnerabilties to be enacted on. This approach is deterministic and is a viable proactive approach. A secondary problem is the inadequateness of network security to provide information-centric security. Does not work and will never work. People are starting to figure that out now. With the right approach you can secure the internet one computer at a time. :)

My opinion for enchancing Cyber security is first we must create an awareness about the various ways in which one can be exploited and also the ways in which to avoid them. My main view is that many people around the world are ignorant to these security issues and become aware of them only when they themself are exploited.As someone said "Security isnt a process it's just a state of mind".... By doin this even though we cant entirely stop cyber crimes we could atleast decrease it by a great amount.