How Developers Can Rebuild Trust On the Internet

snydeq writes: Public keys, trusted hardware, block chains — InfoWorld's Peter Wayner discusses tech tools developers should be investigating to help secure the Internet for all. 'The Internet is a pit of epistemological chaos. As Peter Steiner posited — and millions of chuckles peer-reviewed — in his famous New Yorker cartoon, there's no way to know if you're swapping packets with a dog or the bank that claims to safeguard your money,' Wayner writes. 'We may not be able to wave a wand and make the Internet perfect, but we can certainly add features to improve trust on the Internet. To that end, we offer the following nine ideas for bolstering a stronger sense of assurance that our data, privacy, and communications are secure.'

Security

[sexconker]

Give me, your customer, a unique, self-signed cert.
Let me, your customer, give you a unique, self-signed cert.
Let us both agree not to trust any party claiming to represent either of us without first encrypting communication with those respective certificates.
Let us both agree to a secure method for updating certificates that doesn't rely on any 3rd party or the internet. Perhaps we could meet in person at some sort of structure designed for the officiating of such business.

DONE.

Certs work if you cut out the governments and "trusted" root authorities by SELF-SIGNING, and NEVER perform initial certificate exchange over the very channel you cannot trust. Everything is encrypted and no one can fuck with it without compromising BOTH keys or breaking the encryption algorithm altogether.

Yes, this is less convenient. Yes, you have to maintain unique certs for every account. Yes, it's worth it.