The early days in the cyberspace used to be rather safe when compared to the increasingly hostile worldwide wild west, where various hostile governments, criminals, advertisers and intelligence or not so intelligence agencies can inject stuff on to the web pages you visit. Drive-by viruses work like a bomb on the road-side, just head on to pick up your burger – and boom – you are done!
While operating system and web infrastructure providers have been trying to build up sandboxes and security frameworks on to the highways throughout the cyberspace, the reality is that today there are just more vulnerable devices out there that happily stay on executing whatever scripts on the servers and sites you won’t even be aware of that you visit. There are perhaps two fundamental wrongs in the design of the security architecture of the world wide west. First, as default, you need to trust anyone. This is bad idea, but it highlights the origins of the world wide west, the times in the society where, in fact, one could, by default, trust anyone. Secondly, as default, you need to trust anyone too much. However, the world is not your friend by default, and trusting anyone is a no-no, something that every mother wants to teach their kids as one of the first lessons in life. Still, for some strange reason the cyberspace will require you to abolish much of the wise words from your mum.
There are basically two approaches to address the issues of security. Either one needs to be a protege of someone who can clear the mess and keep the bad stuff away, or one needs to take careful commitment to take care of oneself. In the society, this typically is something many from the so called western world are keen to delegate to the abstract “state”, a liberal, lawful and impersonal result of the triangle of legislature, jurisdiction and enforcement, keeping them as far as possible from each other. Some thing and many try to promote that as a valid security framework also in the cyberspace. Other parties may consider more centrally oriented structures of power, something the former wont really like about. And at the far end lies the mythic anarchism — a no-no for many. How are the security framework and practices laid out in the cyberspace then? Interestingly, abstract state fails to protect non-territorial cyberspace, there are no single dictators either and even personal skills and capabilities are rather limited. To put it short: it is a mess, mixture of rivaling parties that compete with each other, of their authority and ownership of the protégées.