Electron,
Here are three potential thesis topics. I hope that these sound
interesting to you!
1) What implications does the anonymity available from projects like
Freenet have for computer security and privacy?
From the Freenet FAQ:
Freenet is free software designed to ensure true freedom of
communication over the Internet. It allows anybody to publish and read
information with complete anonymity. Nobody controls Freenet, not even
its creators, meaning that the system is not vulnerable to
manipulation or shutdown. Freenet is also very efficient in how it
deals with information, adaptively replicating content in response to
demand.
Freenet is file sharing software intended to be a secure, anonymous,
and fast method for distributing information on the internet. Its most
controversial feature is the ability to publish and distribute *any*
information completely anonymously. This has positive implications for
people in countries like China who may wish to view information that
their government has blocked them from viewing over the WWW.
Unfortunately, it also means that less ethical people can publish
information that is rightfully illegal and immoral. Your thesis could
examine the benefits and hazards of completely anonymous
communication. If youre creative, you could also try to find out how
computer security experts might deal with those hazards.
WARNING: Freenet currently contains some material that should be
considered obscene and illegal by any ethical person. If youre
interested in picking this as a thesis topic, you should be very aware
that its possible you may be exposed to content which will completely
disgust you and that may be illegal. The trade-off between this
obscenity and freedom of information is what makes the Freenet project
such a hotbed of debate.
[Main page for Freenet Project]
http://freenetproject.org/cgi-bin/twiki/view/Main/WebHome
[Description & History of Freenet]
http://freenetproject.org/cgi-bin/twiki/view/Main/WhatIs
[Ian Clarke's original paper Freenet]
http://freenetproject.org/freenet.pdf
[Freenet FAQ]
http://freenetproject.org/freenet.pdf
[Article from news.com discussing the origins of Freenet]
http://news.com.com/2100-1033-239756.html?legacy=cnet
[Google search for Freenet related pages: freenet +
anonymous|anonymity]
://www.google.com/search?as_q=freenet&num=100&hl=en&ie=UTF-8&oe=UTF-8&btnG=Google+Search&as_epq=&as_oq=anonymity+anonymous&as_eq=&lr=lang_en&as_ft=i&as_filetype=&as_qdr=all&as_occt=any&as_dt=i&as_sitesearch=&safe=images
2) Major security holes are frequently found in products vital to the
internet such as web browsers, firewalls, mail software, etc.
Commercial products which are closed-source and whose workings are
proprietary require the manufacturer to fix the security problem.
Open-source software allows anybody to examine the code for potential
security holes, but also permits anybody to work on the fix. Is one of
these models better than the other when it comes to computer security?
[Open, closed source security about equal?]
http://zdnet.com.com/2100-1105-938229.html
[Slashdot: MS Cites National Security to Justify Closed Source]
http://slashdot.org/articles/02/05/20/2124248.shtml?tid=109
[Musings on open source security models]
http://www.linuxworld.com/linuxworld/lw-1998-11/lw-11-ramparts.html
[Google search: security + closed source]
://www.google.com/search?as_q=security&num=100&hl=en&ie=UTF-8&oe=UTF-8&btnG=Google+Search&as_epq=closed+source&as_oq=&as_eq=&lr=&as_ft=i&as_filetype=&as_qdr=all&as_occt=any&as_dt=i&as_sitesearch=&safe=images
[Google search: security + open source]
://www.google.com/search?as_q=security&num=100&hl=en&ie=UTF-8&oe=UTF-8&btnG=Google+Search&as_epq=open+source&as_oq=&as_eq=&lr=&as_ft=i&as_filetype=&as_qdr=all&as_occt=any&as_dt=i&as_sitesearch=&safe=images
3) What implications do proposed laws like UCITA have on computer
security?
From the UCITA FAQ on 4cites page:
Can software publishers remotely shut down an organization's mission
critical software?
Yes. UCITA expressly authorizes a software publisher, in a dispute
over license rights, to remotely shut down an organization's mission
critical software without court approval -- in many cases shielding
the software publisher from liability for the harm caused.
Does UCITA address privacy issues?
UCITA actually permits invasions of privacy. It allows software
publishers to legally track and collect confidential information about
personal and business activities of licensees. Additionally, because
it allows software and information products to contain "back door"
entrances, user's systems can potentially become vulnerable to
infiltration by unauthorized hackers.
Note that the information above was written by a group which strongly
opposes UCITA. Obviously, the debate here is over whether the proposed
UCITA law actually does have negative computer security implications
for those who buy software under the law.
[4cites UCITA FAQ]
http://www-affect@ucita.com/what_faq.html
[4cites What is UCITA?]
http://www-affect@ucita.com/what.html
[4cites Current events in UCITA]
http://www-affect@ucita.com/happening.html
[UCITA online]
http://www.ucitaonline.com/
[Google search: ucita]
://www.google.com/search?as_q=ucita&num=100&hl=en&ie=UTF-8&oe=UTF-8&btnG=Google+Search&as_epq=&as_oq=&as_eq=&lr=&as_ft=i&as_filetype=&as_qdr=all&as_occt=any&as_dt=i&as_sitesearch=&safe=images
Good luck on your thesis and feel free to ask if you need
clarification!
/ephraim |