It's always two steps forward, another step back

Security technology has a habit of replacing the problem that it solves with an entirely new one. Encryption, for example, hides your data from others, but that also includes the user if he forgets the key. So we put in a PKI to manage all the keys, and that introduces a raft of other new problems. And so it goes on.

The latest idea for solving man-in-the-middle attacks is an ingenious solution from Carnegie Mellon University, called Perspectives. This looks very interesting, as it’s claimed to be simple and cheap. Essentially it uses a network of “notaries” that check the web sites you visit to ensure that authentications returned to them are consistent with ones sent to you. 

This of course raises a privacy issue. The notaries, which might be universities, will have a lot of information on IP addresses and web activity. I hope they have an answer that’s more than simply asking the notaries nicely to avoid recording client IP addresses.