Typically Internet users do not possess much understanding of security issues and ways to protect oneself as user. There is also lack of trust in technology that hinders economic growth. There is a need to develop standard interaction patterns to allow declarative interaction. By standardising popular interaction patters, users only have to passively declare the desired interaction, and do not have to bother the user with permission to run unverifiable scripts on a web page. The users will have the right to be off-line when using connected devices, as well as using safe content profiles or generic profiles for revealing personal information. This will lead to higher openness and trustworthiness of the Internet with the effect of enabling innovation and creativity.
- Safe Content Profiles
For the end users, safe content profiles need to be implemented. The original design of the web as a set of documents where one can safely surf from link to link, has been lost over time due to the rise of demanding applications that appropriated the technology to get system agnostic interfaces. As a result, document are now no longer safe. When a user browses an unknown website, he or she typically grants the operator the same technical privileges as a bank or trusted software supplier would need – browser have not been given the native abilities to distinguish among known and unknown. Browsing the internet, the risk of abuse is very significant. Availability of a safe content profile (e.g.. return of the web document) would provide a subset of features that is known to be secure and passive, which would guarantee the end users are not attacked while they just want to read a document.
- Domain Isolation
Domain isolation, which is another part of the securing the browser environment, should be provided between websites. This will minimize the amount of observational data about a user between their use of different websites unless the user explicitly makes the connection. There is a real need for users to be in control of what the application software inside their device and the sensors are revealing about them to the outside, such as their location or life habits. There is a need to provide generic profiles for revealing personal information. A user should be able to silence or randomise sensors, or to have his GPS module give inaccurate data about his whereabouts to app that do not need such intimate information
- Hardware security
Hardware should also be protected from abusive monitoring. There should be mandatory hard switches for embedded cameras and other devices. Cameras and microphones are particularly invasive, and a high profile target for abuse. Users should be able to physically switch of cameras and microphones they are not using, so that they can be 100% safe from the emergence of sudden software flaws or security glitches. Furthermore, users should have the right to be IoT off-line including environment. People should not be forced to use invasive technologies by their employer or other persons that have authority over them. Encryption is the single most important technological building block of Internet security. The rigjht to encryption should also be universally established.