One of the major security problems is that data on the web often runs naked. This is due to two reasons – 1)the HTTPS protocol can be more difficult and costly to implement and 2)there is a notable performance hit to be taken in most situations. Network World is reporting work done at Stanford University that would embed encryption at the lowest TCP layer a)without incurring a large performance hit and b)without incurring huge development penalties. Well worth the intro read here at Network World and the surprisingly accessible Stanford-led original paper here. This is potentially a huge step forward in basic Web security just waiting for a Perfect Security Storm to get implemented.