Barney's Blog

Blog archive

Doug's Mailbag: State of Internet Security

One reader gives his in-depth analysis of the current cybersecurity landscape:

I think the Internet is growing faster than we can keep up with it. I think people, as a whole, put too much faith into the Internet-based products and services they consume. I think most people use the Internet like many others drive their vehicles; it is a necessary convenience that tends to be abused and misunderstood up until a life is radically changed. Then we wake up to the problems with our abuse of the system the whole time.

The internet is not a secure place, and nothing you do on it is private. The security measures currently in place are like vaulted locking mechanisms on a sliding glass door -- they do an excellent job at keeping out honest men and someone that requires a lockpick set, but anyone with unconventional tools, like a hammer, can just barge right in (like firesheep).

Also, I hope everyone understands that, aside from script kiddies, most hacker groups and individuals are only able to continue doing what they do because they are far more intelligent than you are (not you Doug-- I mean 'you' the reader).

The malware that makes the news isn't the stuff we should be too worried about -- most well-adjusted, technically savvy people can pretty easily avoid such nuisances -- it's the malware that's on your machine right now quietly sending out small payloads a few times a year that we should be worried about.

I'll agree that most Internet-based services are a necessity these days -- things like e-mail, social networking and online banking are almost essential. Malware and exploits of these systems are just the big red flags that everyone walks past to consume such services. Just like vultures circle above a dead animal, malware and exploits swarm around broken software and protocols. But the real problem with e-mail, social networking, and online banking isn't their existence -- its their implementation (like most Microsoft Windows applications, Facebook, Google+, Twitter, SSL, and most EULA and privacy statements that no one ever reads).

As for where you, Doug, are torn -- I personally would never sacrifice personal freedom in favor of the 'greater' security. I would advocate for the rewrite of broken applications and protocols. To those doing the rewriting, I would like to remind you of Occam's razor -- for instance: IPv6 is not a suitable alternative to IPv4; IPv4.1, however, is.
-David

Share your thoughts with the editors of this newsletter! Write to [email protected]. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted by Doug Barney on 04/02/2012 at 1:19 PM


Featured

comments powered by Disqus

Subscribe on YouTube