Do we bring on our own security problems? 08222012

My dog is bigger than your dog! I can do it better than you! I can climb a mountain just because it is there!  These are all things a kid says, but even worse it is our “EGO” that makes us try these and by adding the word dare or double dare you thats almost like picking a fight.

Yes it is the challenge that is invoked by these words. So if you were to read a flaw was found in security system or a network of the largest, bank, insurance company, conglomerate, government office etc. what would you do? Most of us nothing, but some would go out and try to break the system. This is what virus writing, hacking, warezing etc. is all about. Some claim they do it for the good others are doing for the gain. 

But why do we as a government, and common sense of people publish known flaws in journals and news when they are about things like infrastructure, or security? 

I know we believe that “Open” and “Public Knowledge” is good but what is the cost, and how good is it really? 

This rant is just to have an opportunity to question why we are so eager to make this type of information public as seen in the article “U.S. looks into claims of security flaw in Siemens gear” posted by Jim Finkle of Reuters. 

This is not a condemnation of the authors article, the issue really is why do we want this stuff so publicly known?

Toshiba - Toshibadirect.com 

The truth is that every program ever written has some type of flaw or defect, why? Because for the most part they are built by humans, and even at our best there are variable or conditions that we can not foresee.  Why did bridges in the US shake apart? Why do buildings just suddenly crumble down? Engineers of the past did not understand harmonics of the wind, earth or plan for interior changes that later cause the structure to collapse.  This is true for system developers too.  Also, throw in that every now and then computers themselves fail to operate as expected.

But when you print this information you create a challenge for the Hacker to see if they can replicate it.  There are groups who’s goals are to find and publish these because it is in the best interest for us to know. And, on the other hand there are groups who will not exploit this issue until resolved because they can, or because they want to be terrorists, and have ill intentions.  Ultimately you print a challenge and almost always someone will take your bet. So, why make our security a pawn of this game some stuff just does not have to be common knowledge.



Security news and a view presented by the techies at www.end2endsuppor.com and E2 Computers of Tarpon Springs.

Copyright 2013 Simply Reliable Solutions, llc and E2 Computers.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

End2End