On Fri, 6 Jul 2001, Derek Martin wrote:
> So, if all the systems are equally hard, but hard nonetheless, to break
> into, will the attacks stop at that point?
I doubt they will stop, but the barrier of entry may be raised. Right now,
your average computer system is about as secure as a wet paper bag. Anyone
with a Pee Cee can download a pre-packaged rootkit that does everything but
sign-up the Hotmail account. My Grandpa could do it, and he's dead.
If the overall security picture improves, then the script kiddie will become
extinct (and there was much rejoicing). Attacks will be perpetrated by
professionals with significant motivation -- money, power, politics, fame, or
whatever. Small outfits like my employer's clientele and probably even
Mission Critical Linux will be safe. The pros go after big game: Amazon,
Fleet, Citibank, etc.
> In reality though, I think the security concious user is safe, because the
> average user probably will never take the time to worry about the threats
> that they face in connecting to the Internet. It just isn't meaningful to
> most people...
As more and more data moves online, and more people go online, and more
systems go online, and the capabilities and benefits of such online systems
increase, I think you will see it start to mean something to more people.
Right now, Internet security still isn't that big a deal, because most systems
are still offline, as far as the Internet is concerned.
Fast-forward into the future, when sci-fi dreams have become reality, and
the network really is ubiquitous. Now, someone with a Palm Pilot in Brazil
can hack into your personal financial records stored in a datahaven on an
island off Great Britain, and take all your money. Suddenly, security is much
more important.
I suspect something like this will have to happen before the "average Joe"
really starts to take security seriously. Someday, somewhere, a major bank
will have a significant portion of its customers' accounts wire-transferred to
an anonymous crook with a Swiss Banc account. Or a hole will be discovered in
the popular finance program of the day, and viruses will start writing checks
instead of email. There will be headlines, there will be CNN stories, there
will be major investigations, and suddenly, people will take security very
seriously.
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
