Losing the desktop wars
The state of security in computing, especially on the desktop (i.e. at
the level of the end-user) has been a concern for a very long time. Experts and
newbies alike have been worried about the damage caused by viruses, Trojans and
other nasties that occasionally flare up, but a lot of the time remain in the
background causing havoc. And they are always there!
Good news, the wars of computer security appear to be over.
Bad news, the bad guys appear to have won.
A few weeks ago, the Chief Technical Officer of White Hat Security, one of the
leading providers of website risk management solutions, wrote that many
companies, especially in the all
important financial services industry, had reached a stage where they now
assumed that their customers are already compromised.
That on the surface may be a good thing, but looking below the surface, it gets
worse. What this assumption means is that with over a billion people connected
to the Internet, just the time (forget about the manpower) expended in cleaning
up those ‘infected’ systems is a colossal waste of resources, and we have
reached that catch 22 stage where this waste of resources is entrenched in the
system!
You think that simply wasting enormous amounts of resources on time and
manpower is a small problem? Think again.
Apparently, the ‘baddies’ who love writing the malicious software that cause
all of these problems are not resting on their laurels either, and the new
front that they have opened in the desktop wars is scarier even still.
Malicious software is now being written that target, and infect routers and
modems, and it looks like this is beginning to be a trend. This is the
implication: if such malware breaks out into the wild, we will have a situation
where even guys like me (I’m a Linux user), have no protection. It will not
matter if my computer is clean or not because the problem will be in my
network, and not on my terminal. Even if you buy new computers everyday, it
would make no difference whatsoever. The attacker will own everything on your
network between your computer and the Internet, and will be free to do what he
likes from the comfort of wherever he is.
What is worse is that even the best experts have problems when it comes to
identifying, then cleaning infected network equipment, thus the need for an
attacker to begin to re-infect a cleaned computer is effectively negated.
Scary? It is happening.
Leave a Reply