Friday, August 22, 2014

No, Wired - The Internet is Actually Pretty Safe

Wired ran this article today:

The Internet Is Way Too Fragile and Insecure. Let's Build a New One


Featuring this:

You may have had the bad luck of being stuck on a runway when a router failure in Utah grounded commercial flights around the country for several hours. Or maybe you were frustrated by not being able to access government websites the day the .gov domain administration had a glitch in its system. These minor mishaps over the past decade are early rumblings of an uncomfortable truth: The Internet is more fragile than it appears.

The problems with the .gov websites and the FAA were caused by accidents, but such accidents can have widespread effects. In 2008, censorship efforts by the government of Pakistan unintentionally caused YouTube to become inaccessible throughout the world. In another incident in 2010, much of the Internet was rerouted through China for a few hours, including traffic between US military sites. China Telecom plausibly claimed this was also an accident, but scenarios like this could be easily arranged.

Well, two main problems here:

1. As the article admits, those were human errors. A secure internet is never going to fix PEBKAC.
2. You may remember that recently there were reports of a Russian gang stealing over a billion passwords. Bruce Schneier, world-renowned security expert, had this to say in his recent Cryptogram:

I don't know how much of this story is true, but what I was saying to reporters over the past two days is that it's evidence of how secure the Internet actually is. We're not seeing massive fraud or theft. We're not seeing massive account hijacking. A gang of Russian hackers has 1.2 billion passwords -- they've probably had most of them for a year or more -- and everything is still working normally. This sort of thing is pretty much universally true. You probably have a credit card in your wallet right now whose number has been stolen. There are zero-day vulnerabilities being discovered right now that can be used to hack your computer. Security is terrible everywhere, and it it's all okay. This is a weird paradox that we're used to by now.

On this count, I am going to side with Schneier.

  

No comments:

Post a Comment