The Core Dump

A strong conviction that something must be done is the parent of many bad measures

[By Nic Lindh on Thursday, 29 January 2004]

The Feds on computer security

Scott Granneman has written a couple of interesting columns for SecurityFocus. In one of them, he discusses the scary ignorance Joe User has when it comes to security. The column shouldn’t come as a surprise to anybody doing end-user support, but judging from the still-abysmal state of user interfaces for security tools, it’s a big surprise to the makers of anti-virus software and firewalls. And Microsoft’s Windows Update tool is still a living manifesto of how not to design end-user software.

You’d think that enlightened self-interest would convince a lot of people to learn enough about this stuff to lock down their own machines, but all the evidence says no. There’s a small percentage of nerds and geeks who spend the time on this stuff, and the rest of the user population, for whatever reasons, can’t be bothered. So their boxes get hacked, they keep clicking on dangerous attachments, fall for phishing scams, and in general have a thoroughly unpleasant experience on the Internet.

After Granneman published the column linked above, he was contacted by an FBI agent, who volunteered to give a lecture. The account of that lecture is fascinating reading. There’s a lot of nastiness out there.

Turns out that security is not so much a matter of technology. Granted, base levels of technological security, like firewalls and strong passwords, have to be in place to prevent abuses, but in the end “social engineering, coupled with greed, is the easiest way to subvert any security.”

Music: “Mary’s in India” by Dido [Opens in iTunes]

« The horrors of IE

 »


Enjoy the ten latest posts!

The big thieves hang the little ones

Book roundup, part 29

A sci-fi and fantasy heavy installment that includes The Valedictorian of Being Dead, The Mastermind, Broadsword Calling Danny Boy, Tiamat’s Wrath, The Raven Tower, The Liberation, The Light Brigade and Cryptonomicon.

Politics is not the art of the possible. It consists in choosing between the disastrous and the unpalatable

Book roundup, part 28

Includes The Incomplete Book of Running, Aching God, The Murderbot Diaries, Lies Sleeping, The Consuming Fire, and Rendezvous with Rama.

Las Vegas trip report

Did you know Las Vegas is kind of nutty?

Book roundup, part 27

Includes Hollywood Dead, Tales from the Loop, Things from the Flood, The Court of Broken Knives, and Port of Shadows.

To see what is in front of one’s nose needs a constant struggle

“Cancel everything. You’re going into emergency surgery today”

Nic has a retinal tear and has his vision is saved by a laser.

Book roundup, part 26

Includes The Storm Before the Storm, White Trash, Calypso, Tell the Machine Goodnight, Prince of Fools, and Provenance.

Renewing the nerd card: Installing Ubiquiti UniFi in the house

The Internet tells Nic to install Ubiquiti gear in his house, so he does, and now he has thoughts.