The Core Dump

A strong conviction that something must be done is the parent of many bad measures

[By Nic Lindh on Thursday, 29 January 2004]

The Feds on computer security

Scott Granneman has written a couple of interesting columns for SecurityFocus. In one of them, he discusses the scary ignorance Joe User has when it comes to security. The column shouldn’t come as a surprise to anybody doing end-user support, but judging from the still-abysmal state of user interfaces for security tools, it’s a big surprise to the makers of anti-virus software and firewalls. And Microsoft’s Windows Update tool is still a living manifesto of how not to design end-user software.

You’d think that enlightened self-interest would convince a lot of people to learn enough about this stuff to lock down their own machines, but all the evidence says no. There’s a small percentage of nerds and geeks who spend the time on this stuff, and the rest of the user population, for whatever reasons, can’t be bothered. So their boxes get hacked, they keep clicking on dangerous attachments, fall for phishing scams, and in general have a thoroughly unpleasant experience on the Internet.

After Granneman published the column linked above, he was contacted by an FBI agent, who volunteered to give a lecture. The account of that lecture is fascinating reading. There’s a lot of nastiness out there.

Turns out that security is not so much a matter of technology. Granted, base levels of technological security, like firewalls and strong passwords, have to be in place to prevent abuses, but in the end “social engineering, coupled with greed, is the easiest way to subvert any security.”

Music: “Mary’s in India” by Dido [Opens in iTunes]

« The horrors of IE

 »


Enjoy the ten latest posts!

Book roundup, part 27

Includes Hollywood Dead, Tales from the Loop, Things from the Flood, The Court of Broken Knives, and Port of Shadows.

To see what is in front of one’s nose needs a constant struggle

“Cancel everything. You’re going into emergency surgery today”

Nic has a retinal tear and has his vision is saved by a laser.

Book roundup, part 26

Includes The Storm Before the Storm, White Trash, Calypso, Tell the Machine Goodnight, Prince of Fools, and Provenance.

Renewing the nerd card: Installing Ubiquiti UniFi in the house

The Internet tells Nic to install Ubiquiti gear in his house, so he does, and now he has thoughts.

The greater the ignorance the greater the dogmatism

Working in the pod mines

What I wish I’d known when I started podcasting.

It is impossible for a person to begin to learn what he already thinks he knows

Smell the Foam Finger

Nic starts a new podcast about—gasp!—American sports.

Book roundup, part 25

Mostly excellent non-fiction in this installment. Includes Fantasyland, The Miracle of Dunkirk, Das Reich, The Undoing Project, Waiting for the Punch, Vacationland and Points of Impact.