Consequences of Overzealous Security

Part of Information Security is not making assumptions. You don’t assume that computer systems are safe, you check them. Even if they were safe when you checked them, you check them again months later to make sure they are still safe. This sort of regular assessment is no different than security guards making regular rounds in an office building late at night. Such as at a bank. When something suspicious is discovered during a systems check or pentest, you investigate it in order to verify that what was found is what you think it is. Evidence of a server break-in needs to be checked carefully before one goes blurting out “We’ve been hacked!”. Just like a bank doesn’t say “We’ve been robbed” because some accounting numbers don’t match-up.[…]

Security Balances

From this Yahoo! article: He was sympathetic, but accepted the Transportation Security Administration’s reasons for the ban. “What are you going to do?” he said. “I guess you have to be safe.” Amanda Volz, a TSA screener in Minneapolis, said she hoped more travelers would take that attitude Friday. “There’s some moaning and groaning, and a few people who get angry, but once you explain it to them, they are more lenient about giving it up,” Volz said. “You just try to make them understand that it’s for their safety.” Lots of things are done for safety. But they aren’t always the best choice, or the most useful. And there’s usually more than one way to make something safe and secure.

A Chaotic Ocean Divided – Part I

If you have never read John Brunner‘s novel “The Shockwave Rider“, I strongly recommend you do so at your earliest opportunity.  Published in 1975, the novel is a fictional story about a man in a future society dominated by computer networks, corrupt governments and social upheaval.  Key to the book’s plot is the division between what information government authorities can access and the information citizens can see.

In many ways the book mirrors the situation we live in today. In fact, “The Shockwave Rider” is so keenly accurate in its predictions that it’s somewhat unnerving (Brunner even coined the term “worm” to refer to a computer program that moves through a network of computers and makes changes).  Vast oceans of data exist across societies throughout the world. Databases compiled by corporations, non-profits and governments store meticulous details about all of us. And in our world today there is no data access balance between “regular joes” and those governmental and corporate entities. Because data about people is so especially valuable, that divide represents a power imbalance.