Computer Crime Research Center


No patches for human stupidity!

Date: January 23, 2006
Source: Computer Crime Research Center
By: Tony Bradley

... information; it was really ridiculous. Microsoft has vastly improved this issue with Win XP SP2, limiting many worms and bots.

Keep in mind that Microsoft still has a lot of security problems in their products, but things have vastly improved, even in light of a majorly increased threat from organized crime. If we had had the current level of threat with the Windows of two years ago, we'd have gotten creamed.

TB: What do you believe is the greatest weakness or failure of existing security technologies or solutions?

ES: Security technologies still have numerous flaws. Vulnerabilities such as buffer overflows in firewalls, IDS tools, IPS products, and anti-virus solutions are a major concern. Attackers who exploit such software can get total control of a system or network via the machines' supposed defense mechanism. Although you'd expect that security tools would be developed with a higher level of scrutiny than other software, it does not seem to be so. So many of these tools are flawed, and that's really quite sad.

TB: What do you feel are the emerging information security threats looming on the horizon?

ES: Attacks on security tools, as we just discussed, are a major concern. But, I'm also worried about how we are increasingly folding general-purpose computer systems into our consumer electronics devices, like cell phones, TVs, and stereos. Cars are likewise getting more computerized. Computer attacks will evolve into this new realm, exploiting the same kind of vulnerabilities, but this time with a new set of targets. That will cause some major problems for society. In the past, if your computer was down, you might have watched TV, listened to the radio, or even had a conversation with another human face to face. If your computer, TV, radio, phone, car, and other technologies all use similar underlying systems, they could all come under attack simultaneously. That's a real problem, so we better brush up on our conversational skills with people located within walking distance! :-)
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo