The Computer Security Industry
- It began right after the Morris Worm
- Early viruses attacked via floppy disks
- The vulnerability was the user
- Early compromises were not publicized
- Internet access was rare
- Outside access was frequently through X.25 or dial up
- Few understoor or expected the explosion of the industry
-
Have we gone too far with Security?
- It's a trade off, of course
- How much inconvenience can we tolerate?
- It depends on the industry
- It depends on your tasks
- It depends on the threats
- How much security do we need?
- It depends...
"I have watched kids testifying before Congress. It is clear that they are completely unaware of the seriousness of their acts. There is obviously a cultural gap. The act of breaking into a computer system has to have the same social stigma as breaking into a neighbor's house. It should not matter that the neighbor's door is unlocked. The press must learn that misguided use of a computer is no more amazing than drunk driving of an automobile."
(Ken Thompson: August 1984)http://cm.bell-labs.com/who/ken/trust.html
- How many intrusions do you have in a year? In a month? Per hour?
Perhaps you were thinking of evil hackers as intruders. Perhaps you were thinking of all those automated scanners, from all the leftover worms and viruses that never seem to be fully cleaned up. Think about it. When was the last time your company (or campus) network was broght low due to someone on the inside, infected with the virus or trojan du jour. That's an intrusion, baby.
- The security staff?
- You?
- Maybe it's just somewhere in the middle...