Comments on: 8 Landmarks in Information Security History

By: Peter Hesse

Peter Hesse — Fri, 01 Feb 2008 21:50:27 +0000

I think the I love you worm was pretty key as well. I was working at a security company at the time, and we had two people click the darn thing. Basically that event is when emails changed directions from being more interactive to being less interactive. Now in order to send a harmless digital certificate to someone, I have to put it in a zip file, because Outlook considers it a threat.

By: Slinky

Slinky — Thu, 31 Jan 2008 20:10:47 +0000

1) 1995: The advent of MP3 on the internet. While DRM was not a new concept (think “dongles” and copy protection), applying it to massive amounts of data instead of just applications was. The MP3 and subsequent Napster phenomenon has driven information security for DVDs, digital content, even the architecture of Windows Vista. I think that qualifies as significant.

2) 1975: DES is published. Cryptography for the masses. Enabler of many things, including the ATM network.

3) 1996: SSL 3.0 – Provides the basic security framework necessary for all of E-Commerce to exist. According to the US Census Bureau, 3Q 2007 E-Commerce sales accounted for 3.4% of all US retail sales. More significant than any worm on the above list.

Speaking of things to be removed from the list:
Witty Worm
Titan Rain
Storm Worm

None of these three impacted regular people in any substantial way. Witty Worm forced a few product vendors to put out a patch. Titan Rain might not even be what it claims to be (probably just some hackers, not a “government attack”). Storm Worm: The Soup Du Jour. Very scary stuff..;)

By: Anil Polat

Anil Polat — Thu, 31 Jan 2008 18:58:36 +0000

I think Storm is overrated. I’d put Sasser, or Blaster on there.

They put businesses on alert, and the reported network disruptions forced big companies to take these threats more seriously.

Also, a lot has been done to improve information security over that time – some positives could have made the list as well.