Today’s State of Security: “We’re Screwed” or “Relax, It’s Okay” (part1)

Posted on by Tim Donaworth

The following will be a two part post on the current state of security. It will mostly be a self opinionated rant. But I’ll try to make some insightful comments. If you’ve followed the media for any amount of time lately you’ve heard countless stories about data leaks, data breaches, identity theft, all those uber scary things that keep you up at night.

It almost seems like the very technology we are creating and utilizing, is only making it easier for thefts to take place. Fifty years ago, if you wanted to try and purchase something in someone else’s name, you needed a physical ID, and a check. That check could be counter fitted or altered through check washing or whatever, but in order to use it, you still had to make a physical appearance. There was a personal touch to it. In order for a company to loose one million records or customer information, it would have required a truck to haul off boxes and boxes of paper records. Today these same tasks can take place with as little as a five second transaction online, or as simple as loosing a laptop or even a USB thumb drive.

With more and more people holding onto almost endless amounts of data, the responsibility of this has sky rocketed. And many people just can’t keep up. That’s why it takes teams of individuals to manage this data. It’s no long boxes of paper records, but terabytes of data. It’s becoming more common for threats to come from inside companies then for actually attacks or network breaches. Finding the right people to handle this data, and having the right amount of protections is almost as key. But can we really trust anyone?

Even those that are saying “my data is encrypted, it’s secure” – well how secure is it really. Computers are getting faster, and more numerous. It’s only a matter of time before encryption keys are broken. That’s assuming the code implementing them is correct (as we’ve discovered in a recent OpenSSL flaw [LINK]).

Software itself isn’t even reliable anymore. How many patches have you applied to your computer this month alone? No code is 100% secure. Back doors are found, limitations are reached, unexpected data is loaded. As great as technology can be, it still comes down to the one common source, human error. We will always make mistakes, and there will always be someone to find them.

So as I see it, we are a society built around laziness. We are slowly building up to our own demise, the gifts we continue to give ourselves, we also use to hurt each other. In the end, we are screwed.. ..or are we?

Stay tuned for my counter-rant, as I shed some light on all the dark little monsters that keep you up at night.