Response to article on information security stance by Internet companies

This “article” appeared on LinkedIn Blogs.. written by Ravi Krishnappa , entitled Today Ransomware – Tomorrow Haramware

It showed up on my feeds, I felt compelled to reply.. and here’s my response, which somehow didn’t get posted in the comments section of the linkedin blog

“””

I have some comments on your post:
My comments follow snippets of your post quoted within sideways-chevrons(>>>some text<<<)

1.
>>>
I regret the whole computer and internet security design that is in place today.
<<<

Very true, and lots of folks, including like yourself, are working on this. It’s a known problem, as you say.

2.
>>>
The whole thing will one day crash and burn and take the civilization back by 200 years. The current security model is like living in an iron fortress with known secret doors. Everyday, we see huge data thefts from private, public and government agencies. I strongly believe that similar leaky infrastructure could be the reason behind the sudden disappearance of mighty dynasties in Egypt, Mexico, Peru and India.
<<<

The whole thing may crash one day, but I doubt the “whole thing” that you say, is the same as what I say or what someone else says. I don’t believe my “whole thing” is the internet and the security therein. Half of the world’s population doesn’t have enough to sustain themselves physically. The internet crashing would barely twitch their eyelashes. But you do make a point, however, you lost me when you made a connection between data thefts and dynasty disappearances.

3.
>>>
A internet dependent society that has no manual fail-back mechanism can be crippled if enemies lock up key computers that are essential for commerce and communications.
<<<
See above. If the basis for the manual fail-back mechanism is human civilization, then there already is one – human ingenuity — paper books are still available.. for a while anyway.. There’s even organizations that deal with long term human survival (http://www.longnow.org) .. and an effort for preserving the knowledge to bootstrap if something like that happens http://blog.longnow.org/category/manual-for-civilization/ .

But I doubt it’ll come to that. I do agree that where we’re heading as humanity is more information centric. Where we may differ is who has access to that information.. and how. History has shown that control of any valuable entity by a few leads to circumstances that destabilize the situation and eventually commoditize the entity.

4.
>>>
I call this kind of wanton destruction as Haramware after the brutal methods used by certain groups in Nigeria, Kenya, Syria, Afghanistan and Iraq to destroy whole villages, cities and ancient artifacts.
<<<
You lost me again. I see where you’re going with brutality and the abuse of power, but I was struggling to see the co-relation to internet security.

5.
>>>
We are sitting on a time bomb right now. The big players in networking (Cisco, Juniper etc), virus protection (McAfee, Symantec etc), Network protection (Palo Alto, Checkpoint etc) are not coming forward to offer 100% protection against intrusion, stealing and damaging the computer infrastructure.
>>>
So, back at information and information security, I fail to see how a few infrastructure level companies like Cisco, Juniper, McAfee, Symantec, Palo Alto, Checkpoint etc.. are liable for the lack of internet security. Yes, as networking companies, they have a prerogative to provide solutions to “known” and “foreseen” problems in the network. Why aren’t companies like Facebook, Twitter, Apple, Samsung, Google, Yahoo in that list? For that matter, why aren’t Amazon, AirBnB, Netflix, Uber in that list either? Information leaks because of osmosis.. again a known issue.( http://www.misentropy.com/2010/05/information-osmosis-and-the-case-against-chief-culture-officer.html sheds light on *some* of it)

6.
>>>
Why ? Because they can protect a few known secret doors but they don’t know about other secret burrows dug below the foundation. They are like the tunnels built be Hamas under the Israeli border walls using Israeli cement.
<<<
I don’t know enough to comment on the accusations. Conspiracy theories are rarely productive. Companies exist for profit ( at least in America ) and are usually beholden to their shareholders. As such, they will act to increase their profit and to increase the trust of their shareholders. Being held on a leash by secretive organizations that have the keys to “secret doors” that the companies have to support rarely go in the favor of the companies livelihood in the long run. I could be mistaken.

7.
>>>
We need a brand new computing and internet infrastructure that is simply not hackable. What we have today is pure crap. That new infrastructure will probably cost more than $20 Trillion dollars and it is worth spending that amount. That spending could revamp the sluggish worldwide economy and bring back the basic security that is essential for living in a digital world.
<<<
I think that whatever we as humans make, we can unmake. There is no “other” human-made infrastructure that cannot be hacked by humans — simply because we thought it and we made it. How would one think of security with the “new infrastructure” – someone or some group within a hierarchy would still end up owning the responsibility for upholding the last mile of security – and they would still be human. How is that different from what we have today. It’s probably worse.

I didn’t want to feed the trolls, but this showed up on my feeds.

“””

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s