Computerworld - We've failed the consumer. When it comes to the lowest common denominator, security is an abject failure.
I say this because, when I was housebound during Virginia's "snowpocalypse," I spent a bunch of hours repairing a Windows PC for a family member, who I will call Alice. Alice is about as tech illiterate as anyone you'll ever meet. She has an out-of-the-box Windows XP system from a popular PC vendor. It's been running for a couple of years, more or less intact. A few months ago, she asked me to set up Skype on the system so that she could talk to family members overseas. Sure thing.
I made sure that it was up to date with patches, service packs and such. It had an antivirus product on it that was free from the cable modem provider. I made Firefox the default browser and Thunderbird the default e-mail client. I figured the machine was relatively safe from many of the nasties that plague the interwebs.
So I put Skype on the system, configured a basic webcam for her and left her to it. What could go wrong?
Well, a few short months later, the PC was running noticeably slower. We're talking boot-up times that can be measured with a sundial. Yes, the trusty but rusty home PC had picked up a cough somewhere in its travels, and it wasn't likely to get any better.
I took a look at the system and sure enough, it was dead. So here it sits in my office while I reload Windows on it. This time, I'm taking things a step further by giving Alice a non-privileged account, ensuring NoScript is installed in Firefox and setting Internet Explorer's default Internet zone security at "High." But I can't help but think I'll be doing this again in a few months' time.
This is not fun, folks. And the only conclusion I can draw is that we've failed.
Alice started using this system with zero knowledge. She simply wanted to webcam with family members. Nonetheless, she ended up picking up all sorts of nasty malware, keyloggers, botnets and so on.
The status quo is simply not a sustainable business model.
I can't help but think back to my December 2009 column where I advocated an "app store" for the common user. Let's revisit that idea just a bit, in the context of a user like Alice.
Consider a home PC (I'll call it a "Lily Pad") for which all the software comes from one place, and whose configuration management is controlled by one central app store (I'll call it the "Mother Ship").
- Data Protection eGuide In this eGuide, CSO and sister publications IDG News Service, Computerworld, and CIO pull together news, trend, and how-to articles about the increasingly...
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!