Computerworld - We've failed the consumer. When it comes to the lowest common denominator, security is an abject failure.
I say this because, when I was housebound during Virginia's "snowpocalypse," I spent a bunch of hours repairing a Windows PC for a family member, who I will call Alice. Alice is about as tech illiterate as anyone you'll ever meet. She has an out-of-the-box Windows XP system from a popular PC vendor. It's been running for a couple of years, more or less intact. A few months ago, she asked me to set up Skype on the system so that she could talk to family members overseas. Sure thing.
I made sure that it was up to date with patches, service packs and such. It had an antivirus product on it that was free from the cable modem provider. I made Firefox the default browser and Thunderbird the default e-mail client. I figured the machine was relatively safe from many of the nasties that plague the interwebs.
So I put Skype on the system, configured a basic webcam for her and left her to it. What could go wrong?
Well, a few short months later, the PC was running noticeably slower. We're talking boot-up times that can be measured with a sundial. Yes, the trusty but rusty home PC had picked up a cough somewhere in its travels, and it wasn't likely to get any better.
I took a look at the system and sure enough, it was dead. So here it sits in my office while I reload Windows on it. This time, I'm taking things a step further by giving Alice a non-privileged account, ensuring NoScript is installed in Firefox and setting Internet Explorer's default Internet zone security at "High." But I can't help but think I'll be doing this again in a few months' time.
This is not fun, folks. And the only conclusion I can draw is that we've failed.
Alice started using this system with zero knowledge. She simply wanted to webcam with family members. Nonetheless, she ended up picking up all sorts of nasty malware, keyloggers, botnets and so on.
The status quo is simply not a sustainable business model.
I can't help but think back to my December 2009 column where I advocated an "app store" for the common user. Let's revisit that idea just a bit, in the context of a user like Alice.
Consider a home PC (I'll call it a "Lily Pad") for which all the software comes from one place, and whose configuration management is controlled by one central app store (I'll call it the "Mother Ship").
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!