« Spyware Targets Children
Your Computer Are Belong To Us »

Epidemic of Ignorance

To put is bluntly, much of the blame for the sorry state of security on the Internet is due to an epidemic of ignorance.

We are defining the word “ignorance” in this context as follows:

    Ignoring known problems.
    Ignoring problems they have been warned about.
    Pretending that problems don’t exist.
    Deciding to compromise security for expedience
    Deciding to compromise security for user friendliness.
    Allowing overconfidence to overcome vigilance.

“One of the most prevalent problems with security is that most users are completely unaware of the risks of insecurity. And this problem will not fix itself. ”
TechRepublic.com

Who are the users they are talking about? You would think they are talking about computer users that don’t have a clue what they are doing, but no, they are talking about the management and employees of companies, corporations and institutions, large and small.

And the same sorry state of ignorance exists among many significant groups of users connected to the Internet, including the administrators of critical infrastructure institutions.

We wish this were not true. We wish we didn’t have to agree. But the truth is, this article is right. The Internet is awash with very significant security treats, and far too many users either don’t give a rip, or don’t know enough to give a rip.

We would like to think this sorry state of security is largely due to ignorance, rather than deliberate disregard and irresponsible behavior. We would like to think so. Too many times, the lack of security is simply due to lack of funding and attention.

Fortunately there are many highly skilled, qualified and dedicated folks doing good work securing corporate networks and institutions. But clearly a lot more has to be done. They need to be given the resources to do the job right.

At the very least, we think this is a head-in-the-sand syndrome. Yes, like the classic ostrich defense. If you don’t look, the threat does not exist. Close your eyes and it will go away.

Well, that is not going to work. And ignorance is not bliss.

Hey, when one teenage hacker can break into dozens of high value targets, Houston, we have a problem.

http://www.truthout.org/docs_2005/051005Z.shtml

Posted on Sunday, June 5th, 2005 at 4:52 PM and filed under All Posts, General. You can follow any responses to this post through the RSS 2.0 feed. You can leave a comment, or you may trackback from your own site.

Leave a Comment

You must be logged in to post a comment.

_____________________________________________________________________________________________________________