Story image

Myths and truths about internet security

21 Oct 15

The reason so many people are being hacked at such a relentless pace is less about the users themselves and more about mainstream security perceptions and solutions, according to a new book titled ‘Quiet Enjoyment’ by Wes Kussmaul.

Kussmaul says, fraud and predation pervade everyday online experiences, with identities and money stolen at an alarming rate.

People are becoming more dependent of the internet and more wary of the risks it presents, and all the while the information security specialists are failing to provide adequate solutions, he says.

To describe the changing nature of threats, common perceptions and the security industry’s response to the problem, Kussmaul uses the term ‘the information highway’.

“Though the term has gone out of fashion, the information highway continues to live up to its name. The internet and phone networks are, as always, outdoor public transport facilities,” he says.

According to Kussmaul, "It's as though we're living and working in a cardboard box by the side of the street.

“As long as people keep their files, hold their meetings, and let their kids hang out alongside a busy highway, the disaster will get worse."

He goes on to note that the problem is not a broken internet; the information highway serves well as an outdoor public transport system.

Rather, the problem is with the way people use the internet - completing tasks on the outdoor public transport system that should be done in indoor spaces.

"Almost all existing information security technology depends upon the ability to determine the intentions and character of the sender of a stream of bits.

"Isn't that like asking a building's lobby receptionist to determine the intentions and character of everyone who walks through the door? Doesn't your common sense tell you that's impossible?

“Instead, in the real world, the receptionist asks for ID, establishing who's accountable for what happens while the visitor is in the building.

“That's much more effective than trying to guess whether they're friend or foe,” he says.

As the fault is not with the highway, neither is it with us users of the highway, according to Kussmaul.

“We do things on the outdoor highway for the simple reason that online buildings don't exist.

“Yet the technology and methods for building online indoor spaces are quite established and have proven reliable. We can have secure online buildings,” he says.

In his book, Kussmaul explains how secure online spaces can be created and maintained by combining the methods and procedures of the real estate professions with proven but widely overlooked digital ‘ID-PKI’ construction materials.

Such ‘online indoor spaces’ or ‘online buildings’ let users control the use of information about themselves, delivering meaningful privacy.

Often, marketers and others give lip service to privacy but in reality are threatened by tools that deliver meaningful privacy, he says.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Updated: Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.