Is the Internet Security failing?

Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security. Noam Eppel writes how the Internet security is failing and what can be done about it. He compares the current state of security industry with a boiling frog:

They say if you drop a frog in a pot of boiling water, it will, of course, frantically try to scramble out. But if you place it gently in a pot of tepid water and turn the heat on low, it will float there quite complacently. As you turn up the heat, the frog will sink into a tranquil stupor and before long, with a smile on its face, it will unresistingly allow itself to be boiled to death. The security industry is much like that frog; completely and uncontrollably in disarray – yet we tolerate it since we are used to it.

The article lists out attacks that made the headlines recently and points out that failure can be seen everywhere — spyware, phishing, trojans, viruses, worms, spam, botnets, web application vulnerabilities, DoS attacks, Active-X, passwords, patch management, zero-days, wireless access points, internal attacks, vulnerabilities in security software, mobile viruses and encryption.

Recently Noam Eppel has published an update to the failure article with Community Comments & Feedback, where he highlights the Good, the Bad and the Ugly comments generated by his article.

I think both articles are very useful, with loads of data and insights, specially for Information Security Professionals.

Be Sociable, Share!
Posted in Admin, Links, Network, Security, Technology

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Recent Comments

From Wikipedia, the free encyclopedia – Ram Bahadur Bomjon on Buddha Boy attacked and injured a guy with his sword?: […] Niranjan (July 20, 2007). “Buddha Boy…(September 2, 2017, 5:07 pm)
Micle on How I Prepared and Passed CISSP : Nice Aritcle…(August 10, 2017, 8:51 am)
David on How I Prepared and Passed CISSP : I am very happy to read this…(August 10, 2017, 8:21 am)
95Russell on Simulating Cisco and Linux Networks: Hello blogger, i must say you have…(August 5, 2017, 8:30 pm)
amberhina on DNS Amplification Attack: Thank you for helping us with DNS…(August 4, 2017, 10:11 am)