In true crime-fiction fashion, can we envision a situation in which software programmers and the researchers behind commercial antivirus titles are held hostage for their security information? Depending on the fish that hackers are hoping to catch, having a little reluctant inside help could come in very handy.
But as one tech reporter has stated, what if that inside help isn’t so reluctant? Internal data breaches are increasing in occurrence, thanks to the potential payoffs involved. Rick Robinson for SecurityIntelligence.com brought up an interesting point: your antivirus is only as good as the developer who wants to keep your content safe:
“But who will guard the guards themselves? As this Latin proverb suggests, the security challenges of safeguarding protective systems are not new. In fact, they are inherent in the nature of security measures.
“Security guards need passkeys, which means that one way for the bad guys to get hold of those keys is to steal them from a guard. In the same way, security software needs to have access to high-level permissions. In fact, most of the familiar Hollywood tricks for getting past the guards have their cyber equivalents, from simply taking out a guard (disabling the software) to dressing up in a guard uniform and issuing fake instructions (abusing the software’s system permissions).”
That’s why Robinson and other techxperts are looking for alternatives to the way we currently protect our computers and networks from attack. Unfortunately, we’re still in a climate where convincing users to even have those antivirus protections in place is still a problem, so getting them install updates, patches, and other bug fixes may be even harder.
No comments:
Post a Comment