When will we take security seriously?

Overheard today at work:
“Hackers don’t usually work during the day, or on weekends…”

I guess by that same logic, I could say that I ran file servers with all ports exposed on the public Internet for years and never got hacked (just don’t mention that those years started in 1996 and ended in 1998).

It’s sad that there are people who still don’t take security seriously. The attitude I heard 10 years ago–“What? Do they want to look at the GIFs and JPEGs on my hard drive? If they can get in, they can have ’em!”–pervades today. Nobody’s interested in your GIFs and JPEGs because you don’t have anything that hasn’t been posted on Usenet’s alt.binaries groups a dozen times, but they want your high-speed connection. It doesn’t matter anymore how insignificant you are. If your computer is online, they want it.

I’m quickly reaching the point where I believe it’s socially irresponsible to have anything faster than a 56K dialup connection and not have a hardware-based firewall sitting between you and the Internet. I bought a couple of the low-end Network Everywhere-brand (made by Linksys) 4-port cable/DSL routers a year ago. I paid $50 apiece for them. That’s what you’ll pay for a shrink-wrapped “Internet Security” software package, but it’s more effective and it doesn’t slow your computer down. Even a one-computer household should have one.

As far as antivirus software goes, Grisoft offers antivirus software free for home use. Yes, it slows your computer down. If you don’t like that, run Linux. Grisoft’s AVG is free, effective, and easy to use. And it stamps outgoing e-mail, assuring your friends that your mail has been scanned. That’s comforting in these days.

Hopefully the typical computer user will soon outgrow the teenage it-can’t-happen-to-me mindset.

But I won’t hold my breath. Since hackers only work on weekdays, problems can only happen when I’m at work and my home PC is off, right?

5 thoughts on “When will we take security seriously?

  • November 13, 2003 at 9:53 am
    Permalink

    Hackers don’t usually work during the day, or on weekends…

    You mock this statement, but it is true. We simply cannot be online during the day because they don’t have good Internet access in middle school. And on the weekends our parents are all over us to do queer “family” stuff. Its a tragedy!

  • November 13, 2003 at 11:26 am
    Permalink

    I don’t doubt that most hackers keep predictable hours, and they may even be very similar to one another. But there’s this little problem called time zones…

  • November 13, 2003 at 3:03 pm
    Permalink

    Are timezones really a big deal? I mean we’re only talking about a 4 hour coast-to-coast difference for America Online.

  • November 13, 2003 at 4:19 pm
    Permalink

    Lithuania produces world class hackers and so does Poland. So, polish your Polish so you can participate with the best in their time zone.

  • November 13, 2003 at 6:59 pm
    Permalink

    I would like to take this time to recognize an outstanding product – the Watchguard FireBox 700. I’ve used several of these for clients and employers, and they have never had problems.

    Setup is easy, flexibility is great, tech. support is insanely good, the manual is actually USEFUL, and their security update service is second to none.

    If a new vulnerability is discovered, Watchguard’s service sends you an e-mail telling you what the vulnerability is, how to patch it in your product (usually Microsoft Windows), and how to make sure you’re safe by showing you what options and setting to enable in your FireBox.

    It’s great great great great great….

Comments are closed.

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux