In the early days of networked computers, security protocols were pitifully underdeveloped and underanalyzed. Worse, they were implemented ad-hoc for each system separately. This means that a lot of early hacks were successfully executed directly against machines: Lines were tapped for passwords being sent in plain text, system executables were trivially overwritten, and son on. The only real security was physical isolation.
It wasn't long after networking became popular that it also became much more secure. In fact, SSL was first invented by Netscape in an effort to convince consumers that they could trust sensitive data, like credit card information, to the nebulous ether of the Internet. Remote access to important servers is now routinely restricted to access by a 2048-bit or larger private key rather than a password that can be guessed or accidentally divulged. File-system security has similarly advanced, along with distributed authentication (Kerberos), mechanical protection against automated password attacks (CAPTCHAs), and any number of other areas.
The net result is that a server now comes with secure software pre-installed. Each component has been peer-reviewed by thousands or tens of thousands of experts to ensure it is immune against known mechanical attacks.
Yet somehow, we keep hearing of embarrassing and costly hacks. HBGary Federal recently had their entire website trashed, full email logs published, backups erased, and their CEO's iPad remotely wiped. Just a couple months ago, Gawker Media (who runs many of the world's most-visited blogs) was manhandled by hackers who walked away with hundreds of thousands of user names and passwords. Not just hashed passwords to be cracked later, but the actual plain-text passwords, which most of those users probably used just about everywhere else.
With the decades of cryptography research and development we now have behind us, how is this still possible? In almost every case, it's a combination of administrator ignorance and at least one helpful clerical worker. The years of research that go into an algorithm like SHA-1 don't help Gawker if they don't salt and thoroughly hash their passwords. And Anonymous might not have destroyed HBGary so thoroughly if their secretary hadn't been willing to hand over credentials to a 16-year-old who asked nicely.
Welcome to the new world, same as the old world. If you really want prying eyes out, it seems the only real security is physical isolation.
The most likely people to have their cars stolen or houses burglarized are those that leave their doors unlocked.
ReplyDeleteEven with isolation from networks you're still at risk. For example, flash drives can carry viruses. If you take it to the next level and prohibit even portable media, you're still vulnerable to social engineering.
ReplyDelete