The Hacker Pyramid

Balancing Risk and Trust in a Complicated World

I didn't say all that to scare you off computer security. After reading about the problems inherent in computer security, a lot of people panic, and decide to trust nothing. That's not the proper response.

Inherent in any relationship of trust is some risk that trust will be broken. That's what trust is about, really: If the relationship were unbreakable, it wouldn't be one of trust. So trust must be balanced by a realistic understanding of the risks involved in any relationship of trust. Trusting technology involves risk. Trusting people involves risk. How much risk? That depends on the technology, the people, and the situation.

Balancing risk and trust is the process of gauging how likely it is for trust to fail in a given situation. Not all situations are equally likely. Yes, hackers can get into your network and into your computers, and in an absolute sense, you can't stop them. This sounds grim, but it's also not 'real.' There is always some possibility of hackers getting into your computers and your network, irrespective of how much trust you put into your security measures. If the likelihood of a successful hacker attack is low, you can stop worrying-especially if you back up your data frequently.

So how likely are hacker attacks? How effective are the countermeasures you can put into place? What are the risks in using a wireless network?

Answering those questions will take a whole additional chapter, in order to put trust and risk into a Wi-Fi context. Read on.