Chapter 12: What Hackers Can Do and How You Can Thwart Them

Don't Forget Original Sin

Good and honest people tend to assume that all other people are equally good and honest. When such people plan systems of any kind, they often fail (as my friend Michael Covington puts it) to take 'Original Sin' into account. By this he means that inside all people is a touch of the scoundrel, some more than others. There are no angels here on Earth.

The Internet was originally designed by university people, who were basically good people working in a chummy environment of similar people. They valued openness and accessibility. They neglected to take into account the fact that as the Internet expanded to touch more and more lives, it would inevitably be subverted by people not as good and honest as the Internet's creators.

This is why we have such a problem with spam email. The Internet email protocols were crafted by people who never imagined that those protocols would be abused by scammers and pornographers and other human debris. The Internet email protocols don't have any place to put any means of verifying a sender's identity nor a message's authenticity. And now we're stuck with them (and scams, and spam, and porn) and may be for many years to come.

A certain carefully measured amount of suspicion is valuable in creating and using any security system. Insiders like employees have varying degrees of honesty and loyalty to the company. If you trust them without any way of gauging them, you leave a hole in your system. New employees may not warrant immediate trust with money or sensitive data. But even long-time employees can turn on an organization, and so the organization should spend a little time studying how its ways of working can be subverted by both insiders and outsiders. New systems should always be designed under the assumption that they will be subverted, with built-in measures to minimize such subversion, at least insofar as it can be anticipated. Not all subversion can be anticipated. Much of it can, and what can be anticipated should.

Of course, extremes of suspicion become paranoia and are counterproductive. Like a lot of things, it's a delicate balance. A little suspicion can work wonders. Original Sin remains in all of us.



Jeff Duntemann's Drive-By Wi-Fi Guide
Jeff Duntemanns Drive-By Wi-Fi Guide
ISBN: 1932111743
EAN: 2147483647
Year: 2005
Pages: 181

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net