Web 2.0: Internet Too Dangerous For Normal People - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity
News
4/1/2009
05:37 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Web 2.0: Internet Too Dangerous For Normal People

After decades of computer security work, one researcher questions current Internet safety procedures and the vendors assigned to protect the average user.

The computer security industry has failed computer users, and the Internet has become so unsafe that average users can't protect themselves.

That was the message delivered by Alex Stamos, co-founder and partner at software security company ISEC Partners, at the Web 2.0 Expo on Wednesday morning.

"The Internet cannot be safely used by normal people," he said. "Most people are not prepared to make the technical decisions necessary to safely use the Internet."

Given the date, April 1, and the unwarranted Conficker hysteria, Stamos' dire assessment of the state of online computer security begs to dismissed as a joke, particularly in light of the presentation's subtitle, "Dark Musings From A Professional Paranoid."

Everyone in the security industry, after all, has a vested interest in convincing the world that the sky is falling; it's what moves people to invest in the security umbrella.

Yet, Stamos hadn't come to praise the security industry but to bury it, or at least give it a slap upside the head.

"The security industry is failing you," he said, adding that the industry "needs to look at itself and its motivations."

After decades of computer security work, he said, things are worse than they were. Finding bugs and publicizing them is not making people safer. At the same time, security researchers who try to help the community by developing a free static code analyzer for open source code are not rewarded. And every solution gets turned into an overpriced, marketing-driven $500,000 product.

He questioned whether computer security coders deserved to be called engineers. "No other engineering profession would allow for the number of failures that we have," he said. He suggested the vaguely derisive term "security artists."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
News
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Commentary
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Slideshows
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Slideshows
Flash Poll