Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spaf's Crystal Ball: Network Security Predictions

Posted by ryuzaki0 on from the spaf-in-the-house dept.

remora writes "Eugene Spafford[?] (of CERIAS, and co-author of "Practical Unix Security") has written an article for Information Security Magazine with eight of his predictions for the coming years in network security. He touches on subjects such as "Spam will grow as a problem" (obviously), to the "Greater emphasis on international cooperation and communication. Some of the article is fairly predictable, but it is still interesting to hear from one of the more experienced security people out there."

8 of 93 comments (clear)

  1. Spam is more than a problem by Anonymous Coward · · Score: 5, Insightful

    it's ruining the whole concept of email. As soon as I set up an email address, boom, hundreds of spams. They find ways of sending it to you no matter what you do, unless you block all incoming email except from certain addresses, which defeats the point of email in the first place. How are we meant to give an email address to children when they're going to be bombarded with "See horny naked amatures live NOW!" half a dozon times per day.
    If someone was dumping 100 pornographic adverts into your house's mail box each day, or DOSing your website, they can at least get in trouble. But with spam, nothing really is done to stop them, and they just keep on doing it. Convictions are rare and don't disuade them any more than a parking ticket. It needs to be recognised that spam is doing a heck of a lot to undermine the evolution of the internet.

  2. Interesting point... by Ratface · · Score: 5, Insightful

    While most of "Spaf's" comments seem fairly self evident, I liked this point regarding add-on security products:

    "Expect to see several established products fail or be withdrawn because they are too invasive, have unfriendly interfaces, or are found to be considerably less effective than claimed."

    This kinda makes me think of the effect that ZoneAlarm have had on the personal firewall market for instance. 3 years ago, firewall technology was clunky and strictly for the network administrator. Nowadays anyone can have a simple to configure basic level of protection thanks to a product that broke the paradigm and set a new standard for ease of use. Of course, the really security consciuos out there still have their infinitely configurable command-line tools, but at the same time, my dad (for instance) can feel comfortable with a product that he can understand.

    --

    A little planning goes a long way...
  3. Fads and Flash by osullish · · Score: 5, Insightful
    I totally agree with the Author in terms of Consumers are always looking to new Technology, instead of making the existing technology more secure.

    Whats the Use in enabling data streaming over bluetooth when we can't safely sent files over LANS and existing technology

    Oh and I really think the advent of Wireless Networks and 3G Systems will open up a whole new Can of Worms in terms of security - We can Already intercept calls over GSM systems, now we're looking to send huge chunks of data via the same systems!

    Someone is gonna get burnt...

    --
    It's hard enough to remember my opinions, never mind the reasons for them..
  4. cooperation: 'out-share' hackers by UnderAttack · · Score: 5, Insightful

    I like the part about cooperation. Hackers do it for years successfully, while network administrators prefer to sit in their closets under tin-foil hats hoping to preotect themself with obscurity.


    Systems to share already exist. Just check the "Internet Storm Center" and DShield for a place to exchange logs and ideas.

    --
    ---- join dshield.org Distributed Intrusion Detec
  5. Re:Real Network Security by OrangeSpyderMan · · Score: 5, Funny

    Don't connect your computer to a phoneline/DSL/cable modem

    Oh please don't try and convince me that wireless is more secure! :-)

    --
    Try NetBSD... safe,straightforward,useful.
  6. Most important point by ifoxtrot · · Score: 5, Insightful
    I don't think that any of these predictions are particularly insightful, but the 8th is a good illustration of the root of the problem with security.

    Consumers and technologists will continue to be enamored with fads and flash rather than quality and safety. Wireless will continue to be deployed in sensitive locations despite the terrible vulnerabilities and risks. Furthermore, we'll see policymakers and technicians continue to place faith in technology to solve our problems instead of investing in sound management and trained personnel.

    The point being that security is frequently misunderstood, isn't sexy and doesn't appeal to the mass market. Possibly the only way to change this is for security to become a major feature of the products (a bit like microsoft is saying it's doing now) so that people will come to expect the security... Somewhat similar to the safety features in cars...

  7. Appliances? by Omkar · · Score: 5, Insightful

    "Consumers will embrace appliance-based computing as it becomes available."

    Spaf apparently believes that consumers aren't capable of dealing with real computers; he thinks dedicated apps and devices are the future.

    This reminds me of the NC vs. PC debate. PCs were supposedly too clunky, hard to use, and powerful for the average user; NCs were going to replace them. Eventually, PCs ate NCs.

    I believe that looking at this issue from a security point of view is somewhat misleading. As Spaf himself seems to realize, most domestic consumers are misinformed and apathetic about security. The average person will see a refrigerator, that for no good reason, can go online, rather than a secure online service. PCs will still be more versatile than appliances, and will continue to provide more value. Remember how the next big thing 10 years ago was the iCoffeeMaker?

    Domestic consumers won't use them. Corporate consumers won't use them. Who will adopt appliances?

    1. Re:Appliances? by Chanc_Gorkon · · Score: 5, Interesting

      Actually I kind of agree with him. I will tell ya why. Personally, when I am at home it's my time. I usually love unplugging for at least an hour if not the whole evening. Yeah I love technology and all, but why I want to is invariably, I always start to ask the question is it worth it when I start working on something. If it isn't, I push away and relaxe by watching a DVD. Now if I didn't have the hassle of normal day to day computer using, I would use it more. Case in point, my PDA is what I take with me on trips rather then a laptop. It works EVERYTIME and powers on in less then a second. People hate having to wait for the boot sequence and all of that. People want to work. Remember when the first home computers came out and they were real popular? Remember why? The reason it was was that they were instant on. No waiting for a disk to be read or any of that. On my Atari 800XL, when I wanted to write a paper for school, I would insert the cartridge for the word processor and turn it on. THAT'S IT! The software was available soon after (less then a second) I flipped the power switch. The only downside of the older ones was that saves took forever because you usually could not afford the disk drive so you were stuck with tape. My Atari 800XL cost LESS then the disk drive! We used a tape drive. There's no reason we can't have these type of computers and no reason to kill off the PC because of them. The PC could turn out to be a household server more then anything with everyone having a laptop style or pad style computer that could be used anywhere. When you were at home, the pad could periodically dump it's contents to the PC and when you leave you can make sure you have the files you really need with you. Appliance computers will happen eventually. Even us geeks will use them.

      --

      Gorkman