BBC NEWS | Technology | Taking computer insecurity seriously
(on the effects of the Latest Windows flaw, that can cause jpg image files to execute arbitrary code under the users context, and on the wider implications of security management in the user community)
Bill Thomson latest column on the BBC news site, once again, parrallels my own thought on the matter. The exerpt below certainly caught my attention.
“We need to do something about this, if only for selfish reasons.
For while we shouldn’t exempt the computing industry from its share of blame, it is clear that everyone with an Internet-connected computer has a general responsibility to the network as a whole.
Just as we advocate vaccination against major diseases so that communities develop what is called “herd immunity”, so we need to reduce the number of vulnerable machines to the point where viruses and worms do not spread.
Public education doesn’t seem to be working, so perhaps the solution lies in sanctions.
At the moment those who fail to update their systems or protect them from viruses can still get online and use internet services. We could, however, make life a lot harder for these anti-social types. “
While I agree in principle with Bill on this, the reality however, is that the vast majority of home computer users would fall under, what he calls, the “anti-social types”. And then you face the problem of consumer rights. Right now, even most of the IT industry doesn’t take patch management and security seriously. I come across this time and time again when working for customers.
One must remember that it still a relativly small and hardcore group of technologists, that I count myself amung, that are preaching the word on in-depth security.
If you cant even get the majority of the IT industry to support security initiatives, then what hope is there of convincing the rest of the users community that so-called ‘sanctions’ are justified, in order to force them into a certain, probably unwanted, behavior pattern.
Even if internet-invested companies banded together to enforce a minimum level of security for internet users, (and they probably wouldn’t dare to enfore such a thing, out of fear of loosing customers), then the uproar in the consumer-rights community would be enormous! Just as I suspect it will be, when Digital Rights Management (DRM) initiatives become more mainstream and more people start to really be affected by the limitations they will start to face.