|By Navot Peled||
|August 18, 2009 07:30 AM EDT||
The repeated Twitter hacking exposes the complex and serious security issue on the web. Unfortunately for Twitter (Google Apps, Facebook, and others), the problems have unfolded in a public arena, forcing them respond quickly to calm users and resulting in a short term solution (that clearly has not been working!). What is unknown to many internet users is that the problem doesn't end with Twitter's band aid approach, nor is the intrusion limited to internet sites. The security issues don't start here - they start with the platforms and applications that don't enable software to be developed with the proper security. Fortunately for the software developers but unfortunately for the public, the greater problem has stayed out of the headlines of mainstream media outlets.
It's time to end the "if it ain't broke, don't fix it" attitude. It is broken, even if the public doesn't understand that! Any software technology that will be used by businesses or individuals, as well as by governments or militaries, must have proper security. The recent media attention about the Twitter hacking has generated a panic which is important because it will force the technological industry to start upholding the security standards that should have been in place long ago.
Everyone enjoyed the internet more when we weren't aware that we were being exposed and that our personal information was being compromised. But now that we have a real problem, let's talk about a real solution. There are 2 main issues that need to be addressed, and they both involve the dissemination of information.
First, internet users need to understand that they are vulnerable on the web; just because someone may be sitting in his or her own home doesn't mean that they are not on public display. It's like a one way mirror. You could dance around naked without realizing that a room full of people is watching you from the other side. Once you know it is a one way mirror, you may still choose to dance, but at least knowing you have an audience will allow you to make an informed decision about your behavior.
If the public chooses to use the same password on every site, use unsecure cloud applications, or visit sites that demand cookies, that is a chance they are taking, but at least they now know the potential threats and dangers, so that they could make an educated choice about their computer activities.
The second main issue is the responsibility of educating the public that there are secure technological options and they should utilize the applications and sites which hold by the highest standards. The public believes that technology is weak and penetrable because there is no alternative; unfortunately that is not true. Developers around the world are working around the clock to develop programs and applications that are fully secure, and they have been successful. Unfortunately, their success has been limited by companies like Twitter who simply refuse to use platforms that are adequately secure and which give a bad name to all developers. These irresponsible companies compromise on security at the expense of the public.
When there are physical dangers, we work to increase protection. Whether it is safe sex, safe driving, or safe health practices, the effort comes from both the top and the bottom - the public demands it, the government supports it, and industries comply. It's time for technology to have the same practices that other aspects of our lives do. Twitter has done a disservice for all of us by having low standards, while the hackers have done a great service is bringing the problems - and the solutions - to the public eye. Let's start rebuilding confidence in technology again.
|loresayer 08/17/09 06:45:53 PM EDT|
Kind of harsh on Twitter, aren't you? If some Russian hackers direct their bot-nets across the world in a DoS attack on your Web application, as they did against this one Georgian Twitter user, would any of us be able to withstand a torrent of requests from all over the Earth, from billions of PCs?
Twitter is built on simplicity, delivering 140 character messages, LOTS of them, to millions of users. So, it's not hardened like an army tank nor is that necessarily the right architecture for it to have.
- The Top 150 Players in Cloud Computing
- Cloud Computing Expo 2009 West: Call for Papers Now Closed
- Ulitzer Names the World's 30 Most Influential Cloud Computing Bloggers
- Cloud Expo 2011 East To Attract 10,000 Delegates and 200 Exhibitors
- Cloud Expo New York to Attract More Than 8,000 Delegates
- Cloud Expo, Inc. Announces Cloud Expo 2011 New York Venue
- Cloud Expo and The End of Tech Recession
- Adaptivity “Platinum Plus Sponsor” of Cloud Expo
- Unisys Named “Platinum Sponsor” of Cloud Computing Expo
- The Secret Behind The Incredible Growth of Cloud Expo