Back in 1998, a hacker group named L0pht, disclosed to a panel of United States lawmakers, the impending disaster that would eventually rock the internet world. Their disclosure was that computers were not secure.
They foretold this based on the vulnerabilities and bugs they had found out in carrying out several tests on IT equipment. This disclosure was further enhanced by their point that IT products were not been hardened with enough security to ensure that end users utilize these pro
ducts without having to concern themselves with “so much” security.
However, the case we have nowadays is that end users have been handed the task of ensuring the security of the products they buy from IT vendors.
The question which now is asked is “Who should be responsible for Security?”
Should security lie in the hands of end users who buy these products or vendors who make and sell these products at very expensive rates (including open source)? This is a question which has not gotten a universally accepted reply. If I need to buy a product – be it software or hardware – at a very dear rate, why then should I bother myself with ensuring that it is not hacked? Why should I pay so much and end up with sleepless nights because I do not want my product to be hacked.
This was the warning L0pht was intimating the world about, but it was disregarded, hence the several news about hacking. Consequently, Bill Gates, in his May 26, 1995 memo to his Microsoft staff had clearly foretold of an interconnected world, no wonder he titled his memo “The Internet Tidal Wave”.
Looking at the warning L0pht gave, Microsoft seems to be one of the major channels through which this warning came to fruition. In May 2000, the ILOVEYOU bug gained recognition by exploiting a feature in Microsoft Outlook. This was followed by the PIKACHU, ANNA KOURNIKOVA and NIMDA bugs.
Should we therefore conclude that the world is paying for not heeding the timely warning?
Furthermore, the interconnections of devices today have made communication and other aspects of life easier. This does not however take away the fact that hackers are still on the prowl.
To this effect, companies have come up with Bug Bounties for bugs to be found and fixed before they are disclosed to the public.
The rave of the moment is the Internet of Things, where gadgets now connect to the internet. Sincerely, I cannot understand why my refrigerator must be connected to the internet and end up giving me challenges.
According to a Computer Scientist at the University of California, Santa Barbara, hackers are like water, whom after putting a plug in place, they find another crack.
The essence therefore is for everybody to imbibe a security consciousness.
If I purchase an IT product at an expensive price, why must I break my sleep for its security?