Why isn't everyone hacked every day?
Posted in: Legal, Privacy & Security at 15/11/2011 19:09
Trouble befalls only a fraction of all who ply the Internet. Why is that? Michael Kassner explores the answer with a security researcher.
From my bully pulpit, I have boldly proclaimed: Like a chain, IT security is no stronger than its weakest link.
I may have to amend that decree.
Why? I just read, "Where Do All the Attacks Go?", a paper written by friend and Microsoft Principal Researcher, Cormac Herley, along with Dinei Florencio, also a Microsoft Researcher. The paper's introduction offers this hint:
"Internet security has a puzzling fact at its core. If security is only as strong as the weakest link; then all who choose weak passwords, reuse credentials across accounts, fail to heed security warnings or neglect patches and updates, should be hacked -- regularly and repeatedly.Clearly this fails to happen."
Alrighty then. It's obvious: I have some catching up to do. Here's what Cormac had to say.