The Problem of Security Tools and Advisories Essay -- Internet Securit

The Problem of Security Tools and AdvisoriesIntroductionWhether the intent be malicious or that curiosity, people will always try to circumvent barriers. Physical locks have bread lock picks, and so digital barriers have bread hackers. In the revolutionary ethereal world of the wired, this common problem has developed a new dimension. Whereas physical security measures for business, banks, and the like is at a more sophisticated direct than for home users, the digital security is similar at just about any level. And, because everyone is connected, and its difficult to know what is behind a given IP address, everyone is a target.Clearly there is a problem, and something needs to be done to make sure the bad guys cant get into critical systems. The obvious fix is to write higher-ranking software. Unfortunately powerful software is extremely complicated, and even the most valiant efforts to build impenetrable system such as OpenBSD, have fallen short1, and postulate post release pa tches. Given that holes are inevitable, the next line of defense is for the good guys to break systems faster than the bad guys, and alert the proper people to capture and release patches as fast as possible. Unfortunately, if the details of the exploit are made known, it makes it that much easier for less skilled malicious parties to take advantage of unpatched systems, and in this lies the problem with the solution.Personal InspirationExploration of this problem is of particular interest to me, as it relates to my current work. The current biggest source of tech support calls at SCU is viruses. Unfortunately, in that group, the largest virus attacks have been though E-Mails that the users must open in order to get infected, which could have ... ...rnegie Mellon University, 2003. <http//www.cert.org/meet_cert/meetcertcc.html Online NewsHour L0pht on Hackers, PBS, 1998. <http//www.pbs.org/newshour/bb/cyberspace/jan-june98/l0pht_hackers.html Martin, Kelly, Delivering the 12kb Bomb, SecurityFocus/The Register, 2004. <http//www.theregister.co.uk/content/55/36345.html point of accumulation on exclusive rights reverse engineering, U.S. Code Title 17 Section 906, 2002. <http//caselaw.lp.findlaw.com/casecode/uscodes/17/chapters/9/sections/section_906.html Reverse engineering IEEE, June 2003 <http//www.ieeeusa.org/forum/POSITIONS/reverse.html Mishra, Rohan Reverse Engineering in Japan and the Global Trend Towards Interoperability, Murdoch University Electronic Journal of Law , 1997. Volume 4, Number 2 <http//www.murdoch.edu.au/elaw/issues/v4n2/mishra42.html52n