I expect to see greater use of encryption and digital signing of email and documents. The GNU Privacy guard is a wonderful tool for this and is compatible with PGP. GPG or PGP is supported in most Linux mail user agents. Whether one is sending or storing a love letter or a trade secret, encryption keeps it secret. Even if someone breaks into someone's system or steals its disk, without the keys, encrypted information remains secret for all time. Hopefully, encrypted file systems will become popular on laptop computers since these are stolen so frequently.

We may see a major Cyberterrorism event in 2003, causing major loss of Internet connectivity. Even those in countries not directly involved may suffer from backbones in the United States and elsewhere being "taken out", causing their systems or their customers' systems being "knocked off the web". With an anticipated 23 million homes in the U.S. alone expected to have broadband in 2003, the potential for massive Distributed Denial of Service (DDoS) attacks is huge. With so many of these being unprotected Windows systems, this DDoS will be easy to do.

Sadly, the U.S. Government's draft Cybersecurity proposal can most kindly be described as naive and ineffective. Its reliance on voluntary good practices, if it was the basis for criminal law, would be called anarchism. An excellent opportunity to make organizations and individuals and ISPs responsible for their problems was lost. Sheesh. The penalties for not stopping one's dog from barking are more severe in most jurisdictions.


The growth of wireless networks will continue. With current wireless technology lacking decent security, many networks will be compromised. While many organizations do have a firewall, they fail to harden systems behind them. Thus, a single weak point such as a wireless component will allow many systems to be compromised. I advised the use of firewalls between different parts of large companies to limit the spread of a compromise in the first edition of "Real World Linux Security" back in 2000. Unfortunately, many organizations fail to do this.

I predict a major Linux virus in 2003, perhaps through Netscape via email or through Instant Messaging. A vulnerability in Java or the RealAudio or RealVideo player could be a vector for the spread of a virus. If Microsoft starts offering products for Linux in 2003, as far as security is concerned, good luck.

A blended attack is a distinct possibility. This might be a large truck bomb taking out a large building at the same time an Internet attack takes out "911" emergency switchboards and the city's traffic light system. This would prevent rescue workers from helping the victims and increase the terror.