Which hat are you?
by Michael Korolew - IT Security Engineer - Gridlocked Networks
It was inevitable that the hacking scene be split into new sub categories with new terminology to represent the mentality of the world's brightest hackers. A decade ago it was a lot easier to understand what a hacker was and could do. Now we have millions of people using computers each day for email, e-commerce, banking, business, socialising, etc. It's clear cyberspace has become a mirror of reality with more and more people getting online every day. The internet follows the same patterns as the universal guiding pattern of birth, a system rises, transforms itself and the world. Birth, change, death, rebirth, but on the net it's beta, version 1, obsolete, prototype.

And on and on it goes bringing new, hardier, more efficient systems and programs. So what's this got to do with security? Everything, security is a myth, just as in real life security is a myth. It's told we will have security if we follow responsibilities and be good law abiding people, we will be given security if we keep loyal to our government and laws from the system. Security in real life is given at a price to us, which is programmed and sold into us. Others tell us we have security. Security on the net is similar with some respect. You go to a security company, purchase a firewall or have a marketer speak to your IT department and make you feel that now you have security, but you don't because the firewall is installed and not setup correctly, also you still have left other doorways open. 75% of all attacks occur despite having a firewall in place. How are are people getting through these seemingly impenetrable devices? Web hacking, It's the next generation of hacking kungfu, people now are focusing more and more on bugs in e-commerce technology. The open youth will always rebel, always. When they rebel generation after generation they learn more and more about the systems than some of the rulers that think they have control of them. Security is a myth, it's sold to us in real life at a price, it's sold to us to program security and safety into our minds, but every day you have an affinity of possibilities which can leave you with no security.

That's reality. How though can you feel a sense of well being and security on the net? Nobody is telling you that you are protected or have insurance, you can't see what other humans are doing behind their computers, you can't see where all the information is going. This leaves people feeling intimidated without security understanding or knowledgeable computer skills, that's the majority of the net. Your in control of systems, you have a web server, mail server, whole complex array of servers, mainframe systems, wide-area network links, etc. Everything is online. How can you feel safe and secure from others penetrating your network and safe with your browsing and employees browsing and shopping?" Get a firewall, get two!, which should do it!" That's the attitude of the majority, that's the reason why security is still breaking down. You can't have security when people every day every month are going to be trying to break into your computers, just the same as your real life security. If every month 30 people are trying to break into your store front or home, someone's going to break in eventually. Many people need to understand the Internet still, it's not always a persons fault to be lured into buying a product to find out it's useless, and they have still been hacked.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th