Sunday, May 9, 2021

Stating what I would have thought was the obvious

I would have thought the following three points were obvious by now to everyone:

1.      Anything connected to the public internet or transported over the public internet is potentially available to anyone in the world. This is true no matter how many supposed security features are involved, as is demonstrated almost every day.

2.      Any data stored on devices connected to the public internet might as well be published in the New York Times. Again, this is true no matter how many supposed security features are involved, as is demonstrated almost every day.

3.      Any device controlled over the public internet is potentially controllable by anyone else in the world. And again, this is true no matter how many supposed security features are involved, as is demonstrated almost every day.

Why corporations and government continue to store their most sensitive data on internet-connected devices, and why governments and corporation continue to control critical devices over the public internet is beyond me. Yes, it is more convenient and less expensive than building a separate non-public communication network, but I would have thought by now it would be obvious that the public internet is simply not secure, no matter what “experts” claim. Indeed, in several recent cases the very software/devices that are supposed to provide internet security were themselves hacked. And as people like Edward Snowden have demonstrated, every USB port is a potential doorway to the most sensitive data.

I was once taught to assume that anything I wrote down might someday appear in the New York Times, and so to be careful what I wrote down. It is clear that the same thinking applies to the public internet – anything put on the internet may well appear eventually in the New York Times and perhaps in Russian or Chinese factories as well. This is true whether it is just a private email or the detailed plans for our latest fighter plane (both of which have been stolen over the internet in recent times).

This point is so obvious. Why then do we still get almost daily stories of corporation and government systems and devices being hacked?

Posted by at