Internet Security, Whats Next?

The future of Internet Security.

Currently if your hooked to the internet then your

not secure.

Actually if your not hooked to the internet your

not safe as stuxnet has shown.

That would seem to indicate the problem

isn't the Internet but your PC.

Building bigger fire walls may not be the solution.

Security Suites just don't do it.

Its like they secure the first floor doors,

but not the windows or the second story.

The Indian Defence Research and Development Organisation

is developing a proprietary operating system to protect its
sensitive data from cyber attacks and hackers, according
to Indo-Asian News Service.

“Though it will be a real-time system with Windows software, source code and architecture will be proprietary, giving us the exclusivity of owning a system unknown to foreign elements and protect our security system,” Saraswat was quoted as saying by IANS.

The new operating system will be designed to decrease the organization’s vulnerability and susceptibility to cyber attacks. It will also be used to protect the defense systems for computing in research areas such as molecular computing and bio-molecular computing.

Saraswat said 50 scientists from various defense labs in Bangalore and New Delhi have been pooled to work on the project, as well as firms from the private sector.

SOURCE:

Thats what happens when Stuxnet invades your nuclear reactors.

No damage, India just doesn't like someone looking over their

shoulder when doing secret things.

And its capabilities are not fully known.

Bin Laden's legacy for the world won't be terrorism, it will

be his caused the end of privacy. Thank you Binny.

OBL killed privacy.

You can't fight secret terrorist without the ability to

invade anyones privacy at will, at least thats the current

paradigm. Stuxnet, FISA, and the FBI letters allow spying

at will, with very little of no over sight.

The "NO oversight " will become problematic, as all the

technological spying capabilities filter down to the Police

to even the local levels, that paradigm speaks to a Police

State some time in the future.

Micro Soft side steps the issue, married to their

Micro Soft ignores problem.

windows OS software and failed security paradigm.

They will not update security on illegal systems, no

patches for you. Either everyone can be safe or no one

is safe. Currently the unpatched windows OS are the 

heartland of the Bots.

But they have proposed a WHO, World Health Org,

for the Internet. 

When your sick PC connects to the Internet and starts distributing malicious spam andpropagating worms and viruses to other vulnerable systems, it impacts all who share the Internet. Microsoft's Scott Charney proposes a novel approach to addressing that issue, suggesting that we treat infected devices as we do infected people
Many organizations have already adopted some form of network access protection (NAP). NAP solutions analyze the security configuration and posture of a given system before allowing it to connect to network resources. 

If the user account password is too simple, or the personal firewall is disabled, or the antimalware software is not up to date, the device is redirected to a safe site that explains the baseline security requirements and provides links to get the computer compliant, or simply bans the computer from connecting.

Your security program/suite is CRAP

Of course they are ignoring that even if you do have firewalls, antimalware, patched, good passwords: your

still not safe. Its smoke and mirrors.

Internet Anthropologist Think Tank: Anti-Virus firms engaged in Fraud

SOURCE:

And the Feds are taking a different tact.

Lynn previewed the Defense Department’s cyber strategy, expected to be finalized by the end of the year. The strategy has several elements, 

including a defense in depth, with three layers: 

first, follow commercial best practices on security; 

second, deploy sensors, which map and detect intrusions; and, 

third, conduct “active defense.” 

Excellent analysis of Cyber threat

Lynn describes active defense as a system that automatically deploys defenses in real time based on intelligence warnings. According to Lynn, “part sensor, part sentry, part sharpshooter, these active defense systems represent a fundamental shift in the U.S. approach to network defense.” This reference to “sharpshooters” raises questions, for it implies a more active role for the Defense Department.

SOURCE:

This paradigm is mostly reactive, after the breach.

And alone will not protect even DOD networks.

US building a Cyber Maginot Line.

India's approach is the most sound, the problem is

the operating system, and Micro Soft has chosen to

ignore this, and their error of failing to act will cause

them market share and market dominance.

As sure as Walmart over took and buried Sears.

If MS won't produce a secure OS somebody else

will.

MS focus still is on usability, multiple functionality

not security. The net may even have to take a  step

back, with less functional OS to achieve that security.

Maybe no Movies or Music, to close some of those

back doors. How many exploits against MS OS have 

there been, hundreds, Thousands?

There is a huge market for a secure OS, world wide

demand. An OS focused on Security not functionality.

If Micro Soft won't give us one somebody else will.

A secure OS is a doubled sided sword for Intelligence

agencys. A non secure OS makes it easier for them to

obtain Intelligence but on their other hand it makes them

vulnerable also.

And as we have seen the Intelligence agencys prefer

collecting intel to security, as the insurgent web sites

are still up and running.

So don't expect any help from NSA as a secure OS

will limit their mission.

In the mean time the world awaits a secure OS,

hopefully before a cyber Armageddon.

Gerald

Internet Anthropologist

.