maverickmonster
Programmer
Where do people see the future of computer security going in the next five years ?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Future of security 1
- Thread starter maverickmonster
- Start date
- Status
Where do people see the future of computer security going in the next five years ?
![[lol]](/data/assets/smilies/lol.gif "[lol] [lol]")
That depends.
If you are using Microsoft, then security will not be much improved. Windows is too popular to be left alone by hackers. (Also your own MS based applications will suffer. MS has a unique way of dealing with security breaches: it disables previously implemented functions without warning.)
If you opt for a relatively obscure OS, you will be relatively safe.
When you put a computer online, I don't believe there is a totally secure OS out there. That's because opening up your computer to the outside world, also means reducing it's security.
Dimandja
If you are using Microsoft, then security will not be much improved. Windows is too popular to be left alone by hackers. (Also your own MS based applications will suffer. MS has a unique way of dealing with security breaches: it disables previously implemented functions without warning.)
If you opt for a relatively obscure OS, you will be relatively safe.
When you put a computer online, I don't believe there is a totally secure OS out there. That's because opening up your computer to the outside world, also means reducing it's security.
Dimandja
Microsoft is to heavily lock down some of the browser functionality in the forthcoming Windows XP Service pack 2, due later this or early next month in release form, let alone talking about 5 years time.Dimandja said:
Other than that, I think it will be more of the same - more viruses using security exploits, which get cured by patches or service service packs which introduce more exploits, thus causing a catch 22 situation for those involved in IT security.
John
I think there will always be exploits out there. They fix the ones they find out about, but that causes the hackers to become innovative in the way they attack.
And as long as there are people running computers without security training (meaning vast majority of users) there will always be systems that are not optimized for security.
And as long as there are people running computers without security training (meaning vast majority of users) there will always be systems that are not optimized for security.
-
1
- #6
I personally think that computer security is like running in a never-ending race. There is no such things as 100% secure (not even 90% secure). Technology keeps on changing, and things that are unbreakable today will be a child's toy tomorrow.
I understand that people tend to associate Microsoft with flawed products, etc. However, from a programmer's point of view, what Microsoft does is quite an engineering feat. Any software (be it unix or linux) is vulnerable to exploits and bugs. The difference between the Windows users and Unix users is that Unix users tend to be more knowledgeable about their system, and thus are able to contain and recover from most break-ins and exploits.
I would rather look at security problems as technology innovation in its own way. People may not like it when somebody breaks into their systems, but the discovery of such exploits helps improve the existing software. Thus, innovation and improvement result.
Five years into the future, I would say that security problems will still persist, but the technology we have in the future will definitely be more robust than the one we have today. Thanks to those who brought into attention the bugs and the exploits.
I understand that people tend to associate Microsoft with flawed products, etc. However, from a programmer's point of view, what Microsoft does is quite an engineering feat. Any software (be it unix or linux) is vulnerable to exploits and bugs. The difference between the Windows users and Unix users is that Unix users tend to be more knowledgeable about their system, and thus are able to contain and recover from most break-ins and exploits.
I would rather look at security problems as technology innovation in its own way. People may not like it when somebody breaks into their systems, but the discovery of such exploits helps improve the existing software. Thus, innovation and improvement result.
Five years into the future, I would say that security problems will still persist, but the technology we have in the future will definitely be more robust than the one we have today. Thanks to those who brought into attention the bugs and the exploits.
GlenJohnson
MIS
Keep up with it now, it's where the money is, no matter which side of the law you are on. (Luckily, I choose to be on the right side of the law, and I hope you do to.) My 2 cents.
Glen A. Johnson
If you're from Northern Illinois/Southern Wisconsin feel free to join the Tek-Tips in Chicago, Illinois Forum.
TTinChicago
Johnson Computers
Glen A. Johnson
If you're from Northern Illinois/Southern Wisconsin feel free to join the Tek-Tips in Chicago, Illinois Forum.
TTinChicago
Johnson Computers
I'll talk Microsoft here (I do not have enough experience to talk about other operating systems).
Assuming you have a well configured network you should be fairly safe from hackers, with the recent worms/threats however I would imagine (or hope?) that MS are going to put more thought and effort into securing their systems.
User education is probably the key, but with the scene moving so quickly it is unreasonable to expect non-I.T people to be up to date.
Russell.
Assuming you have a well configured network you should be fairly safe from hackers, with the recent worms/threats however I would imagine (or hope?) that MS are going to put more thought and effort into securing their systems.
User education is probably the key, but with the scene moving so quickly it is unreasonable to expect non-I.T people to be up to date.
Russell.
robbieguy2003
ISP
Xtra Pants Service Pack 2 will certainly sort a lot of the security problems faced with windows (firewalled by default, ports locked down etc) but exploits will still be found.
Until companys deploying computers, servers and networks networks take security seriously enough to put some time and money there problems will still occur.
I think it will take more than a few patches from MS to sort security out.
Servers live with the rule - What goes up must come down
Until companys deploying computers, servers and networks networks take security seriously enough to put some time and money there problems will still occur.
I think it will take more than a few patches from MS to sort security out.
Servers live with the rule - What goes up must come down
- Thread starter
- #10
maverickmonster
Programmer
What do you think about Biometrics and the like for future security ?
Maverickmonster
The fingerprint sensor aspect of biometrics was defeated a long time ago:
Not sure about iris recognition or other possible methods, but personally I'd not like to need a blood test or have a swab taken from my cheek to login to my PC.
John
The fingerprint sensor aspect of biometrics was defeated a long time ago:
Not sure about iris recognition or other possible methods, but personally I'd not like to need a blood test or have a swab taken from my cheek to login to my PC.
John
CajunCenturion
Programmer
I think biometrics will take on a larger role in identification systems in the future. There are lots of non-invasive techniques being used and under development. Among then are Fingerprints, Retina and/or Iris scanning, Hand Geometry, Facial Geometry and others.
Good Luck
--------------
To get the most from your Tek-Tips experience, please read FAQ181-2886
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein
Good Luck
--------------
To get the most from your Tek-Tips experience, please read FAQ181-2886
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein
The trouble with any biometric measurement is that while it can't be easily lost or misplaced, if a way around it, such as the technique for defeating fingerprint sensors, is found, changing it becomes very difficult.
For example, I can't easily change my fingerprint, retina pattern or face shape, but changing a password is easy, because it is not tied to my physical characteristics.
This, I can see, will be the biggest problem with any biometric authentication system.
John
For example, I can't easily change my fingerprint, retina pattern or face shape, but changing a password is easy, because it is not tied to my physical characteristics.
This, I can see, will be the biggest problem with any biometric authentication system.
John
CajunCenturion
Programmer
That's a good point jrbarnett, but what if you use the biometric result as your ID, and then you enter your password.
Good Luck
--------------
To get the most from your Tek-Tips experience, please read FAQ181-2886
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein
Good Luck
--------------
To get the most from your Tek-Tips experience, please read FAQ181-2886
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein
That's a very good point jrbarnett, especially when some people have had great success in fooling fingerprint readers.
I imagine that the devices have advanced since this occurred and that retina readers are harder to fool. As security technology advances though, surely so must technology designed to thwart it.
I imagine that the devices have advanced since this occurred and that retina readers are harder to fool. As security technology advances though, surely so must technology designed to thwart it.
Another thing to consider about biometric measures is that the body can change. For instance, if I scan my left hand and enter a password to login, then what happens when I'm in a car accident and my left hand is broken, in a cast, or no longer attached? Other measures, such as retina scans, are less prone to this type of change, but the possibility still exists.
Biometrics were a good idea until people demonstrated that it could be easily fooled.
As for using biometrics results as ID, there are cheaper methods already in use. SecureID is one example. You have an ID and a partial - easy to remember - password. SecureID provides you the next (rest of the) password to enter - you have seconds to use it or your logon thus far becomes invalid, as it changes continuously.
Because biometrics are too easy to fool - the ID is known (face, fingerprint, eye, ...) - creating an 'random' ID from the top of your head is a lot more secure.
Dimandja
As for using biometrics results as ID, there are cheaper methods already in use. SecureID is one example. You have an ID and a partial - easy to remember - password. SecureID provides you the next (rest of the) password to enter - you have seconds to use it or your logon thus far becomes invalid, as it changes continuously.
Because biometrics are too easy to fool - the ID is known (face, fingerprint, eye, ...) - creating an 'random' ID from the top of your head is a lot more secure.
Dimandja
Yes, the thief would still need to know the ID and the partial password.
As for using brute force on SecureID, it's pretty much a losing proposition. SecureID will give you the rest of the password only after you have partially and successfully logged on. Too many many attempts at logging on pretty much shutsdown your ID.
Contrast that with an ID consisting of your fingerprint. As soon as the hacker lifts your fingerprint and fashions a thumb out of it, they are pretty much logged in without even touching the computer.
Dimandja
As for using brute force on SecureID, it's pretty much a losing proposition. SecureID will give you the rest of the password only after you have partially and successfully logged on. Too many many attempts at logging on pretty much shutsdown your ID.
Contrast that with an ID consisting of your fingerprint. As soon as the hacker lifts your fingerprint and fashions a thumb out of it, they are pretty much logged in without even touching the computer.
Dimandja
CajunCenturion
Programmer
Unless you require both a fingerprint ID and a password.
Good Luck
--------------
To get the most from your Tek-Tips experience, please read FAQ181-2886
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein
Good Luck
--------------
To get the most from your Tek-Tips experience, please read FAQ181-2886
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein
- Status
