Social Network for RSA Fellows
Securing the future
Speaking at the RSA , author Mischa Gleeny highlighted key arguments and examples from his book 'Dark Market: Cyber thieves, cyber cops and you'. Highly entertaining and sobering - it's not often that the personalities and faces behind cybercrime are shown as human, not just money grabbing monsters.
The sheer scale and audacity of cyber crime, cyber warfare, and cyber industrial espionage has exploded over the past decades - and identifying and prosectuing the perpetrators is becoming harder and harder in spite of the digital trails they often leave behind.
The current situation is this - we're in an arms race, and the manufacturers of the 'weapons' we face - malware, virus, skimmers etc. have the same or better access to development resources and mental muscle as the law enforcers. Above all, a hacker is a hacker is a hacker - and white hat and black hat can depend on your viewpoint.
Protecting the public from cybercrime is mostly a matter of education in digital and information hygiene - and that applies to corporations and governments too.
I do wonder whether the wider adoption of open source technologies - as seen in the Russian Federation and internally in Microsoft might not go a long way to protecting states and corporations too. Let me explain how.
The open source development model requires self assembling teams to join together online and contribute code for addition to a common 'core'. Though any person who is skilled enough may add code, and without their identity being confirmed, contributions will only be 'committed' to the core once they have passed scrutiny - on technical, aesthetic, performance and security grounds.
Hiding a trojan in open source code would be like trying to smuggle an elephant into a stadium - you could do it, but you'd need a lot of people to conspire in order to even attempt it - and unless they were a complete newbie to the game, the fans would see that something very odd was going down.
It is of course possible for malicious code to be spread through *any* file - but downloading of recognised 'stacks' of open source software from major distributors such as Ubuntu, Red Hat and others should give a clear margin of safety, and contributed plug ins and add ons can be fully scrutinised before being installed - beacuse the code is truly open.
Tellingly enough, on coming down to the RSA library to write this post - I found this PC with browser windows open and logged into another person's Hotmail account. It's such a good job I'm honest..
The sheer scale and audacity of cyber crime, cyber warfare, and cyber industrial espionage has exploded over the past decades - and identifying and prosectuing the perpetrators is becoming harder and harder in spite of the digital trails they often leave behind.
The current situation is this - we're in an arms race, and the manufacturers of the 'weapons' we face - malware, virus, skimmers etc. have the same or better access to development resources and mental muscle as the law enforcers. Above all, a hacker is a hacker is a hacker - and white hat and black hat can depend on your viewpoint.
Protecting the public from cybercrime is mostly a matter of education in digital and information hygiene - and that applies to corporations and governments too.
I do wonder whether the wider adoption of open source technologies - as seen in the Russian Federation and internally in Microsoft might not go a long way to protecting states and corporations too. Let me explain how.
The open source development model requires self assembling teams to join together online and contribute code for addition to a common 'core'. Though any person who is skilled enough may add code, and without their identity being confirmed, contributions will only be 'committed' to the core once they have passed scrutiny - on technical, aesthetic, performance and security grounds.
Hiding a trojan in open source code would be like trying to smuggle an elephant into a stadium - you could do it, but you'd need a lot of people to conspire in order to even attempt it - and unless they were a complete newbie to the game, the fans would see that something very odd was going down.
It is of course possible for malicious code to be spread through *any* file - but downloading of recognised 'stacks' of open source software from major distributors such as Ubuntu, Red Hat and others should give a clear margin of safety, and contributed plug ins and add ons can be fully scrutinised before being installed - beacuse the code is truly open.
Tellingly enough, on coming down to the RSA library to write this post - I found this PC with browser windows open and logged into another person's Hotmail account. It's such a good job I'm honest..
Add a Comment
Review of RSA Fellowship nings, social networks
Over the next few months the RSAde Group will be consolidating regional social networks and nings.
The aim will be to improve connectivity for Fellows, improve communication and reduce fragmentation.
If you would like further information on these changes please contact the RSAde team via the Digital Engagement group on this network.
RSA Vision
About the RSA
RSA Events
The Power of Vulnerability
Influential author and speaker Dr Brené Brown tackles the myth that vulnerability is a weakness. Instead, she argues, it is the clearest path to courage and meaningful connection, and has the power to transform the way we engage and educate.Leading Change
With many of us facing an ever greater pace of change in our personal and working lives, leadership adviser and educator Richard Gerver reveals how to adapt and thrive - not to fear change but to see it as an opportunity for creative reinventionFrom the digital divide to inclusive innovation: the case of digital money
To mark the launch of a new RSA pamphlet, we bring together an expert panel to discuss the growing use of digital money worldwide, highlight its potential and consider the issues that will facilitate or hamper its reach.Notes
Guide to RSA online communities
Created by Matthew Kálmán Mezey Dec 6, 2011 at 11:03am. Last updated by Matthew Kálmán Mezey Jun 22, 2012.
Apply for Fellowship today!
Created by Gurmeet Singh Feb 24, 2012 at 2:07pm. Last updated by Gurmeet Singh Feb 24, 2012.
Other social media guides
Created by Matthew Kálmán Mezey Nov 19, 2011 at 9:23pm. Last updated by Matthew Kálmán Mezey Dec 6, 2011.
© 2013 Created by RSA Networks.
You need to be a member of RSA Fellowship Social Network to add comments!
Join RSA Fellowship Social Network