Forget The Economy, Security Vendor Says Cybercrime Is The Real Threat
from the that's-not-my-job-man dept
You might have noticed that the economy is in the tank. Something about this "credit crunch" and "recession" and whatnot. But the amount of attention governments around the world are paying to these issues is giving cybercrime a foothold, according to a new study from a -- yep, you guessed it -- security vendor. This is the same vendor that's been saying the government needs to create new laws to combat cybercrime for at least a year. While their consistency is notable, their implication that the government is in the best position to fight cybercrime seems misguided. The best solutions remain technical and market-based in nature, while the usual mess governments make out of this sort of thing are hardly a ringing endorsement of their abilities to solve technological problems. All this makes you wonder if maybe the vendors see some way for themselves to gain from cybercrime legislation. Surely that's not right...
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cybercrime, threats
Reader Comments
Subscribe: RSS
View by: Time | Thread
Gas prices are dropping faster than a hookers bloomers and things are looking up!
[ link to this | view in chronology ]
Of course
[ link to this | view in chronology ]
Too funny
[ link to this | view in chronology ]
RE:Cybercrime Is The Real Threat
So they surf, and eventually get infected and maybe even end up losing their personal data and having it used to empty what little they have in their bank account.
[ link to this | view in chronology ]
The problem is the bad guys
Re: Carlo - who else is funding research in to cybersecurity problems? Of course the reports come from people with a product to sell, but the alternative is fewer research projects and less end-user education. Lighten up.
Re: Chris - sigs (AV, IDS, FW, etc.) have worked (to some degree) for 20 years. Don't assume that it is all a conspiracy. Can *you* can come up with something better?
[ link to this | view in chronology ]
Re: The problem is the bad guys
In response to your response to Chris -- you're right that signature based detection will continue to be something that will help in the future the reality is that it doesn't work at all for things like rootkits or botnets.
And one of the reasons that security vendors, McAfee always in the lead, are frequently releasing chicken little "the sky is falling" press releases which are duly taken up as evidence that something is actually going on by the computer press bloggers who, as it turns out, work for security vendors! (ZDNet being among the prize offenders of that sort of conflict of interest.)
Add to this that McAfee's client software is slow, buggy and can't even keep up with ClamAV, an open source project who are much better at identifying new threats than either Sophos or McAfee, as far as releasing up to date signature packages is concerned.
As far as on line security is concerned it's going to take more than an AV package or a weak firewall(hello, Microsoft!) to protect you. It needs a proxy married to a good firewall that works both in and outbound, software like tripwire and montoring of servers and the OS kernel.
As for phishing and other attacks require user intervention we're back to educating users again about these things.
I'm not talking about blaming the victims I'm saying they need to be armed with information to identify the attacks and deal with them.
As for government intervention in technology to make us "safer" I feel far more confident without that and far better able to respond that bureaucrats.
The other question is "why do open source projects do a far better job of security than commercial ones do"?
Oh, as the sooner security vendors stop running around screaming to high heaven that the sky is falling and actually develop and deliver decent product I'll stop being cynical about them and their allies (employees, mostly, it seems, in the computer "press" on and off line).
ttfn
John
[ link to this | view in chronology ]