Syndicate content

security

With WJS story, security theater comes online

Tagged as:

This article published by the internet hating Wall Street Journal is nothing more classic scare tactic aimed at convincing people to give up their computing freedom in exchange for the illusion of security.

Shawn Henry looks like a super-villian standing in front of the Department of Justice logo with an American flag standing jingoistically in the background while he dishes on the sorry state of the FBI’s efforts to fight “teh haxxors.” It’s almost as if he stepped out of casting call for “Severe-looking Government Man.”

“The current public and private approach to fending off hackers is ”unsustainable.’’ Computer criminals are simply too talented and defensive measures too weak to stop them."

He did not say: So long as we keep demanding backdoors for surveillance, we can never really have secure computing. He did not say: Total online security can be had in a way that doesn’t suppress freedom, but that comes with the expense of allowing total freedom in our computer networks.

Shame on the media for falling for security theater. Again.

This is a calculated move by those who are threantened the freedom information and the decentralization of information structures as provided by the internet as we know it. They want to scare people into giving up liberty in exchange for the illusion of security. Watch for this issue to become the rallying cry of those who want to regulate internet use. Watch as the issue of “corporate security” morphs into one of the reasons we have to clamp down on online piracy. Never mind that piracy and security have almost nothing to do with each other.

You can have a completely secure internet experience right now. Today. The cost of doing so, however, isn’t liberty, its ease of use. You have to give up some easy to get total security on the internet. You don’t have to give up freedom.

The problem is, just like the issues of drugs and terror, the issue of “cyber security” is being debated in the context of fear and war. And fear and war are the enemies of freedom.

The true way to achieve cyber security is to build truly secure systems. That means those systems can’t have backdoors for government and corporate spooks, one-click logons, and easy-to-reset passwords.

You can be completely secure online right now. The technology exists. Demand that your government and ISP and financial situations use it, disclose it, and demonstrate its functionality. You don’t win when you fight the hackers. You win when you stop being their target. And you stop being their target by using security techniques that are proven, trust-no-one, and are open and on display for all to see.

Lets Talk about TOR.

TorPera

Much kudos to the OperaTor people for putting this “No, you’re not totally anonymous,” message at the startup page for the recently released OperaTor Browser. Here’s why TOR matters.

The thing is, TOR is an incredibly useful too for defeating proxies, getting around firewalls, and making your IP address a relatively meaningless way of keeping tabs on your web behavior.  If you use the Internet and you value freedom, you need to familiarize yourself with TOR. If you want to read a really incredible discussion about tor, and I’m serious, it’s really incredible, you need to listen to Security Now Episodes 69, 70, 71 and 72. Here’s a link to Steve Gibson’s awesome Security Now page at GRC.com. 

So far my experience with OperaTor has been very satisfactory. In fact, I used it several times at work today to research the TOR project in general for this article. (Work blocks me from viewing webpages regarding “proxy defeating” or something like that. Don’t matter, really.)

The thing is, a desire to be anonymous does not automatically imply that there is something to hide. The desire to be anonymous, at least for me, only implies that I don’t want your shit all up in my grill. If you’ll pardon the expression.

Anyway, if near anonymity is something you desire, and you have 30MB worth of space on some kind of a portable drive, you could do worse than to give OperaTor a try.