Blame Yourself For Lax Security

By Edward Cone  |  Posted Monday, July 11, 2011 17:07 PM

Click here to read a related slideshow, Search Engines Are Poisoning Your Computer.

by Samuel Greengard

Digital security is an illusion. Protection increasingly consists of putting more barbs on the wire rather than building a real fence.

Malware and hacking aren't new problems. But the risk has spread from personal computers to power grids, automobiles and just about everything else. Heck, even medical devices and implants are now hackable.

One problem is that we value convenience and short-term cost savings over real protection. We believe that if we dutifully upgrade our antivirus software and patch our systems we'll be fine. If we change our password every few months we'll keep ourselves safe. But this is a Band-Air approach and it steers around the real issue: creating more secure systems.

A few questions: Why don't we have authenticated e-mail? Why isn't encryption built into e-mail programs? Why is it possible to click "I forgot my password" without establishing one's identity?

It goes from bad to worse with credit cards--particularly in the U.S. You have the name, account number and three-digit code on the back? No problem! Let the thievery commence! At least in Europe and some parts of Asia, restaurants use mobile terminals--so the card doesn't have to disappear into some back room. Most countries have also begun to use smart cards with chips to thwart counterfeiting and theft.

Debit cards afford a bit of protection because they have a four digit PIN. But hacking four digits is relatively easy and crooks have now turned to skimming techniques to hijack cards. Ditto for voicemail systems.

Yet basic security protections, like some type of token-based or biometric authentication, are still not in widespread use.

Businesses and consumers are both to blame, and we're close to the tipping point where it's just about impossible to fully trust any e-mail message or account, Facebook link, website, PIN pad or card terminal.

Thanks to our obsession over saving a few seconds and a fraction of a penny on every component or transaction, we wind up paying dearly over the long run.