academia | advice | alcohol | American Indians | architecture | art | artificial intelligence | Barnard | best | biography | bitcoin | blogging | broken umbrellas | candide | censorship | children's books | Columbia | comics | consciousness | cooking | crime | criticism | dance | data analysis | design | dishonesty | economics | education | energy | epistemology | error correction | essays | family | fashion | finance | food | foreign policy | futurism | games | gender | Georgia | health | history | inspiration | intellectual property | Israel | journalism | Judaism | labor | language | law | leadership | letters | literature | management | marketing | memoir | movies | music | mystery | mythology | New Mexico | New York | parenting | philosophy | photography | podcast | poetry | politics | prediction | product | productivity | programming | psychology | public transportation | publishing | puzzles | race | reading | recommendation | religion | reputation | review | RSI | Russia | sci-fi | science | sex | short stories | social justice | social media | sports | startups | statistics | teaching | technology | Texas | theater | translation | travel | trivia | tv | typography | unreliable narrators | video | video games | violence | war | weather | wordplay | writing

Thursday, February 09, 2006

The Maginot Line of cybersecurity

A few days ago, everyone was freaking out about the latest computer virus / internet worm. I was advised at various times to not turn on my computer for 24 hours, to unplug my internet connection, and above all else, to install virus protection or at least a firewall.

I did none of these, and I was fine. Which makes me wonder: why do people overreact regarding computer security?

A while ago, a friend generously supplied me and my girlfriend with an Airport wireless router. Now we can use our laptops as we wander aimlessly around the apartment.

Except, she insisted on using the 128-bit encryption, saying "I'm okay with my friends using my connection, but I don't want just any stranger to be able to use it."

I've never understood this point of view. Why, exactly, do you not want a stranger to be able to access the internet for free? Maybe they're a creep and don't deserve the internet, I guess. Or maybe you happen to live next to a 1337 hacker who will spend lots of time and energy somehow breaking into your computer, which is theoretically possible.

I think it might just be that the average user has been scared, by spyware and by the tech security industry, into believing that threats are all around us and you would be stupid not to take security precautions whenever possible--hopelessly naive, even.

Firewalls are a big part of this. Most tech columnists have run the stock "better enable that firewall!" column during more than one slow news week. Thanks to that hype and the windows default settings, my friends and family all run firewalls.

If you run a business network with lots of server space and sensetive material, a firewall makes sense--it's a layer that must be hacked through if access to the network is to be gained from the outside. But if you run a small office, or just a home network, or just have a single computer hooked up to dsl, what exactly is a firewall supposed to do? We've all heard that "a computer hooked up to the internet without a firewall is infected and turned into a zombie in .002342 seconds." I've never understood how this misleading stuff is allowed to run. By "hooked up to the internet" most users assume you mean a routed dsl or cable connection. But I don't know of any documented cases where someone has hacked a computer over such a connection. That's not to mention people who run a firewall while connected to the internet via a modem! (Perhaps a hacker is going to sneak into your house, have your computer call up your ISP, then return to their lair and hack you remotely from there!)

To be clear, I'm typing this in a computer directly connected to my dsl modem, without any firewall or encryption anywhere in the connection. I've been using a dsl modem, routed wirelessly to share with my roommates and anyone who can get it (I posted the access point's coordinates online), without any firewalls, for three years in New York. I hooked up my girlfriend's cable modem and router, with no encryption or firewalls. I've set up business
dsl connections for office networks with no encryption or firewalls off and on, running since 2000. There's never been any problem with infection or hijacked space, except for the same misleading emails carrying zombie programs or phishing for credit card numbers that would have gotten through whether there was a firewall or not.

In the meantime, firewalls and network encryption have made my life more difficult. I said I'm connected straight to my dsl modem--that's because the Airport has been choking when it connects, forgetting the encryption key I entered and making me enter it again. This means that I've had to type the 26-character alpha-numeric (complete with easily confusable characters such as 0's and and B's) six times already.

I guarantee that's six times more than any hacker has tried to access the top-secret files on my computer and been thwarted by our wireless encryption, and six times more than our neighbors have tried to view kiddie porn but been kept on the straight and narrow by the fact that we deny them access.

Likewise, my roommate requires a password to log in to her computer, and I can confidently say that this fact has prevented me from troubleshooting the network at least as often as it has prevented me from reading her secrets. My old roommate also had this, and while it did keep an army of industrial spies in the dark and kill in the crib their plans to launch empires based on his real estate analysis, it did an even better job of keeping me and our other roommate from reading our email when the other computer was occupied.

Spyware tends to be the real problem. It has nothing to do with firewalls, since users will happily download it themselves, and it acts exactly like an innocent web browser under the firewall's watchful eye. Spyware often doesn't stop until users are educated about it and switch to Firefox.

At an afterschool network I supported for most of the last three years, spyware was an incessant problem, firewall or not. Finally I installed Firefox, put a shortcut on the desktop, changed its name to "Internet Explorer", changed its icon to Internet Explorer's, and deleted all links to the real Internet Explorer. No more spyware. Since quite a few machines had stubborn spyware infections that resisted Adaware, Spybot and PestPatrol, I installed Microsoft Anti-Spyware on them, which has worked perfectly everywhere I've used it. I have never seen any spyware or virus infection on any Windows PC running Firefox, Microsoft Anti-Spyware and Windows Update.

Granted, these themselves are security programs; my argument would be stronger if they were not necessary either, but they are. However, they don't justify the attention given to security of the average home pc, or the solutions used. Anti-virus programs are sluggish and resource-hogging; meanwhile, I've seen Norton happily pass over plenty of spyware, and seen it wage a losing battle against much smarter spyware whose definitions don't seem to be making their way up Symantec's bureaucracy.

So, as the useless white Airport box next to my dsl modem blinks its warning light, as my neighbors downstairs thirst in vain for kiddie porn, as the internet terrorists next door give up and turn to gardening instead, as the Symantec execs dine on caviar, as uninspired tech columnists turn in their boilerplate, as I massage my 26-times-six-characters-writing wrist, and as I try out passwords in an effort to hack into my own network and turn off the encryption, I thank god that we live in a world where secure technology keeps us safe!