Here at iGuRu.gr we often mention that security in thenetwork δεν υπάρχει και φυσικά υπάρχουν πάρα πολλοί που συμφωνούν. Οι εταιρείες ξοδεύουν δισεκατομμύρια δολάρια κάθε χρόνο για να αγοράσουν ενημερωμένα προϊόντα ασφάλειας και όμως οι επιθέσεις στον κυβερνοχώρο και οι παραβιάσεις δεδομένων δεν σταματούν. Τελευταία μάλιστα ανακαλύφθηκαν και "αξιόπιστα εργαλεία ασφαλείας" που περιείχαν τρωτά σημεία!
Recently, Google's Project Zero has revealed a bunch of critical vulnerabilities in two security products using dozens of businesses and consumers from Symantec and its Norton brand.
The vulnerabilities allowed hackers to gain complete control over computers that used them applications με την αποστολή μηνυμάτων ηλεκτρονικού ταχυδρομείου που σερβίρουν malicious self-replicating code on networks, even if those messages are never opened and no one clicks on the links they contain, according to the researcher Tavis Ormandy of Google's Project Zero.
Ο Ormandy has previously discovered security holes σε προϊόντα ασφαλείας εταιριών πολύ υψηλού προφίλ, όπως: Kaspersky, FireEye, ESET, Comodo, McAfee και Trend Micro.
As you can see from above, we have reached a time when it is impossible to trust products that are supposed to keep our data safe. The security industry that has been set up seems to be facing serious problems with omissions that endanger its customers.
Οι προμηθευτές φυσικά μέχρι σήμερα δεν φαίνεται να λογοδοτούν, αν και θα έπρεπε να λογοδοτήσουν για τα κενά ασφαλείας που ανακαλύφθηκαν στα προϊόντα τους και θέτουν τους πελάτες τους σε κίνδυνο. Είναι διαφορετικό πρόβλημα αν τα προϊόντα που πωλούν δεν αναγνωρίζουν κάποια απειλή και εντελώς άλλο όταν τα προϊόντα που διαθέτουν στην αγορά παρέχουν "παράθυρο" πρόσβασης στους επιτιθέμενους.
Mr Ormandy rightly states that security software should benefit from techniques such as sandboxing that can help control malicious code activities. And everyone should have a specific development life cycle with best-of-breed security practices such as those launched by Microsoft and Cigital. Suppliers should also look for vulnerabilities in the design of their products that can be used by attackers to exploit legitimate features or functions to compromise systems. Suppliers should prioritize security in their products and there should be no justification when they do not.
But when vulnerabilities are found, the wave doesn't last long. Media coverage is short lived and some lawsuits or legislation would have to be changed to get things done better.
After all the above: How can you protect yourself? You should probably minimize your exposure online by better adapting your mindset. So it is rather a question of having realistic expectations.
Do not assume that the security products are safe
Companies should implement security policies on all security tools they use. This means that they should require vendors to provide automated repairs, in-depth examination of their infrastructures and pen-testing on all security products.
Assume your network will be compromised
Even when your security products work as they advertise, it does not mean they're taking all the threats. The online community and companies should be prepared for the possibility of a violation (which is more and more a reality).
Traditional antivirus products that control systems by identifying specific malware signatures when signatures change (something that happens constantly), malware is not recognized.
Responsibility
The security industry is responsible for promising security, to make sure that the sold security products not only work as they should but also do not endanger the end user by sparing backdoors to the hackers.
And the utopia
Security vendors should act as standards for the entire technology industry by developing secure software to restore customer loyalty.