The Security of Interconnected Systems

It’s a scary world in the wild, wild west of the Internet. Many days I think that’s a closer metaphor to the World Wide Web than the relatively ordered Kensington High Street in London. There are lots of bad people out there that are scraping identities, hacking systems, copying data, and more on a daily basis. Indeed the power of computers means that these malicious behaviors can be done at a speed and on a scale never before seen in the world.

I ran across this account of a blackmailer stealing a Twitter name using a variety of hacks across interconnected systems. What’s worse than the attack against someone’s digital assets is that fact that so many of the companies on the Internet have no good way of recognizing ownership. It’s almost as it could be back in the gold rush days when you had to be vigilant and constantly inhabiting your property to protect the assets. At least in that time you could file a claim that would be honored. I’m not sure a Facebook name, a Twitter handle, a SQLServerCentral login, or any name on the Internet can actually be “registered” by most of us.

The problem isn’t so much the ownership of some digital asset as it is the potential cascade of problems when we can’t own an asset and possession of a username and password seem to be what matters. I’d like to think that corporate assets are better protected, and corporations are usually more able to take legal action against attackers, but it’s entirely possible they aren’t. Especially when many of the companies that provide services to both individuals and companies aren’t providing support. The “Google” method of building automated systems that provide support looks like “hope for the best and too bad if it’s the worst” from my perspective.

As we connect more and more systems together, whether through sign-on systems, automated feeds, or other methods, the ability to protect the entire system is dependent on the weakest link. The ability to resolve ownership and security issues, however, seems to have no protection at all.

Steve Jones

The Voice of the DBA Podcast

Listen to the MP3 Audio ( 2.5MB) podcast or subscribe to the feed at iTunes and Mevio . feed

The Voice of the DBA podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

About way0utwest

Editor, SQLServerCentral
This entry was posted in Editorial and tagged . Bookmark the permalink.