Whatever anti-virus or Internet security program you buy; or any computer operating system you setup, what are your realistic chances for having a fully secure situation? Let’s ask the question a different way:
Whatever you do with your computers and network connectivity, will it ever be private or totally secure?
You Must Know Zero-Day
Before you can understand what is possible, you absolutely must know the reality. You should know the concept of the Zero-Day Exploit. That is the center of the universe in computer security. If you misunderstand Zero-Day, you will be at a huge disadvantage. All security discussions and all plans, and all intentions you have for either privacy, security, protection of information or just basic discretion will be elusive.
Reality of Zero-Day
You have two resources for understanding Zero-Day. Wikipedia has an excellent article on Zero-Day Attacks and Zero-Day Viruses from an academic point of view. Slashdot, on the other hand, has a very sobering article about Zero-Day that you should read and understand. The article on slashdot.com is about the real world regarding Zero-Day and your computer. Zero-Day is an issue whether you are on a smart phone, table, PC, Mac, business workstation, or logged into the cloud from home or running a super computer connected to the Internet. Knowing the reality of Zero-day is a must.
What To Do for Zero-Day
The answers for Zero-Day issues vary as much as opinions about sports teams. One thing is for sure, it is either a fully solvable computer engineering problem or a just fact of life to be accepted. Dealing with Zero-Day successfully in business corporate networks requires brilliant thought process from systems professionals. Any company that has had a breach of their networks has encountered a failure of thought process or buy-in to prudent security proposals or inadequate solutions or a combination of all three.
One solution that takes a quite not so insignificant effort is the air gap network. Of the solutions I have studied or read about or attempted to put in place, the air gap network is the one with the most promise until computers themselves are better designed. Still, an in-house mistake or lack of diligence will easily destroy an air gap network’s design. Therefore a more fundamental shift in the actual computer’s design will need to occur long-term. The solutions for home and casual users is far less for those without requisite technical training and expertise.
I am fully satisfied with the article on slashdot.com as having raised awareness on the issue. The article, “Business is Booming in the Zero-Day Game”, the matter discussed with respect to Zero-Day Exploits is the right subject to begin a dialog on revising the way computers are so they work better for people. I add the emphasis that the susceptibility of computer technology to Zero-Day exploits is the first and central issue in their design. Remedying this design aspect of computer is the core matter before the higher echelons of electronics, mathematical, and computer scientists and engineers to resolve. Concurrently, you will likely see an increased emphasis on air gap networks for business.
Thoughts and Proposals
Meanwhile, there are other ideas that I have written about related to this. They are as follows:
Lists out a few simple security steps that may be helpful in some situations.
An extensive talk about limiting how you use the cloud.
A shorter talk about the cloud and being careful about an over reliance on it.
Looks at encryption for securing information and the legal efforts that may increase the use of encryption.
A high level overview about computers and security.
This is about an approach using software to better limit the damage from compromised software.
A detailed look at computers and my own proposal for a new computer design for increasing security.
Zero-Day exploits are an important issue for computer use. I think computers are excellent tools. You do have to use them carefully and responsibly when it comes to the Internet and the Web. The risks are real. It will take the smartest minds in electronics, security, mathematics, and computational theory to shift the balance in the right direction. Until then, society will continue to benefit from computers but with an increasingly sober awareness of the need to do so in a more carefully applied way. The emergence of sophisticated air gap networks may be an important solution in the meantime.