Wednesday, July 17, 2013

The Security Confirmation Bubble

I know, I know, that sounds like the title of an episode of "The Big Bang Theory".

To better understand what I mean by this you first have to understand what a confirmation bubble is. When you have a certain view on a topic, you lean to only accept information that confirms this view. A logical fallacy that can be made worse with the selection of like minded social circles or even more so with Googles search algorithms that tailor search results to ones preferences.

So it's basically a problem securing that you develop blind spots to important information.

With my recent outreach to use more minority operating systems demonstrated to me a very dangerous one. The obliviousness of Apple and Linux users to threads to their systems security, usually combined with scapegoating Windows as the sole problem child. This arrogance pretty much leads to evangelists outright praising their respective systems for how it is not necessary to even think about security - and making their systems a feast for hacks.

You see, obviously people often think of security problems only as viruses and adware. Things that make their presence known pretty fast, and you won't find that many on either Mac OS X and Linux. But while those are pretty nasty for the desktop users, trojans that hijack your system to add part of their computing power to botnets, and part of that combined power is used to automatically hack the next system are IMHO worse.

Actually I lived pretty secure with my windows desktop, always being aware of security risks, but as soon as I had a Linux server directly connected to the internet, it was hacked. Two times actually. The first time a bot found a weakness in a badly configured Samba Server that was accidentally open to the internet, the second time a friendly hacker manipulated my system finding a security whole in a well known Open Source PHP solution. He only changed the starting page and left his contact. And these are the ones I knew about. Actually I stopped to use that machine to use it for anything other than using it as a firewall, and started using a Windows Server for any service I needed.

Sure, each time the problems were not directly related to the operating system, but it didn't automatically secure the system either. The Samba problem was so common that it was one of those selfhacking bots I mentioned, and we quickly found out about it, because it was so active that it used up the full bandwidth and I later learned that my machine hacked others by reviewing the protocols. That thing was badly constructed, while it nailed the hacking part it failed to keep its presence hidden.

Can you see why this Security Confirmation Bubble is so dangerous? It makes people of oblivious to the fact that, while the systems can be very secure, you always need to keep an eye on security, just using a certain operating system doesn't give you a "get out of that hell" card. Espacially Linux, while not so common on the desktop, runs most webservers. Rarely watched closely. Very yummie for hacks, like the Windows Desktop attracts spambots. If you get lazy because everyone tells you how secure your operating systems are and maybe even belittle windows users, in fact, you're not only contributing to your own insecurity, but to those of others as well, open up your system to criminal misuse.

Don't fall for it only because it is so uplifting and comforting. Just don't!

1 comment:

  1. From :

    "It's important to remember that just because you use free software doesn't mean you can't get hacked. People find zero day exploits for free software all the time, and sometimes sell them to governments and other malicious attackers. Free software users still download malicious attachments in their email, and they still often have badly configured and easily exploited services on their computers. And even worse, malware is often very good at hiding. If a free software user gets malware on their computer, it might stay there until the user formats their hard drive."