Monday, November 21, 2016

Danger: rock path

Today, one year ago...

It’s been said you need to learn from the past if you don’t want to repeat the same mistakes in the future, but the human being is the only animal to stumble over the same stone twice. Twice? And many more times! We can even feel attached to the rock and not let it go. That’s the way we are.

Over a year ago, we laughed (because we didn’t want to cry) at a series of “epic fails” that seemed to come from a comedian’s monologue rather than from real life. Among them, a photo of a Greek minister that went viral.   

Sitting down at his desk, he was looking at the camera smiling, without noticing there was a post-it note with confidential information on it. And because nowadays we can zoom and scan everything with virtual magnifiers as if we were detectives 2.0, many people realized that he had written the user name and the fantastic and unpredictable hyper-secure password: 123456. Read the last part with irony, please.

We never learn because we are repeating the same mistakes year after year. The strange thing is that cybercriminals haven’t stolen our underwear… yet. Why do we worry about having the best security systems if at the end of the day the user is the weakest link in the chain? In a recent study, presented at the ACM Conference of Communication and Systems Security (CCS), researchers from China and the United Kingdom invented an algorithm that can guess passwords with a success rate of 73%. 

The conclusions of their report: guessing passwords is easier than it should be, because users have the same password for many different accounts. Moreover, they use personal data and simple numerical sequences on their passwords, which helps the work of cybercriminals. This hasn't happened just to the Greek minister. “He who is without sin, can cast the first stone”.

We are lazy, it is easier to remember a birthday date or the name of our pet, than a series of numbers, uppercase and lowercase letters and symbols. It depends on us to decide which is best: because an easy password is comfortable for us but it's a gift for any cybercriminal too. Would you leave your key under the doormat in your house? This is something similar.

Epics fails for any taste

This gets complicated when you think you bought something safe and it’s not. 365 days ago it was discovered that Dell laptops, sold from August 2015, had a certificate that the company had not reported and that could jeopardize the safe navigation. This certificate was created to provide more information to the online technical support service, but it could be used, in the wrong hands, to steal personal data or make users visit websites making them believe they were safe. After acknowledging the mistake and apologizing for it, the company managed to fix the vulnerability several weeks later.

Another “epic fail” that we found out one year ago was that the magazine Wired, trusting a ‘reliable’ source, said they had discovered a manual from the terrorist organization ISIS to surf the net undetected. But in fact, it was a guide created by Cyberkov to help journalists in conflict zones to protect their online activity.

The editors of Wired didn’t contrast the information, or at least not enough. A mistake in which journalism is incurring more frequently than it should, either for lacking of staff and time; for the “necessity” to be the first ones to spread the news; because of the precarious salaries, the excess of “copy and paste” or the atrocious competition. Or all at once.

The truth is that nowadays users don’t get informed just by the mass media. More and more people use social networks and search engines on the Internet to be aware of what is happening in the world. Precisely, these days Facebook and Google have been accused of spreading false news and provoke the election of Donald Trump as the president of the United States. The point here is find someone to blame.

We can’t control if the news we read is truthful or not, but we could be like a journalist and verify the information by using different websites. Not to stay with the first piece of news that comes to us or believe it at heart. But in these days oversaturation of information, lack of time and the fact that we want to be given things already done, we will continue to trip over the same stone. How many of them will we have stumbled over within a year? We are afraid to ask ourselves.

Image source: Free Images


Post a Comment