Cyber defences create their own risks

2020-07-18

in Geek stuff, Internet matters, Security

In addition to aforementioned rules about internet and computer security (1, 2, 3, 4) it’s worth mentioning that security measures can create their own vulnerabilities.

That’s true in terms of human systems. For instance, granting high-level powers to system administrators creates risks that they will exploit them deliberately or have their credentials stolen, or simply used after being left unguarded.

It’s can also be true for technical means. For instance, people often misunderstand TOR and believe that it makes everything about their web browsing anonymous. Really, it just routes the traffic several times within an encrypted network to disguise the origin before using an exit node to communicate with the target server, potentially with no encryption. Since people may be more likely to use TOR for sensitive or illicit purposes, those exit nodes are likely a target for both freelancers and governments.

Some recent stories have alleged that the virtual private networks (VPNs) which people use to protect themselves from an untrusted local network can create risks as well:

Earlier, people alleged that Facebook was using its Onavo VPN to snoop on users.

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: