Instead, every potential victim has to defend against every possible threat vector, where every attacker has to find just one mistake. This is an asymmetric challenge, because even with the best security, almost every computer user is not only dependent on the security software in use, but the underlying network architecture and, below that, the programming that runs all of it -- all often supplied by different vendors.
We now have best practices that can mitigate the threat of penetrations or find and limit them once inside a network, but given the complexity of the network, the ability for a well-funded adversary to find even one mistake in any organization's digital defense grid is almost guaranteed.
This is where most of the work needs to be done by technology companies, technology users, and our government. The fundamental architecture of the Internet allows and exacerbates these flaws, and until we pretty much redesign everything from the ground up for security, we're going to be at risk.
That said, there are many good practices that can reduce the risk, practices that many people ignore. For example, way too many of us use terrible passwords and avoid the use of multi-factor authentication. I'm guessing that Mr. Podesta did not use MFA on his Gmail account, because it would have been much, much harder for the Wikileak attackers to get in if they had to have an authentication device on hand to access his account.
For the record, multi-factor authentication on Gmail (or almost all other online services) isn't some special service restricted to government leaders. MFA is available to anyone using any of those services and if you don't set up Gmail, Facebook, and your other services with multi-factor security, your personal information remains at great risk.
JB: Okay. Let's now move from the personal and the business to the electronic election system we have in place. How secure is it? How worried should we be, not necessarily about foreign attacks, but by any attacks at all? After all, look at all the multi-million or -billion dollar decisions that get made based on who wins the Oval Office and/or controls Congress in any given election cycle.
DG: Because each region chooses and manages its own voting machines, it's not really easy to make a blanket declaration about security. I'll tell you one thing: if you keep hearing about leaks and breaches on systems operated by federal, state, and local governments on an absurdly regular basis, you can be pretty sure that an electronic election system is equally at risk.
JB: Back to the recount. Where we seem to differ is on how to confirm the accuracy of the vote and whether that happened. I feel like the two of us are looking at the proverbial elephant from totally different angles. What I read and heard about was that the price of the recounts was jacked up to an almost insurmountable level, seriously predicating against concerned citizens' right to know.
Next Page 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
(Note: You can view every article as one long page if you sign up as an Advocate Member, or higher).
