Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity

    A Little Knowledge of Security Can Be a Dangerous Thing

    Written by

    Jim Rapoza
    Published June 28, 2004
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      I recently attended a meeting in a conference room that had only a couple of available wired network connections and no wireless network access. I snagged one of the wired network connections for my iBook and offered to share my connection wirelessly with other users in the meeting.

      Several thankful meeting participants hooked up to my connection, and one person—who was using a Windows-based laptop—remarked that he was glad he didnt have to worry about getting a virus from my Mac. Upon hearing this comment, another meeting participant—one who had obviously seen the then-recent headlines about security problems in Mac OS X—jumped in, saying, “Didnt you hear that Macs arent secure anymore?”

      Most of us chuckled when this comment was made, and, for the most part, it seemed more like a joke than a sincere Opinion. But many people who saw these same headlines probably did jump to the conclusion that Macs cant be considered secure anymore.

      Now, of course, anyone who actually read the stories about the Mac OS X issues likely understood that the problems caused by holes found in the Apple operating system—while potentially severe—would not be easily spread. In fact, some degree of ignorance on the part of a Mac user would be required.

      If you were to ask any independent security analyst if Macs should now be considered as insecure as Windows systems can be, he or she would most likely laugh. Mac OS X and its underlying BSD Unix core have excellent security track records.

      Apples own behavior just added fuel to the fire: Officials banged the drum of Apples security record perhaps a little more loudly than was prudent, especially given the general knowledge that BSD systems—like every operating system—have had security problems in the past. In addition, officials werent forthcoming with information about the problems or what the resulting patches fixed.

      For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog.

      The underlying problem here isnt operating system security or even the vendor runaround but, rather, people who just read headlines or summaries of security news and then form Opinions based on this information—or lack thereof. And theres a very good chance that these people are making decisions based on these ill-informed Opinions.

      The IT manager who read only the headlines about the Mac OS X problems may have pulled back on some Macintosh implementations. Or there may be an IT manager out there who read the headlines on recent reports about the first cell phone virus and put the kibosh on a cell phone rollout. The whole story, meanwhile, would have informed the IT manager that the reported cell phone virus was a proof of concept that hadnt actually appeared in the wild.

      You might be thinking Im crazy to think someone would make decisions based on story headlines. But it doesnt take a lot to influence decisions. All an executive needs is a little voice in the back of his or her head whispering, “Its not secure—remember those headlines.”

      And once these Opinions are formed, it can be hard to change them, even with clear evidence that theyre misguided. One need only look at studies that show a majority of Americans still believe that weapons of mass destruction were found in Iraq, even after the government and every news outlet have stated otherwise.

      Ive written before about the many hurdles security administrators have to overcome to do their jobs, ranging from users who never learn how to avoid viruses to security companies that hype every problem to security practices that are difficult to implement to company executives who dont want to pay for security or think they can handle security with one big application or appliance. You can now add to this list people who dont bother to get the story behind the headline. The old saying that a little bit of information is dangerous applies doubly to security.

      From now on, whenever someone demonstrates a lack of understanding about security, I wont shrug or laugh it off. Ill figure out a way of politely but effectively giving that person the correct information in the hope that he or she will find out what the security issue really is all about. And maybe, down the line, Ill save some poor security administrator from having to deal with an executive decision based on a misguided Opinion.

      Labs Director Jim Rapoza can be reached at [email protected].

      To read more Jim Rapoza, subscribe to eWEEK magazine.

      Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.

      Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page

      Jim Rapoza
      Jim Rapoza
      Jim Rapoza, Chief Technology Analyst, eWEEK.For nearly fifteen years, Jim Rapoza has evaluated products and technologies in almost every technology category for eWEEK. Mr Rapoza's current technology focus is on all categories of emerging information technology though he continues to focus on core technology areas that include: content management systems, portal applications, Web publishing tools and security. Mr. Rapoza has coordinated several evaluations at enterprise organizations, including USA Today and The Prudential, to measure the capability of products and services under real-world conditions and against real-world criteria. Jim Rapoza's award-winning weekly column, Tech Directions, delves into all areas of technologies and the challenges of managing and deploying technology today.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.