Thursday, October 29, 2015

Hacking for Security

Julia Robinson

Everyone wants to feel secure, right? We have home surveillance, access cards to buildings where we work and learn, and are constantly on the look out for identity theft. Internet security is especially prevalent as we move into the age of e-commerce and everything being online. Companies try to create secure websites and connections, however mistakes happen and hackers get in to expose people as we see in our everyday media. The newest form of Internet security taking place by large companies is actually offering hacker bounties for those hackers who will report where there are flaws in the systems.
     There are currently a couple problems with online security. First of all, surprisingly, “60 percent of 2,122 data breaches last year analyzed by Verizon, attackers were able to compromise their victims’ data within minutes.” (Perlroth) I for one believed that my browsing experiences were much more secured and that these breaches were fixed right away. However, “99.9 percent of known vulnerabilities” were not fixed within the year. (Perlroth) Knowing this information, it is nice to see that a new effort has been established called Project Zero, which discovers holes in Google’s systems and across the web. With the goal for consumers to have a safe web experience, it is great to see a proactive stance from a top company like Google as well as start up companies joining the fight for safety. Finally, HTTPS is being implemented for a secure connection by more websites with the federal government’s executive branch adopting it for all websites by the end of 2016.
     While hacking for security is becoming the new thing, I felt that the article could have elaborated on safer practices for writing code, how consumers can ensure they are using secure connections, and incentives for companies to fix the vulnerabilities in their systems quicker.

Perlroth, Nicole. "Hacking for Security, and Getting Paid for It." Bits Hacking for Security and Getting Paid for It Comments. New York Times, 14 Oct. 2015. Web. 29 Oct. 2015.

1 comment:

  1. I think this idea is really unique and could possibly help companies out, but the major problem is that many hackers would not want to accept this challenge. They would rather hack into the system and sell the information as it would most likely be more profitable to do so. The company would need to find people willing to hack their system, but not do anything with the data, which could prove to be very challenging. The idea of basically crowdsourcing hackers is interesting, but there is also some major flaws.


Note: Only a member of this blog may post a comment.