Julia Robinson
Everyone wants to feel secure,
right? We have home surveillance, access cards to buildings where we work and
learn, and are constantly on the look out for identity theft. Internet security
is especially prevalent as we move into the age of e-commerce and everything
being online. Companies try to create secure websites and connections, however
mistakes happen and hackers get in to expose people as we see in our everyday
media. The newest form of Internet security taking place by large companies is
actually offering hacker bounties for those hackers who will report where there
are flaws in the systems.
There are currently a couple problems
with online security. First of all, surprisingly, “60 percent of 2,122 data
breaches last year analyzed by Verizon, attackers were able to compromise their
victims’ data within minutes.” (Perlroth) I for one believed that my browsing
experiences were much more secured and that these breaches were fixed right
away. However, “99.9 percent of known vulnerabilities” were not fixed within the
year. (Perlroth) Knowing this information, it is nice to see that a new effort
has been established called Project Zero, which discovers holes in Google’s
systems and across the web. With the goal for consumers to have a safe web
experience, it is great to see a proactive stance from a top company like
Google as well as start up companies joining the fight for safety. Finally,
HTTPS is being implemented for a secure connection by more websites with the
federal government’s executive branch adopting it for all websites by the end
of 2016.
While
hacking for security is becoming the new thing, I felt that the article could
have elaborated on safer practices for writing code, how consumers can ensure
they are using secure connections, and incentives for companies to fix the vulnerabilities
in their systems quicker.
Perlroth,
Nicole. "Hacking for Security, and Getting Paid for It." Bits
Hacking for Security and Getting Paid for It Comments. New York Times, 14
Oct. 2015. Web. 29 Oct. 2015.
I think this idea is really unique and could possibly help companies out, but the major problem is that many hackers would not want to accept this challenge. They would rather hack into the system and sell the information as it would most likely be more profitable to do so. The company would need to find people willing to hack their system, but not do anything with the data, which could prove to be very challenging. The idea of basically crowdsourcing hackers is interesting, but there is also some major flaws.
ReplyDelete