[ISN] Security conference offers weird, woeful predictions

From: InfoSec News (isnat_private)
Date: Wed May 21 2003 - 22:53:46 PDT

  • Next message: InfoSec News: "[ISN] Internet hacker wanted in US arrested in Thailand"

    http://www.computerworld.com/securitytopics/security/story/0,10801,81402,00.html
    
    By James Careless, 
    ITWorldCanada
    MAY 21, 2003
    
    The good news: By 2010, computers should match the human brain in
    processing power. The bad news: By decade's end, wireless-based
    viruses, hacking and security breaches will be a major headache for IT
    administrators.
    
    These forecasts were made earlier this week by IBM and Symantec Corp.,
    respectively, at the 15th annual Canadian IT Security Symposium hosted
    by the Communications Security Establishment (CSE).
    
    IBM Research's John Heidenreich dazzled delegates with his company's
    view of the future. After opening with a list of past failed
    predictions -- like Bill Gates' 1981 quip that "640K ought to be
    enough for anybody" -- he detailed "the changes we believe will come
    to pass."
    
    First, "the message in technology is a simple one: faster, better,
    cheaper," Heidenreich said. And by the time "silicon runs out of
    steam," molecular-based nanotechnology will take its place, he said.  
    "My guess is that you will start to see machines built using
    nanotechnology by the end of this decade," Heidenreich said.
    
    Other IBM Research predictions: Within 10 years, computers will be
    embedded in so many devices that nonembedded desktop and laptop
    computers will cease to be made. Supercomputers will also attain
    processing power equivalent to the human brain, "but without all the
    autonomic distractions," Heidenreich said. As a comparison, he
    characterized the IBM Deep Blue supercomputer that beat chess champion
    Gary Kasparov in 1997 as having the computational power "of a lizard."
    
    Heidenreich then tempered IBM Research's predictions with a few
    warnings.
    
    The current data explosion is now growing at a "superexponential"  
    rate, he said, creating more information than humans alone can
    analyze. To sift through that data accurately, they need new computers
    to help.
    
    Heidenreich also said IT managers must start asking, "What does it
    cost me when my information systems go down?" He added that IT
    failures are likely to cause "major disasters" in the future. Already,
    a failed SAP AG installation crashed one Canadian bank's IT system for
    five days, he said, while another company's ERP misadventures caused
    it to miss its quarterly sales targets.
    
    He went on to say that the real reason for developing computers with
    human-size processing capability -- autonomic computers -- isn't so
    that they can think, but rather to help humans manage IT systems
    effectively. "Autonomic computing is not about technology,"  
    Heidenreich said. "Autonomic computing is about [maintaining]
    standards."
    
    Meanwhile, Symantec Chief Technology Officer Robert A. Clyde offered
    delegates a cautionary tale about wireless security. Citing IDC
    research, Clyde said there will be 589 million mobile Internet users
    in 2005, about half of all Internet users by that time. The problem,
    he said, is that many of these mobile, Wi-Fi and Bluetooth-connected
    users won't have adequate protection from viruses and hackers.
    
    Of particular concern is the burgeoning growth of 802.11b wireless
    access points, many of which are installed by employees without the
    knowledge of their IT departments. Such "rogue" access points tend to
    be unsecured, he noted, giving Wi-Fi-equipped hackers easy access to
    corporate systems.
    
    The problems with mobile/Wi-Fi/Bluetooth connectivity don't end there,
    Clyde said. Infected devices can import viruses and malicious code
    directly into a corporate system whenever they're synced, and data
    cached on Wi-Fi laptops with Windows File Share switched on can be
    accessed by wireless hackers.
    
    The answer is to develop basic wireless security precautions, Clyde
    said. These include defining corporate standards for wireless devices
    and operating systems, standardizing and controlling wireless
    purchases through one corporate entity. and specifying what data and
    applications are safe to store on firewall-protected,
    encryption-enabled devices. He also suggested routing all Wi-Fi access
    points through a firewall before letting them access the wired
    corporate network, applying encryption to all remote links and using
    updated antivirus filtering.
    
    Clyde concluded by saying that wireless access is quickly becoming a
    fact of corporate life. "Get ahead of the curve, and find out how you
    can handle it securely," he said.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu May 22 2003 - 01:12:12 PDT