There have been a number of major security flaws announced over the last few weeks.
And you should most definitely be concerned
A vulnerability was found in Bind, which provides the bulk of DNS serviced across the net. DNS is the name to IP lookup system, a bit like your contacts or address book in your phone. You dont remember peoples numbers (or IP address), you use a name and it gets converted to a number when you call. DNS does the same for the internet, converting a website or systrm name into Iap addresses. And Bind is open source, so you would think this would have been spotted and fixed a longtime ago.
The second major issue reported, was that researchers found a way to hack into Chrysler’s Jeep Cherokee, via the entertainment system and take control of the car itself. And there are some crazy laws that mean the researchers could be prosecuted and jailed for exposing the isse.
It is a wider problem though. Security is hard. Many programmers add security code as an afterthought, rather than built in from the ground up. Not surprising when the pressure is to deliver the code to tight deadlines. And even when security is a major design consideration, which should have been the case for both of the above, it is hard to get right.
I remember working for a tech company in the early 90’s and part of the sales pitch was that the internal systems used to do customer work had zero internet connectivity, no connection method with the outside world, any data transfer had to be by tape or disk.
Why should you be worried though? Well, because of the next big thing in tech is the IOT….the Internet of Things. Where everything can be connected to the internet. Your home, lights, locks, fridge, heating system, washing machine, cooker, alarm, the list goes on and on.
Now surely security is high up on the list of requirements for such devices, isn’t it?
Hmmm. Maybe. So is being first to market, getting products out of the door before the competition. It’s a race. And if security is given the attention it needs during development, how secure does that make your home from hackers?