next »

[isthisthingon]

http://www.pcworld.com/article/211753/convicted_botnet_author_describes_next_targets.html?tk=nl_dnx_h_crawl

"These businesses are a lot more at risk today than ever before. So much data is available, and being put into the cloud," said Calce. "It's one of the reasons I've decided to break my silence."  While he understands the practicality behind the cloud architecture, agreeing it's what the Internet was really designed to be, Calce said he worries if we're ready for the security risks and are willing to address them.

In an interview with CDN, Calce said while everyone is focused on the cloud, his biggest concern is that we're not even secure with our current infrastructure, and here we are putting our data alone in one bubble.It's a great concept, but he said security seems to be an afterthought.  "It's hard to patch-up holes when so many bullets have already been fired. I know I'll never get businesses to agree but we need to slow down technology, and stop reinventing without fixing the predecessor first," said Calce. "We're always taking on security as an afterthought. We should redesign the protocols behind the Internet to make it less exploitable.

Yet I believe "redesigning the protocols behind the Internet" just ain't gonna happen unless the cost can be justified against real, tangible threats that are impossible to mitigate otherwise.

[perkiset]

Zactly. Let's tear down the whole thing and reboot, shall we?

There is an interesting point hinted at in there, regarding the net-security (as in bottom line, not network) of a cloud based system. In other words, a cloud application is only as secure as its weakest link. This is a VERY important point for constructors of cloud apps/tech to make sure that they are doing their due diligence with partners.

But at the end of the day, the customer really is at the whim of what I (the macro "I") do.

[nutballs]

yep we are awesome. the end