It’s time to rework our ideas about technology. Consumers should demand better security built in up front, governments should hold companies accountable for the problems their technologies create.
If we don’t fundamentally change how we build and secure tech our problems will get much worse.
Modern computing security is like a flimsy house that needs to be fundamentally rebuilt. In recent years, we have suffered small collapses here and there, and made superficial fixes in response. There has been no real accountability for the companies at fault, even when the failures were a foreseeable result of underinvestment in security or substandard practices rather than an outdated trade-off of performance for security.
There are better ways to make systems more secure. For example, you can build more isolation and separation into our systems, moving security functions to properly audited hardware and away from software (which is always more vulnerable). Things cannot be hacked if they cannot be reached. This may mean that we have to sacrifice some speed for security.
As things stand, we suffer through hack after hack, security failure after security failure. If commercial airplanes fell out of the sky regularly, we wouldn’t just shrug. We would invest in understanding flight dynamics, hold companies accountable that did not use established safety procedures, and dissect and learn from new incidents that caught us by surprise.
And indeed, with airplanes, we did all that. There is no reason we cannot do the same for safety and security of our digital systems.
The Looming Digital Meltdown https://nyti.ms/2Ef8fkf