its the humans who make mistakes and allow breach of security

31 Oct

london 11.12am in library using a wifi that is outside the library. saturday 2015

my chrome allows this wifi, so i know it is safe.

but look at this link, it tells of google discovering that semantec the company that provides digital certificates of validity to websites have ‘issued 23 test certificates without domain owner’s knowledge to five organizations that includes Google and Opera’. google found out and scolded them for it, and askwhether they should be allowed to be given the role of providing these certificates. when they audit it they found it gave out ‘164 certificates for 76 domains and 2,458 certificates issued for domains that had never been registered’.

semantec says it is some of their employees who did it, who have been sacked now. but it is not a good excuse, the company should have strong safeguards against rogue employees.

google is very strict about security and rightly so;  so much so that it wont even allow my chrome book to access the library wifi, just because it has a weak diffie helman whatsist. and it must have used this valid certification as a strong front line in their wall of security. if that valid certification is not worthwhile or is breached,  people will start getting viruses from their chrome OS(operating system); all hell will break lose with the issue of trust in the company. no wonder google is so strict about it. and of course no one is going to  blame semantec for it, but blame google… shame on sematec. 

talking of human error, it was via an administrator account whose username was tim, and password was tim, that got the hackers through the talktalk security. and then it is those people who were fooled into giving out their password to bogus callers, or who were fooled into transferring the money into bogus accounts. the humans are the weakest link. 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: