jump to navigation

If you focus on one thing only April 13, 2015

Posted by mtv in Security.

Focus on your password strength, it is one of the few things you have control over to protect yourself.  When reading about the internet worm that hit in 1988, the average user would find the subject matter dizzying–as would an above average user or even an IT professional!  I can understand the overwhelming feeling of fearing something you don’t understand, and feel that end users hear so many scary things about computer security yet don’t quite understand what any of it means.  What am I actually afraid of?  How do I know I am safe?  What can I do?  I prefer not to provide answers related to hosts, sockets, or protocols, rather keep it simple and say: if you focus on one thing and one thing only, let it be your password: change it regularly and don’t make it simple.  When I say don’t make it simple, I don’t mean make it hard to enter or remember.  You can make it “easy” for yourself without making it simple.  If I set my password to “Michael” that’s both easy and simple, whereas “Michaelsetsreallylongpasswords!” is not a simple password, yet can be easy to remember and enter.

Throughout the article, “The Internet Worm Program: An Analysis,” you’ll find a detailed tour of the worm, discussing what it does at a high and low level.  What does it all have in common?  At the end of the day the worm is attempting to find or guess passwords.  That’s it.  That is the key to a worm’s success.  At every stage in these multi-staged attacks, the worm is trying a logical way to break passwords, and “once a password was broken for any account, the worm would attempt to break into remote machines where that users had accounts” [1].  I think this is the best line to convey to users that the nature of infections are strikingly similar between computer systems and our own bodies.  I think of this in the exact same way I do antibiotic resistance, as best described on the CDC’s website:

Q: Why should I be concerned about antibiotic resistance?

A: Antibiotic resistance has been called one of the world’s most pressing public health problems. Almost every type of bacteria has become stronger and less responsive to antibiotic treatment when it is really needed. These antibiotic-resistant bacteria can quickly spread to family members, schoolmates, and co-workers – threatening the community with a new strain of infectious disease that is more difficult to cure and more expensive to treat. [2]

In the same fashion, users may question why they should be so concerned with password strength, why should they care?  I answer that it not only affects you and your personal security, but it affects us all in that the world is connected via (IT or immune) systems–for better or for worse.

[1] Spafford, Eugene H. “The Internet Worm Program: An Analysis.” Technical Report, Department of Computer Science, Perdue University, West Layfayette, 1988.

[2] http://www.cdc.gov/getsmart/antibiotic-use/antibiotic-resistance-faqs.html



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: