Security is both a fascinating and a frightening problem. Many years ago I listened to one of the leading authorities on security point out that it was impossible to make a computer system secure! The increased effort that is made to improve security merely changes the method of breaking it.
It is naïve to think of security as a single topic. There are very different requirements between controlling who can and who cannot access systems, data and applications in normal operations, compared to protection against theft or sabotage. Normal users would not be attempting to break the system, thieves will.
As well as viruses the Internet created another type of problem, or to be more exact exposed it. That is the conflict between high security and ease of use; it is no use frightening the customers off by making the system too difficult to use.
One conclusion of the above is that we need specialist security managers rather than relying on the network manager or similar. In any case employing some specialised consultancy is probably essential if all aspects are to be considered. In any case an assessment should be made of what is economically needed. Spending a fortune to save a few Euros from theft is not a good idea unless there is a something else to consider such as a loss of customers due to adverse publicity.
I can give overviews on security, but I enjoy listening to the real expert’s presentations which tend to follow my presentations. At a recent seminar run by KICK I was very impressed by an exposé of the specific topic of computer viruses, given by Panda Software. Panda is an intriguing company in any case because they are Spanish, a country I don’t associate with software products.
We are all only too aware of the seemingly never ending stream of new viruses that we endure. The Internet is a hackers dream come true; these are strange, disturbed people, vandals in fact. However there is a more worrying trend in which viruses are being used for fraud, more of which another week. The law is getting stricter on hackers, but they won’t go away.
A virus is a small program which copies itself to another program, which when next run will also execute the virus. The cleverer the virus, the more difficult its presence is to detect until too late. There are various types of virus, the main ones being worms, Trojans, boot and macro viruses and many types of file viruses. According to Panda the techniques used by these viruses are classed as stealth, tunnelling, self-encryption, polymorph mutation and armouring. I won’t pretend to know the detailed differences but the names are self explanatory enough for my awareness. The depressing fact that comes out of this is that viruses are now so sophisticated that they deserve classification!
The symptoms that indicate that a virus is present depend upon the type of virus. Some have immediate effect, others can lay dormant for a while, making elimination more difficult. Typical symptoms (when it is rather late in the day!) are iincrease in file size, errors in the execution of applications, damaged directories, reduction of availablememory, system hangs, disappearance of system or data files, no disc access, failure to boot and worst of all, formatting of disc.
The presence of viruses, 85% of which have been spread by e-mail, has of course led to the development of products to protect from them. Let us hope that every one is using them!< BR>
Martin Healey, pioneer development Intel-based computers en c/s-architecture. Director of a number of IT specialist companies and an Emeritus Professor of the University of Wales.
