|
Today it is said we are in what certain socialists call The Post-Modernist Era. This is a period of so-called enlightenment, betterment and social justice. However, if the past is any indication, this is not the case. Instead, we are continuing with what we’ve always done, taking our time, plodding along and inventing and refining our technological marvels. As a 70 year old, I can tell you, we’ve come a long way from the zinc plated vacuum tube culture we were in when I was born. Even criminal activity has also come a long way. Our technology is under attack. Not only the US, but the world is vulnerable to invasion on a granular level by hordes of – hackers. We face the possibilities of these attacks when we naively answer emails, read text messages, install apps and cruse the web. Most of us have no idea on how to thwart these hacker’s attempts at steeling our precious data. It is not computers that create device threats, it is people. It is these predatory hackers who victimize others for their own gain. When we give a hacker access to our PC, tablet or smart phone connected to the Internet, the threat they pose to our security increases exponentially. Computer hackers are unauthorized users who break into our systems in order to steal, change or destroy information, often by installing dangerous malware without our knowledge or consent. Their insidiously clever tactics and detailed technical knowledge help them access the information we really don’t want them to have.
Anyone who uses a device connected to the Internet is susceptible to the threats these hackers and online predators pose. These villains typically use phishing scams, spam emails, text messages and bogus websites to deliver dangerous malware to a device where they can compromise our device’s security. It is us who innocently but unwittingly open or click on something we feel we can trust is when and where the virus is allowed to spread throughout our devices. And, can you blame us. Most of us lack the knowledge necessary to combat these virus laden emails, messages, and web pages. It is us who believe we are protected by our government agencies to eliminate these threats when in reality we are out there all alone on the World Wide Web. Basically, it is those software vendors who’ve stated many times in their software agreements that, in essence, we are on our own. Why: because individually our device’s primitive operating systems are one virtual house with all our stuff accessible to all who enter. Though our stuff may be neatly organized, all of it is still accessible to anyone who manages to open the door and enter our virtual home. It is us who, without knowing, will provide the means to enter our digital house. To date, these hacker attacks can include us doing one of the following:
Fertile Ground for Device Hacking
Starting in August 11, 1993 with the release of Windows for Workgroups v3.11 (the first networking version of Windows) to today’s Windows 10, we as computer users of the world have been vulnerable to losing so much through hacking attacks. These attacks are initiated by people who are out to steal our identities, bank accounts and credit cards as well as our very intimate personal information.
Though in the early 90s there may have been add-ons to Microsoft DOS and Windows that enabled network sharing, Windows for Workgroups was the first version of Windows designed out-of-the-box for network access. Now here it is almost 30 years later and invaders of our computers continue to stay one step ahead of attempts to keep them out of our personal information. Computer - an electronic device for storing and processing data, typically in binary form, according to instructions given to it in a variable program. A computer can be a Mainframe, data server, PC, laptop, tablet, Raspberry Pi, Sega Genesis, smart phone, etc.
One has to remember that the current operating systems so many of us depend upon were not designed by prestigious engineering organizations such as Bell Labs, IBM, or the US military, rather they were written by two or three guys working out of their homes.
MS-DOS & PC-DOS – The origins of the PC based disk operating system can be traced back to two earlier operating systems, CP/M and QDOS. CP/M (Control Program for Microcomputers) was created in 1974 by Gary Kildall of Digital Research for the Intel 8080/85-based microcomputers. CP/M was an 8-bit operating system and was one of the first to be widely used in the emerging line of commercial microcomputers. MP/M (Multi-Programming Monitor Control Program) was a multi-user version of the CP/M operating system, created by Digital Research developer Tom Rolander in 1979. It allowed multiple users to connect to a single computer, each using a separate terminal. MP/M was a fairly advanced operating system on microcomputers. It included a priority-scheduled multitasking kernel with memory protection, concurrent input/output and support for spooling and queueing. It also allowed for each user to run multiple programs, and switch between them. In 1980, Tom Paterson of Seattle Computer Products developed QDOS (Quick and Dirty Operating System) for Intel's new 16-bit 8088 CPU (central processing unit). QDOS was largely a clone of CP/M, and it was here where Microsoft entered the picture.
In 1981 Microsoft purchased QDOS from Seattle Computer Products, renaming it to MS-DOS 1.0 and offering it to IBM for use in their new personal computers. This IBM called PC-DOS. In an unprecedented move, Gates retained the licensing for MS-DOS such that it would become the most important factor in Microsoft's move from a simple vendor of computer programming languages to a giant in the computer software industry. The success of MS-DOS directly paralleled the growing popularity of the personal home computer, and remained Microsoft's most significant source of income even after the firm began to introduce its own graphical user interface (GUI) in the form of MS-Windows. MS-DOS became the very foundation of our current Windows PC operating system. Windows Vista was said to have been a significant redesign. However, a lot of this version was still based on archaic Win32/Win64 constructs with some additional patchwork thrown on top. There was never a complete redesign of Windows. Windows 10 might be classified as a redesign; but it still retains many of the prior generation’s vulnerabilities. These same vulnerabilities unfortunately have been carried through to other devices such as tablets and smart phones. Here it is almost 40 years later and we continue with these issues. So, the question remains, why? The answer is, we did and still do have a choice in the PC operating systems we use. There are operating systems that are far less vulnerable. But, we chose to continue using Windows PCs. Because we didn’t choose a more secure OS, we accepted the fact that security wasn’t a significant concern. In fact, if we list our priorities, we find that beauty, glitz and glamor were highest on our list. I mean, after all, that’s what sells.
Windows of the Past - Mouse Based Systems
The names of Steve Wozniak, Steve Jobs, and Bill Gates are still revered for their contributions to our modern technical world. Today we honor these men for being geniuses, rather than past unnamed inventors including those who designed and wrote the original GUI windows like OS (Xerox Corporation) who spent millions in 1970s dollars. The reason we have Windows as it is today is because, when it was first introduced, most people who adopted it and used it had no idea what computer technology was all about. Those who did just ignored its short comings believing it was merely a toy and it would never be used in serious business environments. But because so many glommed onto it, this software became the dominant operating system. Also, those who used already established proven operating systems such as UNIX had a kind of elitist attitudes towards amateur computer aficionados. Until recently, this attitude was still prevalent with most versions of Linux. Now today, it’s too little too late. It is doubtful Linux or UNIX will ever catch up much less become the dominant OS. Because of the shortcomings of our technology as well as a lack of foresight, many hundreds of millions of computer users have lost so much to hacking both directly as well as indirectly. These costs can range from monetary losses and significant inconveniences to personal embarrassment and loss of dignity as well as a loss of productivity in the business world.
In this day an age of supposed advanced computer technology, like vinyl LPs, there’s talk in some circles of reverting back to the old ways. This is to protect oneself from being hacked. Also, it’s claimed it is easier from a technical misunderstanding standpoint to transact via paper checks, telephone and snail mail rather than hassling with electronic methods which are bloated with non-documented complicated access and usage, not to mention the risks of the loss of data as well as breaches of our so-called security protection methodologies. Then there are the issues with the bug-filled software itself not working correctly. This movement is highly impractical because of the extensive infrastructure that is in place for electronic transactions including shopping, banking, medical, and … basically, most of what we now do in life. Then why is there still all this hacking? The answer is: a lack of foresight, poor botched software designs and a lack of willingness to address these shortcomings.
Computer ProgrammingIn my 40 years of experience of being a computer programmer, most of the software being produced today is written by over worked young people who lack the in depth experience to foresee unforeseen pitfalls. Admittedly, there will always be failures in systems. But because of a lack of adequate designs, the bugs and holes we have today are due in part to extensive legacy issues, under estimations, and a lack of design and planning tools. The fourth issue is what I’ve harped on for a very long time. In 1997, I was privy to a demonstration of a design tool prototype that used Visio like flowchart diagrams as the basis to generate a system’s source code. If there were complex methods, these could be coded within the flow chart as sabre code in a pseudo English like script. There was also promised a cohesive methodology of relationships between various components such as database, display, I/O and functionality. Sometime after the demonstration, the resulting discussions among the various programmers were of dissenting opinions stating that, all the work would be spent supporting the design and none on programming. Meaning, they felt they would be out of a job. Also, the programmers felt this system wasn’t sophisticated enough to do complex programming. As a result, to this day, I’ve yet to see such a system. We still code as we’ve done when I started programming in 1975. Over these years, there have been lots and lots of different languages, methodologies and standards proposed, designed and implemented. These included Object Oriented Modeling and Design, Model View Control, and thousands more.
But none of them formed a cohesive design methodology that allowed for a quick overview of a complete system with cross references, generated diagrams, and indexes. If a developer were to ask to see a generalized overview of Windows 10, Microsoft would be hard pressed to produce one, much less adequate documentation. Basically for the most part, Microsoft relied on third party authors to do their documentation. Judging by what I see and hear as well as the frequent updates to Windows, Microsoft’s overworked programmers have a difficult time with security issues, bug fixes, upgrades and implementations of new features. I can’t tell you how many times I’ve taken another programming gig for a prestigious organization and expected to see considerable documentation only to find that what they had was grossly inadequate. Basically, we needed to RTFC if and when we needed to understand a program. (Read the F__G Code) It’s stressed out good intentioned people trying to do a good job. It’s ultimately management who are under budgetary constraints who limit the time designers and developers have to actually do the job. In my career, I had to reinvent the wheel every time I sat down to do an assignment. Seldom if ever could I use off-the-shelf components to build a program. This is what object oriented programming was supposed to address. However, because of the need for immediacy, this methodology often fell by the wayside. Also, it was felt that this would result in a serious convoluted mess – as it is now with the hundreds of thousands of Microsoft foundation classes (individual component routines that may or may not depend upon other component routines). This, sadly, has been the theme since I started programming. I wish upon a star for that auto programming system I saw in 1997. If we as a society would have embraced such a system and refined it, can you imagine what we could have accomplished? Of course, many of those who program who are reading this will no-doubt say I’m wacko. As for hackers, these people aren’t under any deadlines to discover weaknesses and implement hacks. They have all the time in the world. They either rely on others or they themselves poke around in the machine code. These are thousands if not millions of people messing with devices trying to find something. Also, there are users who do happen to find something and like wildfire, word gets out. Then one or more hackers test what these users found and if they can, they exploit this vulnerability.
Invasion Fleet - made possible by...So, who are these hackers? These are people who are out of the reach of most country’s law enforcement agencies as well as government defense agencies. Also, a number of adversarial foreign governments have taken up hacking. In fact, it is claimed our elections were compromised by hackers. Why? How could all this have happened? The answer is quite simple, yet it is convoluted. In an excerpt from my diary written in December 2005, I talk about the anomalous birth of the PC. I wrote:
So, what did I mean by the above? The basis of this diary entry was found in the release of the IBM PC on August 12, 1981 - the first PC known as the IBM Model 5150. This obviously inferior thing was based on a 4.77 MHz Intel 8088 microprocessor and used Microsoft´s MS-DOS operating system. It was claimed the IBM PC revolutionized business computing by becoming the first microcomputer to gain widespread acceptance. The problem was, there were many other microcomputers that were far better. But because its label said IBM, like lemmings to the sea, people flocked to get one.
There were alternatives to the PC that were already in the market place for some time. And there were alternatives that were far better than subsequent IBM PCs. These systems could have and would have evolved over time. An example was the Commodore Amiga. Its hardware and software architecture was far superior to the color PC-XT. But because it didn’t have the IBM logo… It is understood that the IBM PC had a greater memory capacity than the other 16 bit microcomputers that were sold in the mid-to late 70s. The PC employed extended memory addressing which required two instructions to access memory above 64k, increasing memory access time by two. Another eventual selling point of the PC was its inherent high resolution graphics capability, something these 70s microcomputers lacked. Also, the above microcomputers had a kind of elitist following that seemed to preclude the non-technical user, something IBM was trying to avoid with the PC.
IBM was very shrewd with the conception of the PC. They did the bare minimum to its design to outpace most of the other microcomputer manufacturers. They gave it an unprecedented amount of memory and they enabled the PC to easily display graphics. They crammed all this onto two PCBs and did it for considerable less cost of the others with the same features. Finally, they touted the PC as a user friendly business class computer. But... In December 1981, I attended a sales presentation put on by IBM where they gave a sales pitch describing this new personal computer. The business people there couldn’t wait to purchase one. The problem was, the sales people didn’t have a PC there to show prospective buyers. Of the attendees there, I was the only programmer. Like the rest of the people, I assumed the PC was a full-fledged computer when, in reality, it was merely a diskette based toy. As I later found out, its interrupt scheme was greatly limited along with a lacking math coprocessor. As so many of us found out, it was a difficult machine to program. As for multi-tasking, forget it. Also, since there were problems with an optional 8087 math coprocessor, we had to wait for the release of the IBM XT to have the math problem fixed.
This was the theme all along until the Taiwanese started cloning the XT and AT. This is when we began to see improvements. I think this is what caused the PC to skyrocket. For some strange reason, IBM let Taiwan clone the PC – for almost half of what an IBM would have cost. Not long after that, I arranged for a huge telephone book sized PC magazine delivered to my door, for free. The point here is, we gave up so much technology to adopt the PC standard. The PC set computing back some ten years.
We literally went around the Motorola 68000 processor to accept the inferior and limited Intel 8086, 8087, and 8088. It would be the release of the i386 architecture before Intel caught up with the 68000 processor. If we put as much energy into the 68000 as we did with the x86 architecture, we’d be much further along. But, now… Because IBM used the 8086 processor in a word processor, we got stuck with Intel processors. Note. The 68000 was designed such that when two were used in tandem, they performed 32 bit processing. I'm not focusing the blame solely on IBM, a mainframe company. They centered their sales prowess on what the majority of the public wanted. My indictment is on all of us for our many sins. This is even true for today's technology. It’s us the American people who naively chose the IBM PC. We should have known. The moment IBM got into the minicomputer market, they failed miserably. They used mainframe programmers to design minicomputers that later proved to be disastrous. The failure of the IBM system 32 and Series/1 minicomputers were prime examples. People spent far more money on these systems that were far less capable simply because they wore the IBM badge. Yes, all because the people trusted Big Blue, the IBM name.
My Prospective In 1980, I purchased a used Cromemco microcomputer to be used in my billing service company. This beast was a 68000 based computer with 256k memory and a 9mb hard drive. The system ran a UNIX like OS call Cromix which supported multiple terminals. I developed an Accounts Receivable and General Ledger packages with menus and utilities. I had one employee and was doing OK until my clients went to the 1981 PC sales presentation put on by IBM. Later on after they all bought PCs, several of them came to me and asked if I could program the thing. That’s when I found out what the PC was all about. Prior to my business, I worked for a small company who used a DEC PDP-8e for scientific analysis. We began to outgrow the 8 so we looked around for a replacement system. Upon our search, we found that most of the available minicomputers were either hideously expensive or were fraught with bugs. A lot of them wouldn’t demonstrate their offerings. The ones who did were completely unprepared. Then in 1977, my manager came to me and asked if I would sit in on a sales pitch by IBM. I never considered IBM because I thought they weren’t into scientific programming including languages like Fortran. But after the sales presentation we were flown to Michigan where we saw the prospective IBM Series/1. We never actually saw a Fortran application run on the thing. Instead there was an embedded front-end airline reservation system running on 6 terminals – at almost lightning speed. We all sat down and made flight reservations. Prior to this time, I was a DEC guy. This is what we had and what I programmed on in college. However, it seemed DEC was pissed at us for using a bootleg copy of Fortran, which I didn’t know about because this was installed by a fellow prior to me. We were blackballed so my buddies at DEC weren’t allowed to help us out. The Series/1 arrived on a snowy morning. It was wheeled into a corner and the single hardwired IBM CRT terminal was placed on my desk. The hardware was tested and the tech left. It was up to me to install the OS – which was called RTPS or later RPS (Real Time Programming System or Realtime Programming System). I never could get it installed. The Series/1 sat around for nearly a year before we could do anything with it. It was a joke. It seemed IBM refused to take it back. IBM Series/1
IBM took a bunch of mainframe programmers and put them in a large room in an office building in Boca Raton Florida and said to them, “Make us an operating system.” They did; a mainframe batch processing OS complete with a hideously verbose scripting language native to mainframes called JCL (Job Control Language). The Series/1's memory was maxed out at 64k and RPS required 56k leaving not much room to run applications. To develop RPS, IBM developers used a language on the Series/1 called EDL which ran under EDX (Event Driven Executive). In the end, we installed EDX. It was a year later when IBM finally ported Fortran to run under EDX. By that time, I had taken a gig for a software company developing business applications in EDL. The Series/1 was not a virtual machine which caused memory fragmentation issues. It also had a bunch of problems including walking all over OS memory and crashing regularly. After about a year, I took a cushy job at a community college and I started my own business. That's when I got the System 3. The Cromemco System 3 was a dream to use and program on. This relatively tiny thing had a multi-user virtual memory OS and was one fifth the cost of the Series/1. So, it’s little wonder I had nothing but contempt for IBM. IBM System/32
At the time I was running my business, I heard through the grapevine of this little company that went out of business because of the difficulties they were having with the System/32 they had purchased from IBM. It was at the time when the 32 was first released. This system also ran a similar job control language. On the numerous trips I made to IBM with the field rep trying to get the Series/1 to work, I saw a System/32. It was an all-in-one minicomputer with an integrated terminal and line printer. It cost as much as an equivalent Series/1. Later on, no one at IBM seemed to talk about the System/32 much less acknowledge its existence. It seemed a lot of companies were hurt by this machine. As you can surmise, my clients did collectively hire a software vendor, an IBM VAR (Value Added Reseller) to customize a Basic language billing system to run on their PCs. So, my experience with IBM wasn’t, shall we say, all that good. Then in 1985 when I did purchase an AT clone, I wasn’t surprised when I went to program the thing. I had a momentary idea of restarting my business again. Imagine my gut wrenching feeling when I called Cromemco support only to hear a disconnect message. They went bankrupt. Everyone was buying PCs. I sold the inoperative System 3 to a friend for 10% of what I paid for it. He helped me port all my stuff to the AT. To thwart a lot of S100 buss microcomputer manufacturers who were gearing up for 32 bit extended memory addressing architecture, IBM felt they needed to quickly release the PC. This initial release hurt a lot of people. It took nearly 5 years for everything to catch up to where it was before that fateful date of August 12, 1981.
Parallels in Hardware and Software Thinking
The point of the above PC spleen vent is: It was this same thinking that led us to where we are in so far as virus and hacking in our modern day world. We are living with the sins of the past. Most operating systems have either been poorly designed by two or three people in their homes or by some university students. Gone and forgotten is the work of so many companies like Bell Labs who designed the original UNIX operating system; XEROX who designed the first mouse based graphical user interfaced windows like operating system and Digital Equipment Corporation who design the first truly usable scalable large-scale integrated microcomputer system - the LSI-11. Note. The LSI-11 as pictured above was used in the Heathkit HA-11 PC released in 1978 @ $1295
IBM’s OS/2
In 1986, there was an alternative to Windows developed by IBM. It was OS/2, which at the time was a far superior windows-like operating system for the PC. OS/2 was a series of computer operating systems initially created in a collaboration between Microsoft and IBM under the leadership of IBM software designer Ed Iacobucci. As a result of a disagreement between IBM and Microsoft over how to position OS/2 relative to Microsoft's Windows 3.1, the two companies severed their relationship in 1992 and OS/2 development fell to IBM exclusively. The name OS/2 stands for "Operating System/2". OS/2 was introduced as part of the generational change release of IBM's "Personal System/2 (PS/2)" line of second-generation personal computers. The first version of OS/2 was released in December 1987 and newer versions were released up until December 2001. After that, most OS/2 users switched over to Windows XP. Yes in the end, IBM did lose. Big Blue was unprepared to build systems that were not mainframes in nature. They lacked the expertise and understanding of interactive mini and microcomputer systems. Today, they are a fragment of what they used to be.
Now?Now we have Windows 10 which was released in July of 2015, nearly six years ago. Though it is the best ever Windows version, it is still easily vulnerable to hacking attacks.
OpenBSD is said to be a security-focused, free and open-source, UNIX-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by using NetBSDas as the basis. According to their website, the OpenBSD project emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
The First PC Virus
The Brain Boot Sector Virus was the first PC virus which began infecting 5.2" floppy disks in 1986. It was said to be the work of two brothers, Basit and Amjad Farooq Alvi, who ran a computer store in Pakistan. These early viruses were transmitted via floppy disks which the user had to physically insert into their PC and perform a copy or run function. It was the introduction of network interfaces which turned the tide in so far as a PC being covertly infected. This was mainly the result of poorly implemented security in web browsers. Other noted viruses include:
Can one imagine if there were 12 different platforms instead of just one or two, how difficult would it have been to create a virus? But because we have one common platform, it’s easy. All they have to do is hack a single platform and all are affected – or rather infected.
Common Denominator
So, today, what is this ONE platform? It’s called Java, in particular, a JavaScript runtime interpreter and it runs under all browsers. The first web browsers such as Mosaic and Netscape initially had no security. These browsers could execute a program that was hidden within a webpage. It would freely access memory and files on the infected PC. Unlike UNIX, there was no way of restricting a program running on a Windows based PC from accessing everything. Today, there is still no easy way for a user to open a browser in what is called a sandbox, a method of confining an application to a certain area of memory and disk space. This methodology has been a feature of UNIX since its inception. Why was Microsoft hesitant to do anything about these threats? The answer is simple. Microsoft would have needed to redesign and rewrite their operating system. This not only would have been very costly, but it would have dealt a serious blow to people’s trust in the Windows platform. Windows users would be required to purchase all new software. Instead, Microsoft chose to downplay these vulnerabilities and responded by saying this was an opportunity for third party vendors to build virus protection software. Then with subsequent releases of Windows, it was up to virus protection vendors to redo their software, saving Microsoft considerable expense. We just make the operating system. It is up to you to protect yourself. It was in more recent times when Microsoft was forced to provide rudimentary firewall protections.
The Cloud
The latest idea of Microsoft is to remedy a number of problems including extensive periotic device upgrades as well as hacking threats by migrating users to a cloud computing architecture. Cloud computing architecture refers to the components and subcomponents required for cloud computing. These components typically consist of a front end platform (fat client, thin client, mobile), back end platforms (servers, storage), a cloud based delivery, and a network (Internet, Intranet, Intercloud), all combined make up the cloud computing architecture. In cloud computing, programs and data are stored on a secure server. All that runs on the client is something similar to a glorified web browser. Of course, cloud computing would not be free; rather it would require some kind of a monthly or yearly subscription fee. Also, programs running on the cloud would have to meet certain strict development, testing, and code review standards. This would require meeting stringent registration requirements thereby making it nearly impossible to implant viruses in the cloud. Again, these huge conglomerates neglect to understand the human desire to own things. Most people still wish to maintain their applications and data on a personal device such as a PC, tablet, or smart phone. Though there are people who do back up their data to some form of cloud storage, most people feel much more secure believing they have control over their personal information stored on a device they own and can control.
Death Knell of the Personal Home Computer
Though there are serious gamers, home based programmers, web developers and other hobbyists, it is the commercial business class PC that still thrives today. The smart phone has become the majority of end users daily driver. With the advent of face recognition, the smart phone is becoming un-hackable – or so they say… Since 2017, hackers engaged in a sustained malware attack on iPhone users, potentially infecting tens of thousands of phones. The malware was capable of stealing passwords, encrypted messages, chat histories, location data and the iPhone's complete contact database – this in the most secure phone OS. Most of these malware attacks came via the various installed web browsers as well as embedded links in text and chat messages. Note. Android phones can also be hacked and it’s happening with alarming frequency. With version 2.2 "Froyo", a text message security flaw called “Stagefright” was found in Android phones that put 95% of users at risk. Again, how do most of these attacks take place? It is the result of free and open access granted to embedded Java scripts by the OS that are loaded and executed when the user visits certain websites or when they click on a link. I mean … isn’t that stupid. If the user disables Java scripting, they can no longer do things on the web including ordering merchandise, making reservations, and a whole host of other activities. Damn! Developers know this, yet they (Oracle) refuse to close up these loop-holes.
Can Hacking Be Stopped
It is claimed that any and all systems are hackable. If someone can legitimately access a computer via a network, it can be hacked into via that network. The way systems are often breached is via the use of a discovered user and password. This can either be done by covertly obtaining a user-password or by having someone tell the hacker. Covert spying is usually done via sniffing traffic on an open network. The internet is open and accessible by the world – meaning, anything placed on the net is accessible anywhere in the world. Unlike telephone switching equipment with discrete connections between parties, the World Wide Web is open to all traffic. Then the only way of attempting privacy is through encryption. But again, encryption schemes can be hacked.
It is claimed that HTTPS is a good form of secure encryption. Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over the Internet. It is a methodology of preventing web traffic from being read as it travels across the Internet. However, HTTPS or SSL (Secured Socket Layer) and TLS (Transport Layer Security) have been hacked. Currently, the latest version of TLS has yet to be hacked, or so it is said. However, this does not preclude the fact that someone could very well have already hacked TLS which hasn’t been discovered yet.
Phishing eMail Attacks
The next form of attack is via email web links and attachments. The unwitting over-worked recipient accidently or deliberately clicks on a link embedded in an email and the attack begins by executing a Java script. The user can also open an attachment believing it was a document when in reality it is a Trojan horse. Then with lightning speed, not only is their PC compromised, but all systems he/she has access rights to is accessed and its information is uploaded to the hacker’s server half way around the world. The third method is the user is told that their account will be disabled and they need to immediately go to the following link to respond. This is how most ransom-wear attacks and data breaches occur. Most people don’t know. It seems we have to build up street-creds by learning to avoid these pitfalls. It is claimed: with UNIX, not a problem. You as a user are confined to a hermetically sealed room. Your email client resides in a hermetically sealed box. Upon opening an attachment laced with killer viruses or spyware, it just flounders.
ConclusionIt is understood that the operating systems we have today are based solely on popular demand. The primary OS (Windows) is the most popular because it has always been attuned to the least among us. Its developers strived to make it easy to install and use. It was the least expensive and it was designed to run on many variations of the PC. Microsoft also provided technical information to PC clone and peripheral makers such that they could either build their own equipment to spec, enabling the OS to run on their device or the builders could write their own drivers that could easily be installed in the windows OS. As for the rest of the operating systems, though they may be superior to Windows, their creators either lacked insight or they felt a need to come off as being elitist. This is why so many of them lost – including LINUX. My indictment is not towards Microsoft; rather I am very disappointed in the rest of the operating system community for not seeing the potential of rivaling Microsoft. Instead they sought to make excuses, charge way too much for their OS or they refused to appeal to those who lacked the technical skills necessary to use one of these operating systems. Now, times are changing. The smart phone is most people’s PC. The cloud is where most will keep their data. And, applications will be easily installed with a touch of an icon. The only hardcore users of the PC will be developers and serious gamers. The business community will use some kind of thin client computer with an embedded web browser interface similar to the old style page mode smart terminals of the 1980s – this connected to a central server. There they will run all their cloud-based applications on that server.
So, What Do We Do NowUnder the current state of computer technology, how do we fix all of this? I’m not sure it can easily be fixed. In fact, as long as the criminal mind is one or more steps ahead of law enforcement … and developers, we will always have hacking. The myriad of holes and back doors in the vastness of mismatched interlaced intertwined layers of software and reusable APIs makes it nearly impossible to rewrite. All the different computer code-bases from all of the different vendors containing all the vulnerabilities of our computer infrastructure would have to be adequately addressed. So then, the old ways of paper shuffling and personal physical in-person appearances may continue to be advocated. Or,
We get up off our stupid lazy asses, bite the bullet and adopt a secure operating system and security protocols that are the least vulnerable to hacking attacks. And, I don’t mean relying on Apple, Google, Microsoft, Samsung, the government or any other organization to do anything about this. I’m saying it’s up to us the American people. We need to drop our pretentious elitist attitudes and either develop new systems or enhance existing open source systems to enable the least of us to be able to use one or more of them without fear of attack. We don’t have to redesign the wheel. There are ample examples in the free and open source code bases. We just need to put our heads together and come up with tried and proven standards, set down sound principles and build bullet proof systems. Sounds simple? Well, it’s not. But we have to do this for the sake of all of us. This living in fear thing has to stop. Far too many hackers have done way too much damage. Even we the people believe our elections have been compromised. So, let’s get to work! EJ - February 14th, 2021
|
