Bradley Manning to Snowden, GCHQ to NSA,CISCO to Huawei, Private to Government over the past one year we have been regularly hearing news about snooping, bug implants, government agencies trying to collect sensitive information about different agencies across the world, Private vendors spying on its customer etc. such news are quite worrisome for individuals, customers, corporate, for someone who is from the information security industry.
Few important questions arise from such incidents:
- How do we protect ourselves from such incidents?
- Whom do we trust?
- What is the way forward?
- Should be move back to traditional security practices?
- Where do we find the balance?
In recent news president Obama would be not staying at Waldorf Astoria hotel for the UN General Assembly. Traditionally this hotel has housed all the presidents from Hoover till today but recent acquisition by a Chinese owner has put concerns over security.
Another report was about Cisco routers shipped with backdoor implanted and similar news was about well-known Chinese manufacture Huawei whose devices were reported to have backdoor. Which reports are right or wrong, who is to blame for all this is a different debatable topic all together but the question of the hour is how do we protect ourselves?
Should corporates invest more time and money and start investing in manufacturing their own hardware devices? Should we stop trusting everyone? Should an individual move to exchanging hand written cryptographic letters?
I would really like to hear thoughts and solutions from the security community about such events and way forward for a SAFER & BETTER Internet!!!
P.S.- Our next post is about an ISP failing to implement security controls and leaking sensitive information.