TECH | Every application you use, is insecure!

Security continues to be a hot topic, as critical computer networks suffer vulnerabilities and hacking.

The national security of countries is at stake when its mission critical systems can be tampered with or penetrated.

Accordingly, the growing importance of pre-detection of vulnerabilities and tackling them has become a standard practice. One of the recognized authorities in this field is the US National Infrastructure Protection Center (NIPC) which cooperates with the SANS Institute to determine the most critical security vulnerabilities.

A few years ago, these two bodies put together a list of ten vulnerabilities, but now they've come up with a list of twenty and it doesn't make comfortable reading!

The list includes every piece of software you are likely to be using at the moment!

Starting with the predictable, and well documented, flaws in Windows XP, the list goes on to name Internet Explorer, Windows Libraries, Office and Outlook Express.

And that's only Microsoft's massive contribution to the problem. Apparently, almost every piece of commercially available software from other vendors is vulnerable too!

The report calls them 'Cross-Platform Applications' meaning this is something that Linux, Unix and Mac OS users should also look out for.

The list mentions Backup Software, Anti-Virus software (yes, this one is particularly surprising), PHP-based Applications, Database software, File-Sharing applications (of course, how else would malware spread?), DNS Software, Media Players, Instant Messaging Applications, Mozilla and Firefox browsers (answering the security claims of fans of these browsers) and more!

Thousands of private and government organizations worldwide will take a look at this list, and throw their computer systems out of the window! How could they possibly secure their systems when every piece of desktop software in use is vulnerable?

Looking at this list in a level-headed way, what it basically means is that users must exercise caution when using applications, and patch security holes and vulnerabilities consistently, while upgrading their software in accordance with every security update announced.

However, it should be understood that it's not likely that hackers, virus creators and cyber-criminals will stop at any level of security you apply, as they'll always try to penetrate the latest security updates. Regrettably, as recent history shows, they're quite capable of that.

What’s a user to do? At the moment, you can only hope that companies like Microsoft are on top of developments, and if and when a big virus or hack-attack occurs, you’re not in the first wave of PCs hit. If you’re still around when the patch or security procedure is announced, you and your PC will be fine. The term ‘living on the edge’ takes on a whole new meaning!

zeid@maktoob.com

(Published in The Star)