Murphy's Law: It Pays To Be An Outlaw


December 30, 2014: Since September 11, 2001 airport security in the United States has become more strict and annoying for passengers. Yet you regularly see stories in the media about how tests of these security systems often reveal that all this security is regularly bypassed. The DHS (Department of Homeland Security) issues press releases about measures taken to deal with the problem and all is forgotten until the next outbreak of embarrassing media tests of the security.

The situation is worse when it comes to Internet security, even though most large companies (and many smaller ones) employ security firms that will carry out “penetration tests” of networks to see if they are secure. More companies are becoming aware of the fact that these penetration tests are pretty useless and the reason is the penetration testers have lots of restrictions on what they can do. Many of the things hackers do are illegal and these transgressions are not generally allowed for those performing penetration test on company security, even when executives are willing to allow anything. The lawyers point out that letting penetration testers act like actual hackers would involve illegal acts outside the premises of the company being tested and expose the company to prosecution. A few companies ignore the legal risk and find penetration testers equally willing to do what it takes. But this is rare.

The existence of this flaw is one reason security firms constantly pester the government to build a very expensive but realistic test bed. This is a reproduction of most of the elements that can be exploited by hackers to get into an Internet network. So far no government has been willing to put up the cash needed (up to half a billion dollars) to build such a facilities. In the meantime many governments (especially China, North Korea and Russia) let their hackers break all sorts of international laws just for practice.




Article Archive

Murphy's Law: Current 2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 



Help Keep Us Soaring

We need your help! Our subscription base has slowly been dwindling. We need your help in reversing that trend. We would like to add 20 new subscribers this month.

Each month we count on your subscriptions or contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage. A contribution is not a donation that you can deduct at tax time, but a form of crowdfunding. We store none of your information when you contribute..
Subscribe   Contribute   Close