Time to put security first

With each new generation of software, it seems that designers introduce yet more challenges for IT security - usually in the name of "usability" or "productivity".

Hackers are ready to target every new release, and suppliers are working hard to batten down the hatches. The official launch of Vista last week will offer a gauge of whether things are getting better.

The operating system is more secure than its predecessors, says Microsoft. But built-in picture, movie and music file-sharing may be targeted by the bad guys. In many cases, the easier it becomes to share information, the easier it may become to distribute viruses, steal identities and copy confidential information.

This means that every user needs to devote time and energy to ensuring that any e-mail they receive does not represent some kind of threat.

Research from Yankee Group claims that anti-virus software is getting less effective, which means that suppliers need to develop ever more intricate ways to protect users. VeriSign, for instance, has developed technology that highlights secure e-commerce sites to combat phishing attacks. And PayPal is trialling two-factor authentication.

Why, then, is it still so easy to register fake websites and send out mass-mailings?

Another weakness lies in wireless. It seems obvious, but if designers of wireless routers enforced the configuration of password and encryption keys before the router was connected, networks would be far more secure.

The trouble is, such configuration is a barrier to ease of use, so plug-and-go is the preferred option.

This type of approach is widespread, but in this connected world, usability and new functionality surely need to play second fiddle to security.

Read David Lacey’s security blog

Link to Microsoft Windows Vista

Comment on this article: computer.weekly@rbi.co.uk