GEEKONOMICS

There are two recent articles that seemed rather uncomfortably related.

The first article is from Yahoo! News:

US Olympic tourists warned about monitoring in hotels

An except from the article:

WASHINGTON (AFP) - Americans traveling to China for the Olympic Games in August can expect their hotel rooms there to be monitored, the State Department warned on its website.

"All visitors should be aware that they have no reasonable expectation of privacy in public or private locations," according to the State Department site.

"All hotel rooms and offices are considered to be subject to on-site or remote technical monitoring at all times. Hotel rooms, residences and offices may be accessed at any time without the occupant's consent or knowledge," it said.

The second article is from Steinnon on Security from Network World:

China takes off cyber gloves

An excerpt from the article:

Are you a manufacturer? Are you responsible for IT Security at a government agency or research lab? Are you an athlete? Do you represent the cause of freedom in Tibet or peace in Darfur? If so, you have a new enemy.  The government of the largest country in the world [China] is after your data. They have resources you cannot even dream of. They are organized. They know what they are doing.

Now, imagine the two articles juxtaposed. The following might give you a taste of how pervasive and devasting espionage, cyber or otherwise, can be. My additions are in square brackets.

Americans traveling [the Internet]...can expect their [actions] to be monitored, the State Department warned on its website. "All visitors should be aware that they have no reasonable expectation of privacy in public or private locations [on the Internet]," according to the State Department site. "All hotel rooms and offices[, computers, blackberries, iPhones, gaming systems] are considered to be subject to on-site or remote technical monitoring at all times. [These] may be accessed at any time without the [owner's]occupant's consent or knowledge," it said.

There are no small targets on the Internet. Once you connect, you and your software are part of the whole whether you like it or not.

CSO Magazine ran this article on March 8, 2008:

Insanity - Doing the Same Thing Over and Over Again Expecting a Different Result

To quote:

A Gartner study indicates that 75% of security breaches are due to flaws in software...Do you think we would see a significant decrease in the number of data breaches and records stolen if we shifted our spend to actually writing proper code and protecting data at the source instead of at the edge? I think it is time we gained a few IQ percentage points and stopped the insanity.

I would tend to argue, unequivocally, yes. Absolutely yes. Our perverse and dysfunctional relationship with software, particularly insecure software, is not only insane, but outright madness. Those who have read my blog and Geekonomics know my mantra:

Insecure software sends an unmistakable message of disorder into the environment of cyber space. Small elements of disorder (like software vulnerabilities) invite greater elements of disorder, even cyber crime.

Cyber crime, in part, preys on the weaknesses software manufacturers themselves fail to detect before releasing/publishing the application into the global stream of commerce. To change the story of software, and thus the story of cyber crime, software manufacturers need different incentives to improve the quality and security of software.

Stop the rising trend of vulnerabilities, and thus the insanity, at its source. To do so is painful, difficult, complicated, and troublesome. Human endeavors of any significance are like this. I would argue History has taught us that much, at least.