LIS-4774 Cybersecurity

How we Got Here

Some Big Picture Ideas

Ticker Tape Theme


Humans Communicating? NO. DATA.

Closed v Open Software Production

PRACTICAL and IDEOLOGICAL

Closed v Open Software Production

PRACTICAL
"More eyeballs is better than fewer"
(aka, don't roll your own _____)

Closed v Open Software Production

PRACTICAL
aka, this is literally what we mean by
SCIENCE and LIBRARIES AND KNOWLEDGE

Closed v Open Software Production

IDEOLOGICAL
"Software should promote freedom and be free"

ECONOMICS

Fundamentally:

The Internet reduced the marginal cost of information to practically ZERO.
Which doesn't mean "production", but "movement/dissemination"
...but

ECONOMICS

Because this is imbalanced, information is ALSO a commodity and arguably a "toxic" asset.

ECONOMICS

..also, Classic Capitalism.
Broadly disseminated info means opening up of new markets and rushes to market..
..and attempts to "corner" markets as well, even when

ECONOMICS

Even if "Information wants to be free..."
...people want to make money

HOW IT ALL GOES DOWN

Evolution vs. Intelligent Design
(from a Tech perspective)

THEORY VS PRACTICE

"In theory, there is no difference between practice and theory, in practice, there is."
- Not Yogi Berra

A Little History

(which a lot of you have already heard. From me?

Pre-Microsoft

Fun and Games and Nerds and Love..
(but also, these things are DEFINITELY going to take over)

Pre-Microsoft

Apple - Computers as fun home toys
IBM (COMPATIBLE) - A Computer in every office

ENTER MICROSOFT

Bill Gates and some cleverness:

Letter to Hobbyists

"Don't be suckers, Developers. Let's SELL this software"

The OS/2 Debacle

IBM says: Let's CUT OFF the COMPATIBLES and HIRE THIS GUY to write the new one!

Microsoft Office


An *integrated* platform...

MICROSOFT THE MONOPOLY

AKA

Your 100% essential office appliance.
..which isn't a terrible idea..until it is.

Enter the Internet, and more eyeballs

aka Linux et al.

Bill Misses the Internet. Badly

"Sometimes we do get taken by surprise. For example, when the internet came along, we had it as a fifth or sixth priority"

"I see little commercial potential for the Internet for at least ten years."

Appliances

Think about your toaster or your TV, and the "security" needed on it.

Appliances

Think about your toaster or your TV, and the "security" needed on it.
BUT, your TV or toaster isn't OUT THERE where anyone can just MESS WITH IT.

Appliances

Think about your toaster or your TV, and the "security" needed on it.
BUT, your TV or toaster isn't OUT THERE.
A universal remote for your TV? eh, cool....
...but what if EVERY Toyota key started EVERY Toyota?

WHY WOULD YOU EVEN BUILD IT LIKE THAT?

Remember: This is a *design decision.*
Computers DO NOT DO THINGS unless you SPECIFICALLY TELL/ALLOW them to.

Including "running random outside code"

Linux et al TRIES VERY HARD NOT TO DO THIS,
Microsoft specifically allowed and encouraged it (autorun.inf, the Sony rootkit) ...

WHY WOULD YOU EVEN BUILD IT LIKE THAT?

No, seriously, this is bad.

If I gave you a piece of paper that said
"Go jump off a bridge"

Would you survive?

WHY WOULD YOU EVEN BUILD IT LIKE THAT?

like seriously at least this has the courtesy to give a warning

Microsoft's incompetence in this realm cannot be understated...

..in your professor's humble opinion.
I'm not entirely sure the concept of "cybersecurity" would even exist today if they had done this right.

See also, (deliberately badly named things

like "Viruses."

Where are we today on this?

Yep, it's still horrible.
Android and Iphones still insist that you having complete control over your machine, that you buy and use is bad, and that you should just wink-wink trust them...

Where are we today on this?

..and if you work in IT, I get that you might agree. We shall see: