Click here to close now.

Welcome!

@CloudExpo Blog Authors: Automic Blog, Jnan Dash, Liz McMillan, Elizabeth White, Pat Romanski

Related Topics: Cloud Security, IoT User Interface, @CloudExpo Blog

Cloud Security: Article

Thank You Twitter Hackers

The repeated Twitter hacking exposes the complex and serious security issue on the web

Twitter on Ulitzer

The repeated Twitter hacking exposes the complex and serious security issue on the web.  Unfortunately for Twitter (Google Apps, Facebook, and others), the problems have unfolded in a public arena, forcing them respond quickly to calm users and resulting in a short term solution (that clearly has not been working!).  What is unknown to many internet users is that the problem doesn't end with Twitter's band aid approach, nor is the intrusion limited to internet sites. The security issues don't start here - they start with the platforms and applications that don't enable software to be developed with the proper security.  Fortunately for the software developers but unfortunately for the public, the greater problem has stayed out of the headlines of mainstream media outlets.

It's time to end the "if it ain't broke, don't fix it" attitude.  It is broken, even if the public doesn't understand that! Any software technology that will be used by businesses or individuals, as well as by governments or militaries, must have proper security.  The recent media attention about the Twitter hacking has generated a panic which is important because it will force the technological industry to start upholding the security standards that should have been in place long ago. 

Everyone enjoyed the internet more when we weren't aware that we were being exposed and that our personal information was being compromised.  But now that we have a real problem, let's talk about a real solution. There are 2 main issues that need to be addressed, and they both involve the dissemination of information. 

First, internet users need to understand that they are vulnerable on the web; just because someone may be sitting in his or her own home doesn't mean that they are not on public display.  It's like a one way mirror. You could dance around naked without realizing that a room full of people is watching you from the other side. Once you know it is a one way mirror, you may still choose to dance, but at least knowing you have an audience will allow you to make an informed decision about your behavior.

If the public chooses to use the same password on every site, use unsecure cloud applications, or visit sites that demand cookies, that is a chance they are taking, but at least they now know the potential threats and dangers, so that they could make an educated choice about their computer activities.

The second main issue is the responsibility of educating the public that there are secure technological options and they should utilize the applications and sites which hold by the highest standards.  The public believes that technology is weak and penetrable because there is no alternative; unfortunately that is not true.  Developers around the world are working around the clock to develop programs and applications that are fully secure, and they have been successful.  Unfortunately, their success has been limited by companies like Twitter who simply refuse to use platforms that are adequately secure and which give a bad name to all developers.  These irresponsible companies compromise on security at the expense of the public.

When there are physical dangers, we work to increase protection. Whether it is safe sex, safe driving, or safe health practices, the effort comes from both the top and the bottom - the public demands it, the government supports it, and industries comply.  It's time for technology to have the same practices that other aspects of our lives do.  Twitter has done a disservice for all of us by having low standards, while the hackers have done a great service is bringing the problems - and the solutions - to the public eye.  Let's start rebuilding confidence in technology again.

More Stories By Navot Peled

Navot Peled is the CEO of Gizmox, whose Visual WebGui open source platform offers unhackable security on the cloud.

Comments (1) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
loresayer 08/17/09 06:45:53 PM EDT

Kind of harsh on Twitter, aren't you? If some Russian hackers direct their bot-nets across the world in a DoS attack on your Web application, as they did against this one Georgian Twitter user, would any of us be able to withstand a torrent of requests from all over the Earth, from billions of PCs?

Twitter is built on simplicity, delivering 140 character messages, LOTS of them, to millions of users. So, it's not hardened like an army tank nor is that necessarily the right architecture for it to have.

@CloudExpo Stories
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi’s VP Business Development and Engineering, will explore the IoT cloud-based platform technologies drivi...
In the midst of the widespread popularity and adoption of cloud computing, it seems like everything is being offered “as a Service” these days: Infrastructure? Check. Platform? You bet. Software? Absolutely. Toaster? It’s only a matter of time. With service providers positioning vastly differing offerings under a generic “cloud” umbrella, it’s all too easy to get confused about what’s actually being offered. In his session at 16th Cloud Expo, Kevin Hazard, Director of Digital Content for SoftL...
Agile, which started in the development organization, has gradually expanded into other areas downstream - namely IT and Operations. Teams – then teams of teams – have streamlined processes, improved feedback loops and driven a much faster pace into IT departments which have had profound effects on the entire organization. In his session at DevOps Summit, Anders Wallgren, Chief Technology Officer of Electric Cloud, will discuss how DevOps and Continuous Delivery have emerged to help connect dev...
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society-changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his session at @ThingsExpo, Jason Mondanaro, Director, Product Management at Metanga, discussed how you can plan to cooperate, partner, and form lasting all-star teams to change the world...
Internet of Things is moving from being a hype to a reality. Experts estimate that internet connected cars will grow to 152 million, while over 100 million internet connected wireless light bulbs and lamps will be operational by 2020. These and many other intriguing statistics highlight the importance of Internet powered devices and how market penetration is going to multiply many times over in the next few years.
Internet of Things (IoT) will be a hybrid ecosystem of diverse devices and sensors collaborating with operational and enterprise systems to create the next big application. In their session at @ThingsExpo, Bramh Gupta, founder and CEO of robomq.io, and Fred Yatzeck, principal architect leading product development at robomq.io, discussed how choosing the right middleware and integration strategy from the get-go will enable IoT solution developers to adapt and grow with the industry, while at th...
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, reviewed the current landscape of...
Malicious agents are moving faster than the speed of business. Even more worrisome, most companies are relying on legacy approaches to security that are no longer capable of meeting current threats. In the modern cloud, threat diversity is rapidly expanding, necessitating more sophisticated security protocols than those used in the past or in desktop environments. Yet companies are falling for cloud security myths that were truths at one time but have evolved out of existence.
The time is ripe for high speed resilient software defined storage solutions with unlimited scalability. ISS has been working with the leading open source projects and developed a commercial high performance solution that is able to grow forever without performance limitations. In his session at Cloud Expo, Alex Gorbachev, President of Intelligent Systems Services Inc., shared foundation principles of Ceph architecture, as well as the design to deliver this storage to traditional SAN storage co...
"We provide a web application framework for building really sophisticated web applications that run on a browser without any installation need so we get used for biotech, defense, and banking applications," noted Charles Kendrick, CTO and Chief Architect at Isomorphic Software, in this SYS-CON.tv interview at @DevOpsSummit (http://DevOpsSummit.SYS-CON.com), held June 9-11, 2015, at the Javits Center in New York
The Internet of Things is not only adding billions of sensors and billions of terabytes to the Internet. It is also forcing a fundamental change in the way we envision Information Technology. For the first time, more data is being created by devices at the edge of the Internet rather than from centralized systems. What does this mean for today's IT professional? In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists addressed this very serious issue of pro...
"Plutora provides release and testing environment capabilities to the enterprise," explained Dalibor Siroky, Director and Co-founder of Plutora, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
SYS-CON Events announced today that JFrog, maker of Artifactory, the popular Binary Repository Manager, will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based in California, Israel and France, founded by longtime field-experts, JFrog, creator of Artifactory and Bintray, has provided the market with the first Binary Repository solution and a software distribution social platform.
"We got started as search consultants. On the services side of the business we have help organizations save time and save money when they hit issues that everyone more or less hits when their data grows," noted Otis Gospodnetić, Founder of Sematext, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Discussions about cloud computing are evolving into discussions about enterprise IT in general. As enterprises increasingly migrate toward their own unique clouds, new issues such as the use of containers and microservices emerge to keep things interesting. In this Power Panel at 16th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the state of cloud computing today, and what enterprise IT professionals need to know about how the latest topics and trends affect t...
DevOps tends to focus on the relationship between Dev and Ops, putting an emphasis on the ops and application infrastructure. But that’s changing with microservices architectures. In her session at DevOps Summit, Lori MacVittie, Evangelist for F5 Networks, will focus on how microservices are changing the underlying architectures needed to scale, secure and deliver applications based on highly distributed (micro) services and why that means an expansion into “the network” for DevOps.
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
Public Cloud IaaS started its life in the developer and startup communities and has grown rapidly to a $20B+ industry, but it still pales in comparison to how much is spent worldwide on IT: $3.6 trillion. In fact, there are 8.6 million data centers worldwide, the reality is many small and medium sized business have server closets and colocation footprints filled with servers and storage gear. While on-premise environment virtualization may have peaked at 75%, the Public Cloud has lagged in adop...
SYS-CON Events announced today that BMC will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. BMC delivers software solutions that help IT transform digital enterprises for the ultimate competitive business advantage. BMC has worked with thousands of leading companies to create and deliver powerful IT management services. From mainframe to cloud to mobile, BMC pairs high-speed digital innovation with robust...
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along...