Truth About Computer Security Hysteria
Grandma is a heinous potential threat to the Internet
Saturday, 29 September 2001
DEAR GRANDMA, I regret to say I must deny your request to buy a PC. To put it bluntly: you're a heinous potential threat to the Internet. Mom cannot veto my decision, so don't waste your breath with her.
I declined your request based on certain key factors. Among them:
Grandma, I turned down your request for a PC because you're a heinous potential threat to the Internet. You could easily drive Amazon.com out of business overnight if your PC turned into a deadly zombie.
Even worse, a cyber-terrorist could turn your cheap PC into a weapon of mass destruction with the power to cripple U.S. military command & control systems...
- You asked for the inexpensive new Dell PC (as seen on TV) with a Pentium 4 processor. An old biddy like yourself doesn't need such a powerful CPU for typical email & web surfing.
- You live in a ZIP code which supports either DSL or cable Internet service. You failed to explain why an old biddy like yourself needs such a large pipe to the Internet.
- The primary high-bandwidth Internet provider in your neighborhood offers Cisco products to its customers. Their equipment fell prey to "port 80 buffer overflows" during the Code Red catastrophe. You failed to indicate a preference for non-Cisco products.
- You failed to specify how often you will update your antivirus software. You also failed to specify a long-range plan when your PC's default antivirus update subscription expires.
- You requested the new "Windows XP" operating system, but you answered "no" when asked if you would cripple it as a safety precaution. An old biddy like yourself doesn't need such a powerful OS for typical email & web surfing.
- You failed to specify how often you will visit Microsoft's website for software patches.
- You failed to supply a generally accepted security configuration to detect and prevent malicious activity on your PC.
- You answered "yes" when asked if you would give untrusted grandchildren full administrative access to your computer.
- You expressed a desire to install "Microsoft Flight Simulator" to entice great-grandkids to visit more often. Aircraft games and force-feedback yokes were outlawed by the new U.S. Homeland Defense office as a "heinous threat" to national security. I reported your intentions to FBI NIPC as required by federal statute.
- You answered "yes" when asked if untrusted employees (i.e. nurses & orderlies) might use your PC during unsupervised periods.
You did not submit a certification & accreditation package. [doesn't normally apply to old biddies]
I regret the fact I must turn down your purchase request, Grandma — but I had no choice as you can plainly see. You present a heinous potential threat to fragile Internet companies like Amazon.com, CNN, eBay, and Vmyths. You could very well drive these firms (and many others) out of business overnight if your PC turned into a deadly zombie.
Sorry, Grandma! You can't buy flight simulator games and force-feedback yokes to entice great-grandkids to visit you more often. Those products were outlawed by the U.S. Homeland Defense office as a heinous threat to national security...
EVEN WORSE, GRANDMA, a cyber-terrorist could turn your cheap PC into a "weapon of mass destruction" with the power to cripple U.S. military command & control systems.
An ultra-classified hypothetical experiment proved your PC is capable of doing more damage to our great nation than what happened to the World Trade Center. Presidential appointee Richard Clarke insists the U.S. will need "a reconstitution plan" just to survive an electronic Pearl Harbor. We can easily rebuild after any given act of physical terrorism, but we cannot recover from a cyber-terrorism attack.
Society cannot afford you the luxury of owning a PC, Grandma. I'm sorry.
If you so desire, you may apply for permission to buy a Linux server pursuant to your submission of a complete certification & accreditation package. I can sign off the antivirus portion, but you'll need to ask one of Aunt Sandra's kids to sign off the anti-hacking portion. You will also need to hire a CISSP network administrator to maintain your server in accordance with generally accepted security guidelines.
(Oh, and please don't ask for Red Hat Linux. It'll doom your request for security reasons.)
Internet security expert