It was roughly two years ago today that I started my blog and released my first short story, DAISY, and set my first nonfiction work, Understanding IT. I wanted to take a step back to look at the performance of my various projects, and I realized something very important: Advertising is incredibly important, and something that I've completely neglected.
There's been a lot of publicity about a new router, called the anonabox, that promises to make all of your anonymous browsing dreams come true through an open-source software known as TOR. Given that I'm a lover of Kickstarter and an outspoken critic of a lot of voyeurism on the Internet in the post-Snowden world, a lot of my colleagues have approached me on what the hell TOR is, and whether or not this router is worth the pledge.
TOR, stands for The Onion Router, an open source software that has been keeping clandestine journalism safe for years. TOR is a vital tool to ensure the security and integrity of The Open Internet, and it is something that helps ensure journalistic integrity and the freedom of protest and speech. This is absolutely a cause worth supporting, and the anonabox promises to be a way to exchange money ($48) for the convenience of not having to download and tweak the open source TOR software onto each of your computers. However, as backlash against the project has already proven, the largest enemy is going to be unmet expectations.
Security can be an overwhelming topic to get started and as a result, a concept known as Defense in Depth has been making its way across the industry for the last couple of years. Defense in Depth is an organized and systematic way to ensure that your network is as unattractive to hackers as reasonably possible. Keep in mind that there is no such thing as “unhackable,” so the object of security is to make the costs of attacking your network more than the benefit of doing so without incurring more cost in defense than your network’s security is worth. Defense in Depth does this by breaking the security process down into eight distinct phases.
- Security Through Obscurity
- Establishing Identity
- Encryption and Hashing
- Hardening your Devices
- Preventing Intrusion
- Adhering to Laws
- Routine Maintenance
- User Education
These sections are only a snippet of the fifteen pages that I've dedicated to security and privacy in my 140pg book, Understanding IT: Decoding Business and Technology. I've posted this to introduce the concept of Defense in Depth as it relates to the Malware Business Model and as a precursor to Cutting The Cord, Episode Four: Securing Your Network [Episode One and Two]. The topics covered here may be broad strokes, but before a specific technical understanding can be reached, the frameworks have to be established.