22 april 2009
Een groep beveiligingspioniers die de grondsag heeft gelegd voor de encryptie die vandaag de dag wordt gebruikt om Internet en Internetcommunicatie te beveiligen is deze week samengekomen in het 'Cryptographer's Panel' van de RSA Beveiligings Conferentie in San Francisco. Er werden verschillende vragen over cyber-beveiliging aan de orde gesteld, maar het onderwerp dat de agenda beheerste was 'cloud computing'. 'Cloud computing is a challenge to security, but one that can be overcome', zo zegt Whitfield Diffie, Chief Security Officer van Sun Microsystems. 'I believe cloud computing will get to (the point) where no real program…will be done anymore on the computers of the company that's doing it'. 'I'm worried about cloud computing', zo zegt Adi Shamir, hoogleraar computerwetenschap aan het Weizmann Institute of Science in Israel. 'While a virus or other problem on a desktop computer can be a big annoyance, computation centers in hosted computing could spread problems more widely', zo vertelde hij. Bruce Schneier, Chief Security Technology Officer van BT Counterpane, zei: 'I'm kind of bored with it. Cloud computing is presented as a new paradigm…but fundamentally I don't see a lot of differences between it and client-server and dumb terminals. It's still all about trust'.
Ronald Rivest, hoogleraar computerwetenschap van het MIT, voorspelde dat 'cloud computing' 'will really be a focal point in our work in security. … I'm optimistic about cloud computing. I think a lot of us have hard work to do'. Gevraagd naar hun gedachten over de mogelijkheid van een 'Digital Pearl Harbor' lieten de onderzoekers weten dat 'the threat is hyped'. 'The talk about risks of a cyberattack on the magnitude of a Pearl Harbor strike is overblown', zei Schneier. 'The real threat will be boring things like viruses, identity theft, and buffer overflows. We're better as an industry if…we look at the more common risks…that cost (people) money'. 'We're more likely to suffer a digital 9/11', zei Diffie. 'Pearl Harbor was an attack by a known entity as opposed to an unknown threat from a mysterious source, as cyberattacks tend to be', zo zei hij. 'I think we could suffer some astounding event'. Shamir zei dat 'cyberattacks should be put in perspective and compared with other events that can have even more serious consequences. If the government has extra money to spend they should spend it on regulating the financial markets and not spend it on regulating cybersecurity', zo meldde hij. Martin Hellman, professor emeritus van Stanford, zei dat hij 'have been focusing on nuclear weapons security lately and looking at how risky nuclear deterrence is with my NuclearRisk.org site. It's at least 1,000 times riskier than having a nuclear power plant located near your home'. Technologie 'has given human beings power that has historically been reserved for the gods; the ability to create new life forms, the ability to destroy civilization, and the potential for creating unbelievable cooperation or unbelievable chaos', zo zei hij. 'Our species is like a 16 year old with a new driver's license who somehow gets his hands on a 500-horsepower Ferrari', waar hij aan toevoegde 'that people need to learn to control our impulses or risk destroying everything'.