I used to drive a Toyota pickup whose non-functioning ignition switch I replaced with an array of 3 ordinary household toggle switches for: engine, starter, dashboard. Not what you'd call advanced security; anyone could start my truck and drive off without a key (if they could figure out which switch was which.) At the same time, I lived in a farm house with 4 exterior doors, only one of which had a working keyed lock, and that one key was a big skeleton key, too cumbersome to carry about with me. For eleven years I lived a completely key-less life. And never had a problem with auto theft nor home burglary nor vandalism.

Not that I lived in a crime-free area. I'm sure there were many instances of auto theft and burglary in those same eleven years. For example, my neighbor Dave was the victim of a break-in theft, in spite of the fact that his home was equipped with a state-of-the art security system. Or - was it because he had hi-tech security that he was victimized, and not I?

Imagine a would-be burglar coming to my house when I'm not home and finding the door unlocked. "Yikes!," he might say to himself, "this guy must be nearby, or he wouldn't leave his house open like this!" Or someone in a darkened parking lot thinking about hot-wiring my truck - but how do you hot-wire a vehicle that has no keyed ignition? The unusual and unexpected lack of security would be alarming to most criminals. By contrast, the presence of a state-of-the-art security system is an attraction to the modern burglar. The system's presence indicates that there must be something worth stealing, probably there are no other significant safeguards, and the system's familiarity is a green light to bypass its well-known security measures and proceed with the theft.

Such has become the internet. Long gone is the early concept of a free and simple exchange of information. The web is increasingly overrun with spammers, hackers, and identity thieves. So protective protocols were developed, but as these have grown more complex, the hackers' expertise has kept pace. Don't be fooled: each new security protocol is certain to be deciphered and exploited in short order, probably even before your browser and your favorite website are upgraded to take advantage of its promised security.

Ugly security

The problem, as I see it, is three-fold. First, each new protocol adds greatly to the 'handshake' exchanged between your computer and the server, which makes the initial connection slower and slower, adds to your monthly internet bill if you have metered service, and makes it nearly impossible to access some web pages if you have a slow connection. Meanwhile, rest assured that the hackers all have modern high-speed equipment. The increased traffic overhead is a problem for legitimate surfers, but not for the bad guys!

Secondly, as noted above, the 'https' protocol becomes, not a deterrent, but an invitation to hackers, a promise that there's some valuable encrypted information, free for the hacking.

Thirdly, and most seriously, ask yourself who are the bad guys? When you post personal information to your Facebook page, are you comforted by the fact that you are using an up-to-date security protocol? That your secure browser is 'approved' by Facebook? Or that your 'secure' browser approves of Facebook's security protocols? Do you really trust Facebook itself? Really? Facebook doesn't need to hack your personal data; you've handed it to them willingly, like a docile, trusting lamb. How many people must sacrifice their identity before people understand that Facebook is one of the wolves?

Who are the engineers of the increasingly complex security measures? Google. Microsoft. Do you trust them? And the baddest wolf of all: the National Security Administration. Remember the Snowden leaks? Yet the NSA continues to contribute to the design of each new protocol, specifically so that they may more easily exploit them and harvest people's internet data.

My response: let Facebook and Microsoft and the NSA chase one another's tails. Welcome to Jerry's Blog. When you navigate here, or anywhere on my CyberJerry site, that's all you're doing. Here there are no Google ads, no links to Facebook. (I suppose you could 'Like' CyberJerry on Facebook, but there are no links here to do so.)

Obviously, if you post a comment, it will be openly published to the world; that's the whole point. But if you want to send me a private message, or create a member profile telling me your real name and email address, rest assured that your data will never be given to the wolves. Even if Google or Microsoft were to track you here, they won't be able to harvest any information, because CyberJerry does not transmit your data via an 'approved' encryption protocol. I use my own encryption techniques, unpublished, and subject to my own revision. Your identity and personal data are safe here at CyberJerry, regardless of your browser's dire warning that the site is insecure. In fact, if your browser is warning you that Jerry's Blog is (gasp!) not secure, perhaps that's a sign that you ought to be careful with your browser, especially when visiting sites that it considers 'secure'!

Besides Jerry's Blog, this site contains a private message board available only to Lenore and myself, at least two data bases for my own personal use, and at least three other places where visitors may post private (unpublished) information. Here's a challenge to any would-be hacker: demonstrate to me that you can steal or intercept any of these private data, and I will openly admit defeat, and will publish my admission right here. Am confident that my challenge will go unanswered, or that any attempt to answer the challenge will result in failure. How confident? I will share more technical details upon request. Just ask! CyberJerry is neither running with the pack, nor running in fear away from it; just let the wolves chase their own tails. You, the legitimate CyberJerry surfer, have navigated away from the bad guys.

1 comment:

GUARDSET was certainly cheaper than $800 million but the government was against it. let them hack all they desire; i have no secrets. L.

Your new comment -

Sign In as member

(nick) name :

verification code:

or as guest

ID:   verification code:
By submitting a comment, you include it in this site's GPL license. You agree that your words are not already protected under a more restrictive license, and may be freely quoted, copied, and shared per GPL.