Blowfish, blows

I recently read an article that reported a new vulnerability found in one of the most long lasting and trusted encryption protocols on the internet.  It really sent home to me the issues associated with our online activities and I wanted to share those with you.  Here is the article:

http://lwn.net/Articles/448699/

This article highlights the main reason I started this site. The technology the internet is based on and the security protocols we place are trust in were first conceived decades ago and were not designed for the web we know today. Security is very much a bolt on to a technology that, even though still revolutionary today, is really not suited, by design, to the intended purpose. All it takes is a very minor omission in a line of code to render that code harmful rather than secure. The difficultly here is that we don't know how many omissions exist in the software we use today and so we need to be more careful than we might think to ensure we stay safe.

Casting my mind back to those management training courses at work where they roll out the health and safety courses reminds me of the swiss cheese model. This is a very simple model that says there are many barriers that prevent us from getting hurt, but if all the holes in the cheese line up then an accident happens (which is bad). The more barriers between the hazard and the person the better. We need to adopt this same approach when thinking about computers and our online activities. Relying on just one barrier has the potential to allow a flaw in the software code that creates that barrier to harm us. I use the term 'harm' exceedingly loosely, but I hope you get the point. We need to ensure we think a little bigger. I will expand on this concept in future blogs as I think this really sows the seeds for responsible online behaviour. By understanding that those things which should be secure are not, allows us to put in contingencies so we have a better chance of not being caught out.