Jul 08 2008
I’ll be heading out shortly to Vancouver’s monthly social media marketing extravaganza, social change seminar and blogapalooza, Net Tuesday. Some of my favorite technorati types will be heading up the event, like social media evangelist Dave Olson (AKA Uncle Weed) John Bollwitt and Rob Cottingham. It will be a regular geek-fest (That’s a good thing, people).
Taking part in this kind of activity alongside my fellow bloggers and tech-people, immersed in this Web 2.0 world has been a lot of fun. But thanks to my new gig in the field of web security technology, I’ve been learning a lot about the safety of the architecture we’re using to do our thing. It’s been a wake-up call.
The vast majority of websites are pretty much uncontrolled breeding grounds for hackers to steal the information of anyone who uses the websites. Most organizations and companies haven’t taken even the most basic security measures. (Check out the video below to see a kung fu-style dramatization of the process of hardening one’s website against hackers.
And blogs ain’t immune. I just had my company conduct a website security audit on one of the many blogs I’ve authored (and no, I’m not going to mention which one and put out a welcome mat to cyber criminals) to see if WordPress’ software was vulnerable to hackers.
Turns out, the blog had problems; the test turned up 62 vulnerabilities of varying severity. This is far, far less than a company we recently scanned that is involved with security and privacy issues (the sad, sad website literally had a vulnerability exposed on every single page — we’re talking thousands of openings for hackers to exploit). But it was still pretty alarming.
So here’s the question: at a time when everyone is calling for better protection from corporations and government to protect their information, don’t bloggers also need to be responsible and provide a secure environment for their website visitors? Is it beyond our capabilities (financial, technical), or are we just making excuses that allow cyber criminals to get away with their crimes?