Friday, January 30, 2009

Dial up security woes from East Africa

Two weeks ago, I upgraded my Internet connection at home. I went from a DSL (512 Kb/s download) to a fiber optics (20 Mb/s download) connection. A few days after getting this incredibly fast (and relatively affordable) connection I traveled from the East Coast of the United States to East Africa. I am actually bloging from a large East African nation to talk about how the speed of your Internet connection can affect the security of your computer.

I am staying with my parents who have been working in this country (which I will not name) for a few years. They have a 56K Internet connection, which is the most common connection for the very few how have the luxury to have access to the Internet. Since there is only one cellular phone operator in the country (state-owned, by the way) and that this operator does not offer data service, I cannot check my email with my 3G smart phone. Therefore, within days of being here, I sat in front of my parent's desktop computer and turned it on….

This computer is running Windows XP SP3. I was happily surprised since, I have to say, I was expecting it to be one or two service packs behind, my parents not being the most tech savvy people. However, what did not surprise me is the fact that many Microsoft patches, some dating as far back as October 2008 had not been installed. I checked the settings in the Security Center and Automatic Updates was turned on. Why was the computer not up-to-date?

Although Automatic Updates utilizes the Background Intelligent Transfer Service (BITS) in order to silently download the necessary files in the background, the very slow Internet connection (by today's standards) makes it difficult for the computer to keep up with the regular release of updates by software vendors.

Alright, the Internet connection is slow in this country. Yet, you might ask why my parents don't leave their computer connected for a long period of time (overnight for example) in order to download the security updates? Well, it's because there is only one ISP in the entire country and this ISP does not offer unlimited Internet for a fixed price. In fact, you pay for your connection by the minute! I also took a look at the state of the antivirus solution installed on my parent's machine. Last update: October 8, 2008. For someone like me who analyzes malware and researches vulnerabilities on a daily basis and knows how dangerous the Internet can be without proper security solutions, the poor shape of this computer from a security standpoint was just frightening.

I am certainly aware that software is much more complex today than it was a decade ago, which somewhat explains why files are in average larger now than they have ever been. On this trip, it occurred to me that software that requires access to the Internet seem to be designed with the assumption that the average user will have a broadband connection. While is true for most of America, Western Europe or South Korea, at the same time, in many rural areas in developed countries and in many emerging nations, a 56K connection like the one I am using to post this blog (Ed: or not) is usually what the average computer user has access to. The data on my computer is no less important because I have slow Internet connection than if I if I had a very fast connection. In order to protect my data and my system I need to be able to download security updates regularly and promptly.

In conclusion, I am calling for all of us in the field of computer security to keep this large segment of the world population in mind when we release rules, signatures or patches and to provide many very small incremental updates that can easily be downloaded by people with very slow Internet connections, like the updates provided by Snort and ClamAV.
Add to Technorati Favorites Digg! This

No comments: