lundi 8 décembre 2003, par BRUNNSTEIN Klaus
Faster than any technology before, Information and Communication technologies (ICTs) continue to change economies and societies in ways affecting many aspects of human lifes. After short times of usage of these technologies, organisations and individuals have become so dependant upon proper functioning of highly complex and hardly understandable systems that any deviation from « normal » behaviour may have adversary if not damaging effects.
In many cases, contemporary technologies have been designed and implemented without adequate provisions for safe and secure working. Contemporary systems contain conceptual faults and programming errors which may be « exploited » with negative impact on usability of programs and content of data. Moreover, today’s system technologies can easily be attacked even by experimenting pubertarian boys e.g. by injecting viruses and worms into The Internet which then rapidly propagates these malicious gifts (in some cases even in epidemic amounts of up to 100 million emailed worms per 24 hours) into enterprises, offices, schools as well as into PCs of everybody. Moreover, Internet communication protocols are weakly designed, and it is easy to « spoof » ones email adress, to « sniff » and to intercept messages and content such as transfer of electronic funds. In order to protect the yet overly complex systems from such attacks, the usual solution is to add more complexity : firewalls, antivirus software, encryption. In longer prespective, concepts of safety and security should be embedded into the systems to protect themselves without foreign help.
Concerning the impact of ICT related vulnerabilities, two kinds of reaction can be observed. Aware of these risks, some users follow a « dont care » strategy. This applies esp. to young people which leave many data related to their personal behaviour when surfing websites with potentially interesting economic or sociological content. On the other side, some users wishing to exclude such risks follow a strategy of « don’t use ». As both reactions imply many risks in the Information Society, education to work with unsafe and insecure systems may help to protect users from unwished side-effects of ICT work.
Klaus Brunnstein teaches Security of Information and Communication technologies at Hamburg university, Germany. Among others, he founded the Virus Test Center (VTC) for the analysis of malicious software (viruses, worms, Trojan horses, backdoors, spyware).
Klaus has studied Physics where he received his diploma (in 1964) in High Energy Physics with a work on nucleon structures. He received his doctor degree (1967) with a first hydrodynamic computer model of ships. At German Electron Accelerator (DESY) in Hamburg, he worked as system engineer esp. about networks of experiment computers connected to large mainframes computers for evaluation of data. He also developed « High Energy Physics Index » (HEP) which classified and distributed, as an early Library Information system, new articles related to their innovative contributions to High Energy Physics. During his work at DESY, Klaus supported the preparation of the Institute (now Faculty) for Informatics where he (in 1973) became the 1st professor for application of Informatics.