Is security something that can be calculated or measured? Is security an existing measure or a superstition/belief. Can security be seen, heard, told or can it just be felt? Billions of dollars are spent on security – physical, virtual, political, geographical etc. and most of the times, security has proved to be competent enough to handle all kinds of ‘existing’ threats. But usually with coin flips there have been a floating news every now and then, of security breaks due to an innovation in destructive vectors or a creative mindset of it’s counterpart or the worse being a slip in the human, by the human.
Whether security or hacking (lets assume, its an opposite of security), both are based on a single rule – Overshadow the existing control; both of them killing the known existence of each other. Security works in patching the existing attack vector, wherein the hacking works attacking the existing secure vector. So, what does this mean? This means, security can block an existing (therefore old) attack, but hack can attack anytime on existing security. All in all, ‘hack’ will win in this virtual world. I don’t want be too pessimist when it comes to strengths and innovation in security, but again, we think security on the grounds of existing attack vectors and it’s way too tough to relate security on any incidence which has never happened.
Next time you come across security and hacking … think again and even if you quarantine a file, kill a connection, drop a packet … appreciate the creativity, and knowledge of it’s developer.