1 min read

Security Specialists At Demo Paint Bleak Picture

Panelists at the technology showcase agreed security problems will be around for a while and suggested different ways for reducing the risk.
Forensics is being used to track, but not stop the security breach. "Most companies just want this to go away," Palmer said. "But the bad guys are trying to cover their tracks with encryption."

Patrick asked panelists if the National Security Administration can break 2,048-bit RSA or any level of encryption. Dasgupta doesn't believe 128-bit encryption is unbreakable by the NSA, and the government is upset with technology companies that enable Internet phone calls, such as Skype, and the use of encryption in e-mail. "If we start communicating in encrypted e-mail that will raise a red flag," Dasgupta said.

The next version of IPv4, Internet protocol version 6 (IPv6), won't completely secure the Internet, Orman believes. "It has longer addresses but that doesn't help," she said. There had been intent to require IPsec security with IPv6. "The weak point is almost always the key manager and that is a big part of forensics."

Mobile devices are not immune. Less attention is being paid on protecting cellular phones and Bluetooth enabled devices in cars. Java-enabled cellular phones will give hackers another point of attack, too, Dasgupta said.