Can we have a moment of cybersecurity honesty?

The truth is sometimes hard to hear but from a point of truth there is a path to a solution. Without objective reality there is only deception. The facts:

  • Browsers are insecure*. They are appropriate for public and classified activity
  • Since 2001 there has been published guidance* for Multi Factor Authentication (MFA)
  • MFA is inclusive of Two Factor
  • Current MFA misrepresents functionality* 
  • All secure activity is based on a guess of who is providing data*
  • Every mitigation solution introduced new attack vectors*
  • Existence is the missing factor in cybersecurity*
  • Every solution using MFA authentication is compromised
  • In a binary environment there are two choices: guess or not

 

The moment a webpage to secure services is loaded into a browser, cybersecurity failed. In a binary environment every decision on a wrong fork is wrong.

“The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge.” – Stephen Hawking.

Existence strips illusionary security protocols from cybersecurity: https://lnkd.in/eNFR7Qn

References:

Chrome Dev, Eric Lawrence stated it is “Almost impossible to secure a browsers UI” https://www.theregister.co.uk/2017/01/19/browser_line_of_death/

“Authentication in an Internet Banking Environment”, August 8 2001, The Board of Governors for the Federal Reserve and the FFIEC

MFA is a “Multi” step process, to gather data as a “Factor” that is transferred for “Authentication” as DATA – one factor

“Today digital identification is based on indirect assertion of Identity. Until a direct assertion [solution] is available it [authentication] will just be an informed guess.” – Dr. Daniel R. Ford, CTO/CIO, 1st Source Bank

“With every new service or connected entity, a new attack vector is born” said Oded Yarkoni, Head of Marketing at Upstream Security http://www.autoconnectedcar.com/2019/01/automotive-cybersecurity-ces-beyond-karamba-upstream-saferide-trillium-zerodayguard/

Existence: “having objective reality”– Oxford English Dictionary

Creating and maintaining existence, “Methods and systems for internet security via virtual software” US Patent No 8,074,261 http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=8,074,261.PN.&OS=PN/8,074,261&RS=PN/8,074,261