Security Year in Review by Mixter

Mixter is a security expert, author of several open source security tools and whitepapers. Since 2000 he’s been working with Hacktivismo, a cDc-sponsored “non-profit research and development group.” He is a senior developer at a Germany-based security/crypto company.

The development of the security scene in 2002

It’s not easy to say, but I would say that this year was (unfortunately) very politically dominated, with new anti-hacking laws coming into place, especially in the US, and so on.

We’ve seen that the DDoS threat isn’t over, since half of the DNS root servers got hit by an attack.

What 2003 will bring

With the media hype generated about the possibility, I’m sure there will be superworms (exploit-using platform independent worms) out relatively soon. Also, Microsoft security continues to be a problem with MDAC- and RPC-related vulnerabilities.

The more positive things now and in the future seem to be the maturing of security standards, for example encryption and (AAA/EAP) authentication in 802.11.

With the current political trend, I’m also sure that personal and corporate security, especially confidentiality and encryption, are gaining importance for more people, and we’re going to see a lot of movement and new developments both individual and corporate in those areas.