A few weeks ago PC security company McAfee released an update to its anti-virus soft- ware. For some customers, the update mistakenly destroyed a legitimate and crucial file in the Windows operating system. Hundreds of thousands of personal computers, perhaps millions, were rendered unusable. One university lost the use of 8,000 of its 25,000 PCs, and some affected hospitals turned away non-trauma patients from their emergency rooms. This debacle is an example of a structural failing in security that echoes across the entire internet.
We can call it the “Fort Knox” problem. The famed US bullion depository offers security through centralisation. Gunships, tanks, and 30,000 soldiers surround a vault containing more than $700bn in gold. But while such centralisation is ideal for a government's bullion it is an awful model for internet security.
Traditionally, we have had decentralised security: if one PC is compromised, or one website fails, others will carry on. But in the past few years cyber attacks have leveraged their reach through increasingly sophisticated digital “bots”, which crawl the web looking for computers and sites to compromise. Those with well- financed websites have spent enormous amounts on digital bunkers, while others simply hunker down.