Security and Privacy

On the Difference between Security and Safety

My attention of late has been drawn more and more to the distinction between safety and security, and the methods needed to achieve them.

Credit: Wikimedia Commons Vinton G. Cerf, Google Vice President and Chief Internet Evangelist

A great deal of attention has been paid to the security of the Internet and World Wide Web. Great scrutiny has been given to open source libraries, operating systems, protocol implementations, and other software artifacts. Attention has also been paid to hardware, side-channel attacks, supply-chain attacks, malware, ransomware, denial-of-service, and all manner of other types of attacks. Zero Day bugs are sometimes hoarded and kept secret for later use.

My attention of late has been drawn more and more to safety, especially to the distinction between safety and security. They are related, but they are not the same. Even in a secure system that is immune from external attack and compromise, safety can still be a high-order risk factor. Phishing attacks are launched through systems that are otherwise thought to be secure. For example, an email can arrive protected by TLS or VPNs or QUIC channels and still constitute a safety hazard. In that case, it is the content itself that is hazardous. Malicious postings, misinformation, and disinformation can wreak havoc despite security measures, even though the information arrives via legitimate, secure pathways.

Safety often requires users to exercise critical thinking and good judgment; people should be taught and know how to detect scams in advertising and via emails, for example. Scam messages often appear to come from someone you know, if your contact list has been compromised. They almost always carry an element of urgency—for instance, “Help, I have lost my wallet and passport and need funds!” or “I don’t have time to get a gift for my friend. Can you send a gift card?” Some of these messages used to play on greed and now they trade on so many people’s willingness to help a friend. Some of the worst scams prey on people grieving lost friends or family or who want to help during disasters.

The point is that different methods are needed to achieve security and safety. The latter, while sometimes dependent on technical means such as two-factor authentication, more often requires potential victims to stop and think, especially when urgency is emphasized—for instance, “Help, we need to transfer funds immediately or our lease will be canceled!” Ironically, some of the most useful applications on the Internet, email, websites, chat rooms, social media—accessed via HTTPS or validated with DNSSEC, DKIM, DMARC and SPF—provide secure channels through which scams and spoofs are exercised.

Like safe driving practices that assume other drivers are not reliable, safe networking requires us to be skeptical of messages that try to stampede us into action without enough forethought. More than once, in this column, I have raised the idea of an Internet Driver’s License that would show evidence that we’ve been inoculated against various forms of social engineering attacks. I am not really suggesting we require a government-issued license to use the Internet, but I am suggesting that we have training programs designed around the idea of making network use safer. Users should know about URL/domain-name spoofing, domain-name typos, and tricks used to hide the real origin of messages. Some of the more sophisticated attacks involve malware such as infecting PDF files or HTML web pages. While most users are not equipped to diagnose an infected attachment, they can be warned against opening attachments that might be suspect, or carelessly clicking on links that make false claims, such as, “WOW! You gotta see these photos of your friends!!”

While none of these observations are new, they serve as reminders that safety is not guaranteed by purely technical means. Wetware is needed.

Join the Discussion (0)

Become a Member or Sign In to Post a Comment

The Latest from CACM

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More