Why is the Internet said to be an untrusted network?

From Wikipedia

In computer security, a DMZ (sometimes referred to as a perimeter networking) is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet.

Why does it say …

larger untrusted network, usually the Internet.

I often see that the Internet is said to be an untrusted network. Are there any reasons for it?


Solution 1:

I like analogies. You should too.

Don't trust the internet. It's scary.

I haven't slept in 35 hours Imagine the internet is the ocean. It is pretty big and imposing and full of weird and wonderful creatures that may or may not want to eat you alive. Fortunately for you, you've been taught from a young age that wherever you go there's going to be a few creatures out there that can't wait to nibble on your innards, but that they're like 30 feet long and such a rare sight you will probably win the lottery 3 times in a row before you get bit by one, and that you shouldn't worry too much about them. What they didn't teach you in school is that these nibblers are literally everywhere and come in various sizes.

Its harder than you think to come up with 7 fish off the top of your head.

Your innards are pretty important, and you don't want anything nibbling on them. Being the persistent person determined to go for a swim, you strive to find a way to swim without a care in the world, knowing that it can't be you whose luck is so short to get nibble'd.

Luckily for you, your parents are veterans of the Nibbler War of the 70's, and partially solved the problem by surrounding themselves in a Faraday cages. So, they put you in a cage (despite your protests) and drop you in the ocean with some scuba gear. In your cage, you are safe from the innard-eating sea creatures, and you can swim happily within its confines without fear of the sea creatures. Maybe the cage isn't as tight as your parents thought it could be, and you manage poke your appendages out (which the innard-eating fishes will jump on in a flash if they smell you); but that's your parents fault for not putting enough bars in the cage.

It's lonely out there on the internet.

Ok that's a pretty terrible analogy, but the point is this; big companies don't want their data compromised so they put things into private networks where they know that hackers won't be able to touch them without going through a great deal of effort first (or some amazing social engineering). But since you can still access the internet, there is a chance that your own computer will be compromised, which would expose the greater network.

Since the company controls what information can go through, they can mitigate the damage of public facing sites, and be happy that none of their internal network stuff were exposed

Solution 2:

To answer "why Internet is unsecure?", we actually need to understand "How Internet works?". And taking it one step further, let's ask "What is Internet?".

What is Internet?

A junior grade text book will define Internet as network of networks, and that remains true to a CTO level. In practical terms, start thinking from the fact how are you reading this text. You are reading this from either your personal computer/laptop or from an office desktop. If it is a personal computer, you are connected by dialing to the ISP, or if you are on LAN, someone else has done that step for you. A LAN itself is a network, though smaller. A LAN will have computers and routers (may be servers).

When LAN gets connected to ISP, to which more PCs, Servers, routers and LANs are connected, it becomes part of a larger network. When these larger network gets further connected, we end in having a huge network, called Internet.

How does the Internet work?

Again let's go back to the basics. How can any two computers talk? They send packets of information to each other, which are provided in a well defined protocol, which both systems understand. Think of it as one person sending a letter to another, letter is the packet, and protocol is some simple rules that will make sure that information is conveyed properly.

For example, I am writing in English and you understand what it means. Now if the second person is far away such that person one cannot deliver the letter himself, he will need to trust mediators. You may use the post office or a courier service. Now if the place is far away, one post office will send the letter to second, which will pass it further till it reaches the destination.

The same analogy works for Internet. When you are sending or fetching information on the Internet, it has to pass through many routers and servers.

Why is Internet unsafe?

Is the information in your letter safe when you post it? Yes, but only till a point when a post office worker, or someone on the way opens it. Same is true for Internet.

As the information is passing through so many routers and servers, or data is actually residing on some server, anyone who can gain access can fetch that information. Of course there are safety measures, protocols (SSH/ https) and encryption are commonly used. But any algorithm that can secure the information, will also have a counter-algorithm, that will enable to gain access.

So simply putting it, your data is hundred percent safe till you are on an isolated system, the moment you get connected to a network, someone can access the data (exaggerated? Yes). It will come down to the smartness to person who is trying to save the information vs the person who is trying to access the information

Solution 3:

Information that you get from the internet is coming from a specific computer that's... well... it's out there somewhere. You don't know who owns or operates that computer. You don't know who put the information on it, either.

To get from that computer to yours, the information has to travel through several routers along the way. Each router has the opportunity to modify the data passing through it and you don't know who owns or operates the routers.

This is why you can't trust the internet, at least not in the sense of "trust" as used in discussions of security: You could be getting data from a malicious creator, or the data could be getting sent by a malicious server, or the data could have been modified in transit by a malicious router.

Unless you have taken some measures to verify both the identity of the originator (e.g., having the source provide a signed digital certificate) and the integrity of the communication channel (e.g., using an encrypted protocol), you can't really do much more than cross your fingers and hope that what you get will be the same as what you requested.

Solution 4:

Untrusted means the data that travels through it layers is not secured. You never knows what is happening to you data. Anybody can manipulate it.Data can be lost or corrupted during transmission. It may lost its integrity and confidentiality. A man with lot of skills can hack into your data. Usually there are lot of technique through you can secure yourself but still it is prone to be hacked by the hackers.

Internet is also called unsecured because it uses IPv4 protocol which is unreliable and connectionless datagram protocol. It provides no error control and flow control. For the reliablity it is paired with reliable protocol TCP for the transmission of data in transport layer.

Solution 5:

Because you can't trust everyone

The internet is "everyone in the world with a network connection".

Do you trust everyone in the world with a network connection? Do you want all of them to be able to connect to your company's payroll database?

If not, that's why the internet is "untrusted."

If so, please let us know the IP address so that we can start getting paychecks. ;)