In a recent piece in the NY Times, a Harvard Kennedy individual states:
The primary reason computers are insecure is that most buyers aren’t
willing to pay — in money, features, or time to market — for security to
be built into the products and services they want. As a result, we are
stuck with hackable internet protocols, computers that are riddled with
vulnerabilities and networks that are easily penetrated.
Back in 2000 I was Vice Chair of what became an Internet 2 Presidential Commission. Before that, in the mid 70s I got the job after coming from MIT to DC to sneak the ARPA net onto the Intelsat satellites. So I guess I have been working this issue for 40+ years. I may know something.
As to the above statement, the key fact is that the TCP/IP protocol developed in 1974 was done to deliver an open system, with the smarts at then end user location. The "security" of the network depended on physical security of the links, if you wanted it, otherwise it was intentionally OPEN! Now what the author means by "hackable internet protocols" is unknown. The protocols are open, they are known, and unless you physically secure the fiber, copper, wireless channel, it is open, never was meant to be secure. DoD has an IP network, but the links do not connect to the open public network. They have massive firewalls etc. But a router is like a public toilet, anyone can drop by an perhaps you want to go before you leave home. Sorry for the analogy.
Security is multilayered. Always has been. In the early 70s we had developed secure operating system kernels. The fear was that somehow an application could penetrate the OS and the kernel. So now nothing is new.
It is NOT the networks that are easily penetrated now, they were designed that way! Only wish these non-techys would walk down Mass Ave and speak with someone, anyone! Oh well, it is the NY Times and Harvard, what to expect?