To answer "why Internet is unsecure?", we actually need to understand "How Internet works?". And taking it one step further, let's ask "What is Internet?".

What is Internet?

A junior grade text book will define Internet as network of networks, and that remains true to a CTO level. In practical terms, start thinking from the fact how are you reading this text. You are reading this from either your personal computer/laptop or from an office desktop. If it is a personal computer, you are connected by dialing to the ISP, or if you are on LAN, someone else has done that step for you. A LAN itself is a network, though smaller. A LAN will have computers and routers (may be servers).

When LAN gets connected to ISP, to which more PCs, Servers, routers and LANs are connected, it becomes part of a larger network. When these larger network gets further connected, we end in having a huge network, called Internet.

How does the Internet work?

Again let's go back to the basics. How can any two computers talk? They send packets of information to each other, which are provided in a well defined protocol, which both systems understand. Think of it as one person sending a letter to another, letter is the packet, and protocol is some simple rules that will make sure that information is conveyed properly.

For example, I am writing in English and you understand what it means. Now if the second person is far away such that person one cannot deliver the letter himself, he will need to trust mediators. You may use the post office or a courier service. Now if the place is far away, one post office will send the letter to second, which will pass it further till it reaches the destination.

The same analogy works for Internet. When you are sending or fetching information on the Internet, it has to pass through many routers and servers.

Why is Internet unsafe?

Is the information in your letter safe when you post it? Yes, but only till a point when a post office worker, or someone on the way opens it. Same is true for Internet.

As the information is passing through so many routers and servers, or data is actually residing on some server, anyone who can gain access can fetch that information. Of course there are safety measures, protocols (SSH/ https) and encryption are commonly used. But any algorithm that can secure the information, will also have a counter-algorithm, that will enable to gain access.

So simply putting it, your data is hundred percent safe till you are on an isolated system, the moment you get connected to a network, someone can access the data (exaggerated? Yes). It will come down to the smartness to person who is trying to save the information vs the person who is trying to access the information

Information that you get from the internet is coming from a specific computer that's... well... it's out there somewhere. You don't know who owns or operates that computer. You don't know who put the information on it, either.

To get from that computer to yours, the information has to travel through several routers along the way. Each router has the opportunity to modify the data passing through it and you don't know who owns or operates the routers.

This is why you can't trust the internet, at least not in the sense of "trust" as used in discussions of security: You could be getting data from a malicious creator, or the data could be getting sent by a malicious server, or the data could have been modified in transit by a malicious router.

Unless you have taken some measures to verify both the identity of the originator (e.g., having the source provide a signed digital certificate) and the integrity of the communication channel (e.g., using an encrypted protocol), you can't really do much more than cross your fingers and hope that what you get will be the same as what you requested.

Untrusted means the data that travels through it layers is not secured. You never knows what is happening to you data. Anybody can manipulate it.Data can be lost or corrupted during transmission. It may lost its integrity and confidentiality. A man with lot of skills can hack into your data. Usually there are lot of technique through you can secure yourself but still it is prone to be hacked by the hackers.

Internet is also called unsecured because it uses IPv4 protocol which is unreliable and connectionless datagram protocol. It provides no error control and flow control. For the reliablity it is paired with reliable protocol TCP for the transmission of data in transport layer.

Because you can't trust everyone

The internet is "everyone in the world with a network connection".

Do you trust everyone in the world with a network connection? Do you want all of them to be able to connect to your company's payroll database?

If not, that's why the internet is "untrusted."

If so, please let us know the IP address so that we can start getting paychecks. ;)

Imagine yourself at home, there is your mom your dad your sister. If one of them would ask you to borrow 100$ from you what would you do? Now image being in a stadium full of people you don't know, and someone asked you 100$ would you react differently?

On the internet there are people who have allot to gain from your identity. They can take control of your computer and clean your bank account. They can use your computer to attack other computers. There are people who use social engineering to scam you. There are people who use trojans and viruses to spread their reach.

Minute you are connected to internet you are making yourself vulnerable to these people.

Default behavior of internet savy users is distrust to everybody and everything. That's why it is considered an untrusted network, cause you never know who is on the other end of the line and what he wants from you.

Briefly, "trust" in computer security is not quite the same as "trust" in the ordinary sense. It has to be extended to include the concept of identity.

Let's start with the ordinary definition of the word. The OED defines "trust" as "Confidence in or reliance on some quality or attribute of a person or thing, or the truth of a statement". In the pre-Internet era, you might want to send a confidential message to your friend Sally. You could give it to a third party, Bob, if you were confident that he would deliver the message to Sally and to nobody else. In that case you are relying on a particular quality of Bob — his ability to deliver your message discretely. In other words, you trust Bob.

Online, it's possible to fake identity. So "trust" has to be extended beyond reliance on a third party's qualities. It has to include reliance on the the third party's identity. Suppose your trusted third party is the message board at bob.com. In that case, you're relying not just on the discretion of a particular online system, but the assumption that the address bob.com actually points to the system you think it does. But that last assumption is a bad one — there are many ways to and hijack a domain name. If the privacy of your message to Sally is really, really important, you have to make bob.com prove its identity. And that's one of the functions of SSL.

So, we say that the internet in general is untrusted not because we think everybody's out to get us, but because that "trust" online means proving that entities are what they say they are. Trust mechanisms are not built into the internet, because of its origins as an imformal research-based network based on mutual trust — in the plain English sense of the word. Trust — in the computer security sense — has to be layered on.

Note that there are basically three things to be concerned about:

1. Whether the guy at the other end can be trusted
2. Whether you can trust the connection between you and the other end
3. Whether someone you don't even know about can connect to your system without your permission

In a fully-trusted network (eg, a network consisting of only the computers in your own household) you have none of these concerns. But get outside of such a limited environment and you need to be concerned.

With an un-firewalled computer connected to an untrusted network, you're exposed on all three counts. The guy at the other end could use the data you send him inappropriately, or he could send malicious data to your system. Even if the guy at the other end is trustworthy, someone with access to the "pipe" could read/manipulate the bits and bytes to extract your private data or send malicious content to either you or the other end. And if someone can connect to your computer without your consent and manipulate it's innards, everything is exposed.

Trusting the other end is of course a matter of judgment on your part. You (hopefully) use some care and don't transact business on sites which you do not have good reason to trust (and never use a debit card to make internet purchases). And you use an anti-virus/firewall setup that will prevent a malicious (or simply hacked) site from installing nasties on your box.

Assuring a good, uncompromised connection to the other end is mainly a matter of using an encrypted protocol. For HTTP, this is generally HTTPS -- a version of the HTTP protocol that adds the SSL "Secure Socket Layer" encryption layer. All reputable sites that deal in private/financial matters should be using the HTTPS protocol (which you will know because the URL prefix is "https:" and because your browser displays a "padlock" icon or wording like "Verified by: VeriSign, Inc." if you hover the mouse cursor over the icon ahead of the URL in the address line). There are other approaches, such as using a VPN (Virtual Private Network), but they're more for business/commercial stuff.

In terms of keeping the bad guys from connecting directly your box, this comes down to having a good firewall. This can either be firewall software in your computer (as a part of the antivirus package, generally) or as a separate hardware box. (This function is often included in wireless routers, for instance.)

Why trust any network, large or small? Trust is elusive, and perhaps it's the worst word to use in this context. When you traverse any network boundary, you need to consider the risk and invoke the necessary mitigation.

An untrusted network is any network where the network is not soley managed by the group or department that manages the private network.

A public network is any network that is soley managed by the group or department that manages the private network but can access devices in the untrusted network.

A private network is any network managed by a group or department that only has access to a public network.