Who wants to be safe? Online protection as a black box

~~~

[6 min read]

Hacking that affects individuals is very widespread. The Pew Research Center reports nearly 2/3 of online Americans have experienced some form of data theft. A total of about 50% of onliners think their personal data are less secure than five years ago (see previous post for other details).

What does “data theft” look like? Pew examined seven types, and found that only two – fraudulent credit charges and stolen tax refunds – entailed direct financial loss. The others involved some less definable harm, such as an attacker getting his hands on social security numbers or login credentials for social media accounts. We call it “compromising” the data.

This amorphous concept of “compromised data” is growing into one of the chief barriers standing in the way of advances in cybersecurity for end-users. It takes what’s already invisible and annoying (see: strong passwords), and adds a hefty dose of abstraction. Exactly when can we say a piece of data has been sufficiently “compromised” to start worrying and take action? What kind of action?

WhatsApp: how secure?

Let’s look at WhatsApp to see how a popular messaging service handles security for a billion users – and how adding security can actually lead to trouble as well as safety.

Last year WhatsApp announced deployment of end-to-end encryption (E2EE) for all messages and media crossing its systems. Their FAQ assures users that everything they send is “secured from falling into the wrong hands” – right from the sender’s device all the way to the recipient’s (hence “end-to-end”). Marketing wants to be reassuring, not to mention emphatic as to why their platform is better than competing platforms. Continue reading

Smart objects, dumb ideas: your hyperconnected future (Pew/Elon 2016)

crestron-control-panel

We’re all going to hell in an IP-enabled handbasket.

The bland-looking control panel depicted above is the heart of a smart home – automated up the wazoo, so your fingers can play master of the universe with the lighting, audio system, appliances, heating and cooling, sprinklers, pool, spa, garage door – and your alleged security system.

Alleged because smart homes, cars and all the other items you’ll be connecting to the public automated-cat_feederInternet will offer unprecedented opportunites for hackers to infiltrate your life. Most personal devices like computers are already insecure enough. But so-called “smart” devices will be far more difficult for consumers to organize, update and secure than the familiar devices we can see and hold. (If you think any object in our lives will be spared, check out the automated cat feeder adjacent, courtesy Wikipedia.) Continue reading

The Internet in 2025: the Internet/Cloud of Things (Pew 4)

internet_map_2005_dataPartial map of the Internet cloud. Each line joins 2 nodes representing IP addresses. 

~~~

Pew setup question

The evolution of embedded and wearable devices and the Internet/Cloud of Things – As billions of devices, artifacts, and accessories are networked, will the Internet of Things have widespread and beneficial effects on the everyday lives of the public by 2025?

~~~

The visualization of the Internet you see above, while pretty dense and complicated, captures only a fraction of a certain class of networks as they existed nine years ago (i.e., less than 30% of the Class C networks reached by the Opte Project in early 2005). In the intervening time, the number of Internet-connected hosts has increased from less than 400 million to over one billion. But you ain’t seen nuthin’ yet.

google-glass

This past year marked the mainstreaming – in the public consciousness if not in our actual lives – of devices that are not only a) smart so they can compute, and b) small so they can be worn or embedded, but also c) networked so they can all communicate over the Internet. Judging by press coverage, I’d say the splashiest recent entries have been Google Glass and smart watches. Continue reading