Tuesday, August 2, 2011

Danger, Will Robinson

For my non-gray-haired readers, that subject is a tag line of the campy Sixties TV series Lost in Space. We will not discuss the 1998 movie version. Not ever. You have been warned.

Today's subject is more modern dangers. Let's begin with the sadly not shocking observation that "Private browsing: it's not so private." Among the problems, browser plug-ins often fail to respect private mode.

Omitted from the discussion: no matter how robust your browser's privacy mode, your ISP knows by IP address what data goes to and from your home. (Your browser may warn you of this risk -- for example, Firefox pops up an advisory at the start of every FF private-browsing session.) Perhaps you choose to route your web accesses through an anonymizer service. If so, why do you suppose that service is any more likely to respect/protect your privacy than your ISP?

Are you unhappy that someone might poke around your Internet activities? How about foreign powers poking around inside your nation's IT infrastructure? We've already seen cyberwar incidents involving Georgia, Estonia, and Iran, and many incidents of Chinese hackers poking about inside US networks. (Last January I posted here about cyberwar.) Conventional wisdom has it that the country which would be most at risk in a full-blown cyberwar is the US -- we are, after all, the birthplace of the Internet, and so have become the most dependent on it. So: it's good to finally see that "US Cyberwar Guidelines Officially Signed." Hopefully implementation will entail less dawdling than did drafting and signing ...

As a US military official is quoted by the WSJ in "Cyber Combat: Act of War":

"If you shut down our power grid, maybe we will put a missile down one of your smokestacks."

Now we're getting somewhere.

In the realm of tech and automation run amok, consider widespread facial recognition. Consider software concluding from your state DMV photo that you aren't you. (Does anyone's DMV photo look like them?) Having concluded you're misusing your own name, clearly you're guilty of identity shenanigans. What to do, what to do? Here's a thought! Let's, without recourse, revoke your drivers license.

Far-fetched? A risk only in some remote future? Hardly. Per "Here's Looking at You, and You, and You ..." we're already there (at least in the state of Massachusetts).

The flip side of privacy problems is secrecy problems. Underground hacking groups Anonymous and Lulzsec worry more about the secrecy side. They've been all over the news so I'll go to something more mundane and more directly affecting your daily life: private data monopolies. Such as ...

The days are long gone when individuals could maintain their own cars and trucks. Now independent repair shops face being locked out of the business, too, as car manufacturers hoard information (like the diagnostic codes essential to maintaining vehicles) to favor dealership service departments.

At last! A solvable problem, and again Massachusetts takes the lead. See: "Auto Right to Repair Act Fight Heats Up."

And scariest of all, half the world's population confronts cyber-Armageddon. See: "Not Tonight, Honey: Women Choose Internet Over Sex."


Erik said...

Watching lulzsec's and anon's recent achievements/atrocities (depends on your POV) unfold has been extremely interesting. They've at least convinced me to not reuse passwords.
I'll challenge you on the idea that US would be most harmed by an interwebs failure. Although the net originated in the US, it grows much faster in countries like Japan and Korea where there is serious competition. Countries like the US and Canada have much less speed and capacity, so you could argue we rely less on our networks.

Edward M. Lerner said...

I don't have a firm opinion on which country might be most vulnerable in a cyberwar. I referred only to what I understand to be conventional wisdom. And as a US citizen/resident, I worry the most about our local vulnerability.

That said, I'm not convinced that overall Internet accessibility, proxied by average bandwidth available to homes, is the best measure of vulnerability to cyberwar. IMO, Internet integration with national infrastructure (e.g., government, financial, energy, and industrial sectors) creates a far more serious exposure than personal uses.