Healthy skepticism’s role in security

The biggest problems of today’s technology privacy, security – communications, understanding.

Or to say it a little differently… privacy and security are an illusion in today’s world!

But then, I’ve learned how to protect myself.

Protection – Government bodies and agencies around the globe rush to reassure you that they want to provide citizens with the best cybersecurity possible and protect their privacy.  But the best protection is using proven tools, a healthy skepticism and commonsense regarding your online movements and activities.

No it doesn’t do any good.

But it makes you feel good as long as you don’t think about it too much.

Computers – then tablets and mobile phones – were initially designed without thinking they would communicate.

Communications were designed without thinking there would be rogue users.

Then Vint Cerf and the crew developed the Internet back in the ‘60s to provide robust, fault-tolerant communication via computer networks between scientists and engineers.

At the outset, it was built to be free, open, and democratic.  Not air tight and controlled.

Open Flow – When the Internet and Web were developed, they were designed for fast, open communications for engineers and scientists to exchange information and ideas.  It wasn’t meant to be a secure and private place for your cat videos or selfies.

Then, in 1989, Tim Bernes-Lee developed the World Wide Web (WWW) and a year later, came up with a cool thing called the web browser.

In the mid-‘90s, the National Science Foundation gave ARPANET (Advance Research Project Network) to the world – holes and all.

Vint (or someone) decided ARPANET wasn’t a sexy enough name so it was changed to the Internet; but plugging holes and propping things up wasn’t a high priority.

In other words, the Internet and Web are merely extensions of us as humans – good, bad and everything in between.

Businesses and governments don’t really respect privacy because if they did, Big Data wouldn’t be such a big business.

Sure, there are a lot of businesses who do respect your privacy and do not sell, loan, swap your information for someone else’s information; but are the global free services, free apps, free storage and other, free stuff you use really yours?

Government officials do pontificate about personal security and hail the passage of their laws that “guarantee” your privacy but…

Defies Logic – Software developers work very hard to develop a solution/application that does what it is supposed to do as efficiently and effectively as possible.  Designing in a ready access by authorized officials also makes this access available to anyone who is nosey or has other intentions in mind.

Yes, except when government agencies around the globe want access to what’s going on in the digital, virtual world … and the more they have, the more they want.

We recently read that the UK’s three major spy agencies have been covertly collecting personal data about British citizens en masse since the 1990s.

And do you think your government’s agencies are any different?

Wanna’ buy a bridge?

The Internet architecture has holes in it; and organizations and “others” constantly take advantage of those holes.

Just ask Sony Pictures, Target, Morgan Stanley, your bank and thousands of businesses large and small that deal with and often don’t report cyber break-ins (it’s bad for business).

Good vs. Evil – Program developers and IT specialists are always one step behind cyber thieves and hackers because it is almost impossible to anticipate the creative ways people devise to steal information or the greed and gullibility of the person sitting in front of the keyboard/device.

Or, think about your country’s and local government systems that were built based on the lowest bid 15-20 years ago!

In addition, the Cyber infrastructure wasn’t initially designed to handle chit-chat, business or the funny business of over 3B people who are connected today and it constantly teeters on the edge of collapse.

A complete redesign of computer and communication architectures could possibly lead to better security but that would require a mind-boggling investment of time, money and talent which will probably never happen because we want it now … we want it free!

To partially solve the issue for customers, folks like Apple, Microsoft and others are offering encrypted services/products.

People like WhatApps, Viber and others are offering end-to-end encryption.

The elegant beauty of end-to-end encryption is that it’s a remarkably powerful tool.

For example, if your company installs it for the firm and employees, not even IT administrators can see what is being passed between users as long as the software is kept current.

Cool!

All of that is being done to the total consternation of aged lawmakers and agency heads who eloquently propose personal privacy as long as they can access your stuff … just in case.

Cryptography and cracking it continue to get more sophisticated.

Country spy agencies will do what they were set up to do–spy on the other guy, watch their backsides and maybe every now and then grab some of your data.  It was an honest mistake, something called collateral damage.

Profitable Activity – Cyber attacks between nation states and by individuals have grown as the flow of data increases around the world.  People put their business and lives online and available to people to mine.  The chances of getting caught and the punishment are remarkably low.

But the real techno-experts aren’t in any country’s spy organizations.  They go where the money is.

For example, Russia has one of the best clandestine botnet businesses on the planet.

They happily siphon off billions of dollars each year from the flow of advertising dollars through Google and other firms.

Sorta’, kinda’ funny how the ad sales folks never mention this “little issue” when a firm signs a contract with one of the many ad delivery services.

According to Michael Tiffany, of White Ops, 61 percent of the iNet traffic isn’t human and a third of that impersonates human traffic for “other” purposes.

They’re so good that Tiffany noted that 15 percent of American broadband households are part of someone’s botnet and don’t know it.

Those who are good at it won’t stop because it is immensely profitable. The chances of getting caught are remarkably low and the penalties if they are caught amount to little more than a slap on the wrist.

Of course, we do make it ultra easy for them.

According to a recent Pew Research report, 91 percent of adults understand that they have lost control of how their personal information is collected and used. But that doesn’t stop them from posting darn near everything onto social media sites.

 

Lives Online – It is amazing what you can find out about an individual when you scour the Web for an hour or two.  It’s difficult to provide privacy when people put their entire day on the global Internet for all to see.

It makes it extremely difficult to demand privacy when you’re living your life online!

Experts that Pew talked with were in agreement that privacy is no longer a right or condition for living your daily life when you are constantly connected on an open line.

Pew also noted that 86 percent of today’s Internet users have taken some steps to remove, mask or limit their online digital footprint.

In addition, the sale of security, anti-virus and malware software has enjoyed robust sales to provide individuals and organizations from malicious damage to their devices/data and avoid surveillance/monitoring by individuals and organizations.

While people are increasingly taking steps to protect their online data, many (61 percent) were unaware of simple actions such as changing social media privacy settings, avoiding certain apps, email encryption programs, browser “don’t track” plug-ins and anonymity software they could implement.

Naturally, it’s the connected generation that is best equipped to manage/control their online privacy and they sort of shrug their collective shoulders about their privacy or lack thereof.

Almost universally, they have taken steps to limit the amount of information about themselves that is available when they are online.

 

Hiding in Plain Sight – The connected generation is better prepared than most of us to make themselves less visible online.  They’re just wired differently (and better).

They have taken steps to limit personal information available about them online, deleted unwanted comments, removed their name from photos they were in and taken steps to mask their online identities.

Of course, they are also more likely to store personal information online in such neat, cute, “safe” places like the cloud!

The neat thing is people are willing to share their information as long as they get something of perceived value in return.

For example, it’s okay if a retailer offers a loyalty card tracks their purchases and occasionally provides discounts.

Another Pew respondent said, “I want control over what ads are being ‘pushed back’ to me: I have no interest in ‘puppy portraits’ but I may be interested in cameras, equipment, etc. In an effort to ‘target’ my preferences, my inbox gets full of [expletive] that is not relevant to me.”

What most folks seem to say is it’s okay as long as …

Fair Trade – People are willing to share their personal information with responsible (and sometimes irresponsible) sites and organizations when they feel they get something in return.  It’s up to the requesting organization to honor and respect the individual’s security and privacy rather than share or rent that information to others.

The major challenge for companies will not be in being hacked (while it will be a concern), but rather defending against the internal threat by careless or malicious activity.

Too much of our lives today is stored on our devices and too much of our information passes through the system.

While governments will continue to “attack” each other and businesses will continue to mine and use as much data as possible, it’s going to be your responsibility to be as vigilant as possible

That means doing your back-ups regularly and certainly not to “their” cloud!

At the same time, realize that for every lock, someone will be doing his/her darndest to pick it, break it … even if it’s just for the hell of it.

Mischief, greed and hostility are something we have to be constantly aware of as we take advantage of the online world.

We can’t stay dumb forever and have to be more than a little skeptical when one of our government agencies knocks on our virtual door and says, “Hi, I’m from your government and I’m here to help you.”

 

 

 

 

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Featured Tech Jobs

 

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.