When Edward Snowden leaked all of that information about NSA spying, it was basically stuff most of us already knew, but still willfully kept the blinders on because it was too huge to think it was actually real. That tends to be the problem. Most of us use many devices, e-mail, phones, and tech that we use but have absolutely no idea how any of it works. Recently, there was a post on Reddit that asked, “”Hackers” of Reddit, what are some cool/scary things about our technology that aren’t necessarily public knowledge?” And the answers ranged from interesting, too terrifying, and to make you want to hide in a cave for the rest of your life.
On having the strongest internet security:
You can have the strongest IT system in the world. You can spend billions on software & hardware protection, but if I can ring the new employee called “Cathy” and say “Hey, Cathy, you’re new here right? Yeah it’s John from IT Security, There’s been a breach and I need Sys Admin password quickly so I can patch it up”. “Ok” says Cathy, under stress to fix the problem And there I have it. I got the password. It’s called Social Engineering and 9 times out of 10 that’s how people hack accounts.
An insiders view on just how crappily built everything is:
As someone who has programmed since the late 80’s the scariest thing is just how flaky everything is.
It’s turtles all the way down except the turtles are horribly written unmaintained code that no-one commented and the guy who wrote it left the company 5 years ago to take up yak farming.
Our entire modern economy and to some extent society is entirely dependent on systems that were written by people like me.
That is fucking terrifying.
Then, someone responded to that which made me feel like we’re all covered with gasoline headed for a spark:
Weinberg’s Second Law: “If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.”
An obvious yet completely overlooked security idea of not using the same password for every site:
Don’t use the same password for anything. Hacker 101 is that once you compromise one account (ideally e-mail), you go through their e-mail notifications to see what other accounts they have. Then you go to those sites and try to log in with the same password. It usually works. Also you really shouldn’t even use the same username for difference sites, because if I crack an account other than your e-mail address I can still just Google your username or try sites I think you might visit. So your Reddit username should not be your GMail username and they certainly should not be the same password.
What about your webcam?
Yes, we can use malware to remotely activate your webcam, microphones, and whatever else is plugged into your computer. Cover the lens when you’re not using it. Ditto on cell phones, but there’s no much you can do about that short of removing the battery.
Yikes. Time to buy some black tape. Actually, I’m just going to go ahead and throw my entire house away. But, it gets even crazier.
Here are something’s that I’m sure will ignite conspiracy theorists.
People have hacked cars and most over forms of transportation. These hacks have included the ability to stop your brakes from working and moving your steering wheel. While the knowledge is currently held by a small group of people, it never stays that way and I predict that “murder by hacking/trolls” will be old news before 2020.
You’ve probably used GPS multiple times today without realizing it. The thing is, so has everybody, everywhere, all the time. What would happened if something stopped GPS systems?
If the GPS system were to ever fail, just like GLONASS did the economic damage would easily be in the 100’s of billions as financial institutions depend on GPS for timing. Note that this technology was developed 19 years ago based on a 41 year old theory. One mis-programmed counter could bring it all down if it wasn’t caught.
Now, let’s get into how secure all of the big structures we depend on everyday for power, and oil, and water supplies?
Everything from power plants to dams to oil pipelines still uses SCADA a protocol developed with 1990s era security practices. These systems are connected to the internet. One worm on the scale of ILOVEYOU built to target these systems would have wide reaching real world consequences including cutting off municipal water supplies.
Now, here’s where it all hits us, and this prediction seems accurate if not inevitable. (Ok, maybe a bit too much hyperbole, but it seems plausible):
In the next decade I predict that there will be a cyberwar or a terrorist attack over the internet. People will die and the economic damage will be equal to, if not greater then a bombing of a major city. This will provoke a backlash that will fundamentally rewrite the way that we interact with our computers. I cannot even hazard a guess as to what direction that will take but if Computer Fraud and Abuse Act is anything to go by, it will not be pretty.
Are you staring blankly at your computer screen like I am?