When Edward Snowden leaked all of that information about NSA spying, it was basically stuff most of us already knew, but still willfully kept the blinders on because it was too huge to think it was actually real. That tends to be the problem. Most of us use many devices, e-mail, phones, and tech that we use but have absolutely no idea how any of it works. Recently, there was a post on Reddit that asked, “”Hackers” of Reddit, what are some cool/scary things about our technology that aren’t necessarily public knowledge?” And the answers ranged from interesting, too terrifying, and to make you want to hide in a cave for the rest of your life.
On having the strongest internet security:
You can have the strongest IT system in the world. You can spend billions on software & hardware protection, but if I can ring the new employee called “Cathy” and say “Hey, Cathy, you’re new here right? Yeah it’s John from IT Security, There’s been a breach and I need Sys Admin password quickly so I can patch it up”. “Ok” says Cathy, under stress to fix the problem And there I have it. I got the password. It’s called Social Engineering and 9 times out of 10 that’s how people hack accounts.
An insiders view on just how crappily built everything is:
As someone who has programmed since the late 80’s the scariest thing is just how flaky everything is.
It’s turtles all the way down except the turtles are horribly written unmaintained code that no-one commented and the guy who wrote it left the company 5 years ago to take up yak farming.
Our entire modern economy and to some extent society is entirely dependent on systems that were written by people like me.
That is fucking terrifying.
Then, someone responded to that which made me feel like we’re all covered with gasoline headed for a spark:
Weinberg’s Second Law: “If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.”
An obvious yet completely overlooked security idea of not using the same password for every site:
Don’t use the same password for anything. Hacker 101 is that once you compromise one account (ideally e-mail), you go through their e-mail notifications to see what other accounts they have. Then you go to those sites and try to log in with the same password. It usually works. Also you really shouldn’t even use the same username for difference sites, because if I crack an account other than your e-mail address I can still just Google your username or try sites I think you might visit. So your Reddit username should not be your GMail username and they certainly should not be the same password.
What about your webcam?
Yes, we can use malware to remotely activate your webcam, microphones, and whatever else is plugged into your computer. Cover the lens when you’re not using it. Ditto on cell phones, but there’s no much you can do about that short of removing the battery.
Yikes. Time to buy some black tape. Actually, I’m just going to go ahead and throw my entire house away. But, it gets even crazier.
Here are something’s that I’m sure will ignite conspiracy theorists.
People have hacked cars and most over forms of transportation. These hacks have included the ability to stop your brakes from working and moving your steering wheel. While the knowledge is currently held by a small group of people, it never stays that way and I predict that “murder by hacking/trolls” will be old news before 2020.
You’ve probably used GPS multiple times today without realizing it. The thing is, so has everybody, everywhere, all the time. What would happened if something stopped GPS systems?
If the GPS system were to ever fail, just like GLONASS did the economic damage would easily be in the 100’s of billions as financial institutions depend on GPS for timing. Note that this technology was developed 19 years ago based on a 41 year old theory. One mis-programmed counter could bring it all down if it wasn’t caught.
Now, let’s get into how secure all of the big structures we depend on everyday for power, and oil, and water supplies?
Everything from power plants to dams to oil pipelines still uses SCADA a protocol developed with 1990s era security practices. These systems are connected to the internet. One worm on the scale of ILOVEYOU built to target these systems would have wide reaching real world consequences including cutting off municipal water supplies.
Now, here’s where it all hits us, and this prediction seems accurate if not inevitable. (Ok, maybe a bit too much hyperbole, but it seems plausible):
In the next decade I predict that there will be a cyberwar or a terrorist attack over the internet. People will die and the economic damage will be equal to, if not greater then a bombing of a major city. This will provoke a backlash that will fundamentally rewrite the way that we interact with our computers. I cannot even hazard a guess as to what direction that will take but if Computer Fraud and Abuse Act is anything to go by, it will not be pretty.
Are you staring blankly at your computer screen like I am?
The US government will soon, possibly be able to break modern encryption.
There is a decent chance that the US government will break modern encryption as we know it in the next decade. Currently the government (namely the CIA and NSA) are some of the largest employers of mathematicians. The NSA has one of the largest data centers ever built by man, it is speculated that they are nearing a breakthrough and are getting ready to use it.
That sounds awesome until you think about the government being able to decrypt anything. Yeeeeeeesh.
Remember all the Malaysian Airline Flight 370 conspiracy theories? Well, this one will give CNN another two months of coverage. Sorry, guys:
GPS can be spoofed(faked). You can override the GPS signal with hardware of $1000. This can be used to move the position of a GPS-receiver to something else. Like say: an airplane is 1000 ft higher than it actually is. Combine this with a autopilot and a bye bye plane. (This can also be used with boats)
Air traffic control can be spoofed too. With $1500 (?) of equipment you can create your own virtual airplane on the screens at an airport. Create 10 fake airplanes and you will have a “where is waldo” game with planes. You can even make them crash. Even autopilot will react to avoid crashing into the ghosts.
There’s so much more that can be looked over on the Reddit thread. A lot of it is over my head because I’m not a programmer, so if any of you are, then you may know a lot of this, and if you don’t you best get to work on fixing a lot of these things and telling people what they should do to prevent themselves.
Meanwhile, I’ll impersonate John Connor and go off grid.