How Does Anyone Protect themselves from Hacking

Little Rock   If we asked the question plainly: is there any way that we can be protected from hacking? The answer is likely either, “No,” or maybe more optimistically, “not completely.”

At some level this is a problem for everyone. Or at least everyone with access to the internet or perhaps a car or mobile phone or any number of other devices from household appliances to alarm systems to washing machines. Two consultants told a morbid joke among hackers that went like this: what is a self-driving car? Answer: a computer that can go 100 miles per hour. Working for various automobile companies they were fairly easily able to hack a car’s computer system and take over braking, steering and other functions.

The recent worldwide ransomware crisis that may have originated in North Korea, though no one seems positively sure, hit countries, businesses, and others, both high and low, for a potential take that, if fully paid, would have been close to half-a-billion dollars. The US and France have both identified hackers connected with Russia that have penetrated voting systems, though there is still no evidence that they actually tampered with voting. A brief period of inattention where you open a random email might introduce a virus that takes over your computer and compromises your email as we found in the trove of emails hacked from the Clinton campaign and then dumped into the middle of the political process.

Activists and organizers working in autocratic countries with fewer controls on the state are hugely at risk. In Egypt according to a report by The Economist, “nearly 100…hacking attempts” have been made “to gain information from some of the country’s most prominent NGOs and journalists.” There is a lucrative cottage industry of computer companies that sell spying and hacking services to Middle Eastern countries and others without robust local capacity. The Italian company, Hacking Team, was itself hacked in 2015, and it turned out they had contracts with Morocco, the United Arab Emirates, and Egypt. NGOs and others have tracked Fin-Fisher, a German outfit, to Egypt, Saudi Arabia, and Turkey. Netsweeper, a Canadian company, won a $1.2 million contract from Bahrain that was disguised as a website solution contract, but seems to have been used to spy on dissidents. Citizen Lab, a renowned Canadian research institute that tracks these matters followed up on a UAE text message to a human-rights advocate there at his request and discovered the link was from NSO, an Israeli company in the spyware sales business with governments. Citizen Lab found software flaws that allowed NSO to turn an iPhone into a cyberweapon that may have cost as much as $1 million.

Meanwhile the ransomware crisis was the result of a hacked NSA tool, and NSA is now hoping for reauthorization of its phone spying, metadata operation in the USA. When the government is doing it, there’s no way to get governments to crackdown on the abuses. When techies are willing to sell back doors to anyone, locking the front door hardly matters.

For now, Moxie Marlinspike and face-to-face conversations seem like the only sure things out there, and the only one with a 100% guarantee is face-to-face. No sense in being paranoid, but you sure can’t be too careful. Oh, and speaking for the techno-peasants among us, do what I say, not what I do!

Facebooktwittergoogle_plusredditpinterestlinkedinmail

FCC Fork Tongues on Net Neutrality

Little Rock   It wasn’t so long ago that we don’t remember, but in a fierce fight that logged more citizen comments that ever before recorded on a Federal Communications Commission matter, the FCC essentially declared the internet equivalent to a public utility assuring net neutrality, meaning that all providers have equal access to users. Everyone from consumers and citizens to Silicon Valley were happy to have won this one. The telecommunications monopolies sued and are still in court, but in a disappointment to them and the politicians they fund with their huge contributions, they have most recently lost their efforts to overturn the Obama FCC order, and are appealing to the Supreme Court.

In the wave of the Trump Administration rollbacks of Obama era regulations and initiatives, the new FCC Chairman, Ajit Pai, has immediately sought to unravel the internet’s classification as a utility, assure net neutrality, and pretty much have the FCC play any role in regulating any of this. Chairman Pai is a slick one. He claims he is totally committed to what he calls an “open” internet. He swears he is a big “streamer” himself and that he’s a bannerman for “Game of Thrones” as a binge watcher.

Listening to an interview with him on the radio was a very scary thing, because not only is he a fast and smooth talker, but he’s duplicitous and evasive on the issues. He had two key talking points in trying to muddy the waters.

First, he harps on the fact that the regulation defining public utilities goes back to 1934 and President Franklin D. Roosevelt. He made that points several times in different ways in order to try and embed the notion that this is antiquated and out of date and the internet is modern, so how could one possibly be adequate for the other. He slightly slips up by mentioning that the 1934 regulations were dealing with monopolistic tendencies of AT&T, forgetting for a minute that it might be worth still looking at what’s up with AT&T and its buddies now, since it’s a longway from small potatoes.

Secondly, he tried a curve ball, trying to argue that he was trying to take the FCC back to what he called the Clinton era regulatory philosophy which prevailed from what he claimed was 1990 to 2015, meaning until the Obama FCC majority put the internet under protective custody, so to speak. No question, President Clinton was a deregulator supreme, but what Pai was trying to plant here in unsuspecting minds was the idea that he is mainstream and that Obama and his FCC majority were outliers.

The game was up when the interviewer pressed him for how he thought under his proposal that telecoms speeding up their own content and slowing up their competitors would be handled. This was a forked-tongue masterpiece. He answered quickly saying that if they did that and it hurt consumers then the Federal Trade Commission could investigate and so could the Justice Department, along with state agencies around the country. Huh? Yes, he was careful to push any and all responsibility for telecom miscreants to everyone and anyone other than the FCC. Under his watch, they are clearly planning to wash their hands of any supervision or regulation. Essentially, he was saying, hey, if you have a problem, catch them if you can, and good luck with that.

In these days this passive, reactive approach to anything involving the internet and consumers just doesn’t work, and he knows it though he doesn’t want to upset his patrons and paymaster. Case in point, we have Uber creating software in order to deliberately trick states and cities where it was committed to avoiding and breaking regulations barring or limiting its participation. Another case in point, we also have is the huge scandal where Volkswagen created software to trick regulators on how many miles per gallon its diesel engines were getting.

The internet and software both giveth and taketh away. It’s not easy finding the tricksters, because this is wildly sophisticated lawbreaking. The FCC wants to go back to 1934 and snooze their way through the Trump-era, but citizens and consumers depend on the internet, and the FCC needs to do their jobs of protecting us and it, and not just spin their way around their duty.

Facebooktwittergoogle_plusredditpinterestlinkedinmail