Ride the Lightning

Click Here to Kill Everybody: Security and Survival in a Hyper-connected World

October 15, 2018

The title of this post is the title of cybersecurity expert Bruce Schneier's new book. A lot of us worry about everything being connected to the internet and at an accelerating pace. Bill Gates' and Paul Allen's old time vision of a personal computer on every desk sounds antiquated today.

The New York Times (sub. req.) recently referenced Schneier's book in a story published on October 10^th. That story was entitled, "A Future Where Everything Becomes a Computer Is as Creepy as You Feared."

Mark Zuckerberg wanted to connect everyone socially – his wild ride to success was without any government regulation. Look what that got us.

And now we have the Internet of Everything. Lots of benefits? Sure. But without government regulation, this could be (will be) a nightmare. Not many folks are thinking about this, much less doing anything about it.

As the articles says, "Cars, door locks, contact lenses, clothes, toasters, refrigerators, industrial robots, fish tanks, sex toys, light bulbs, toothbrushes, motorcycle helmets — these and other everyday objects are all on the menu for getting "smart." Hundreds of small start-ups are taking part in this trend — known by the marketing catchphrase "the internet of things" — but like everything else in tech, the movement is led by giants, among them Amazon, Apple and Samsung."

We now have an Amazon microwave powered by Alexa, which is also selling its smart chip to other manufacturers. Both Facebook and Google recently unveiled their own home "hub" devices that let you watch videos and perform other digital tricks by voice.

Schneier argues that the economic and technical incentives of the internet-of-things industry do not align with security and privacy for society generally. Putting a computer in everything turns the whole world into a computer security threat — and the hacks and bugs uncovered in just the last few weeks at Facebook and Google illustrate how difficult digital security is even for the biggest tech companies. In a roboticized world, hacks would not just affect your data but could endanger your property, your life and even national security.

Schneier's book rings alarm bells, arguing for government regulation before calamities emerge. He suggests the need for a National Cyber Office for researching, advising and coordinating a response to threats posed by an everything-internet.

But he's a realist. "I can think of no industry in the past 100 years that has improved its safety and security without being compelled to do so by government," he wrote. But he conceded that government intervention seems unlikely at best. "In our government-can't-do-anything-ever society, I don't see any reining in of the corporate trends," he said.

Schneier's larger argument is that the cost of adding computers to objects will get so small that it will make sense for manufacturers to connect every type of device to the internet. At some point, the devices that don't connect to the internet will be rarer than ones that do.

There is an incentive to provide security for traditional computing devices. Apple has an incentive to keep writing security updates to keep your iPhone secure; it does so because iPhones are expensive, and Apple's brand depends on keeping you safe from digital threats.

Manufacturers of low-margin home appliances have little such expertise, and less incentive. That's why the internet of things has so far been synonymous with dreadful security — and why the FBI had to warn parents last year about the dangers of "smart toys," and why Dan Coats, the director of national intelligence, has identified smart devices as a growing threat to national security.

Will we heed these warnings? My guess is no.

Hat tip to Dave Ries.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson