The Future of Hacking
There’s an awful lot of hacking goes on in science fiction – but right at the moment, there’s an awful lot of hacking going on in the real world. Or that’s what we’d be led to believe by the press. This past month seems to have been rife with instances of internet information leakage, government tapping and straight forward ‘hacking’. Two major news sites down in the last seven days as a result, and a couple of providers of psuedo-private email services voluntarily closed down because they realised that they were in no position to be able to protect the privacy of those who use those services or the data they keep there. I refer to them as ‘psuedo-private’ because really that’s all any of these services ever can be unless you go and build your very own infrastructure upon which to run all communications.
As even Google pointed out this week, the expectation of privacy from the public using any service provided at no-cost/low-cost over the public internet is ludicrous. Even if you go out and buy your own server and host it yourself but connect it onto the internet, you’re using what has now become a public utility that you cannot/should not control or regulate. That’s the whole point of the internet.
The moral would seem to be – if you want privacy and you don’t want to get hacked, don’t connect to the same infrastructure that everyone else is connected to (that’s a situational cyber-crime prevention principle), but if you choose to do that you lose the utility of being on the internet. It’s a paradox.
So what of the future? With the growing availability of very smart pieces of software that are able to formulate intelligent strategies for cracking security measures, whilst also having the levels of processing power required to do serious damage in a short space of time with brute force attacks, how come the USS Enterprise isn’t constantly in space dock having its anti-virus systems updated?
Have all the angry hormonal adolescents alone in their bedrooms of the future given up on hacking? I somehow doubt it, in fact with the bounty of the future being even more attractive I would imagine that there will be even more of them. Think of it. We’re fairly connected today in a few countries, where we can get access to some institutions and systems via the internet, but there are still big chunks of commerce and industry in many parts of the world that are not effectively “online” and hence there’s nothing to be gained from attempting to “crack their codes” because they simply are not there.
Jump into the future a few years and at some point we have to acknowledge that absolutely every single thing that happens anywhere on the planet and beyond will be controlled or monitored by some sort of a computer. Under those circumstances there has to a lot to gain (and a lot to lose) from being able to gain access to the information or gain control of the entity. So as I point out, in the future hacking will be even more worthwhile, with even more targets.
So what will we do to keep it under control?
Can I honestly see our military machines running a copy of AVG before they boot up every morning?
What then are the alternatives?
A move away from the internet? Or at the very least a super-secure logical segmentation of the internet into channels for different applications? Hard to see how that could happen with the protocols all so open and well known to the world. An encrypted sub-layer within the medium of the network that remains invisible to the mere-mortals who use it for looking at YouTube? Once again, how could that happen without everyone knowing about it?
Viruses and mallware are one thing, and protecting websites from defacement is something else that’s reasonably automatable, but there are a lot of other issues besides these that are characterized by the sort of incident we’re seeing. Protection against people who break in and steal or tamper is absolutely essential when the thing they’re breaking into is running the planet’s energy supply or producing fresh water for a few million people.
The logical step would seem to be to move away from the open standards for particular applications into a highly controlled new communications format which is able to transport internet-like traffic but which is simply not available to the general public. It sounds highly counter-intuitive and I really don’t see how it can happen without getting leaked (the Snowdens and the Mannings of this world would have got much of their information from the existing iteration of this concept – SIPRNet/NIPRNet – so secrecy through obscurity only works until the cat gets out of the bag, then it’s just as un-secret as everything else).
I don’t want to be bulls-eyeing Womp Rats in my T16 or trying to beam-up my away team from the remnants of a dieing planet only to get a little pop-up informing me that my free trial period has expired and my credit card has been rejected, but what’s the alternative?
Perhaps this is another frontier in the digital divide. Those on the inside and those on the outside of the big firewall in the sky.