Past Practices in Information Security and Potential Predictions of Future Vulnerabilities
I remember the day I became interested in computer security. I was thirteen years old, and it was the year 2000. Everyone was in a panic over the computers, proclaiming the end of the world, and as a susceptible and impressionable teenager, I believed the hype. Shortly thereafter we got a windows 98 Hewlett Packard with AOL access, and have been a paranoid internet user ever since. As a society, we were utterly unprepared for, what CNN was calling ‘Y2K’. This lack of foresight, coupled with the cutting of corners to save data, indicates the programmers of yesteryear gave no thought to the repercussions of their actions, which almost led to financial calamity. A mistake we most certainly cannot repeat.
If we were to learn from our mistakes, we should be thinking about y3k, or 32k. Making sure that our operational sub-structures, the programs and applications we depend upon to digitally control our home utilities and transactions in commerce, will still be operational in the future. Will our protocols and technologies still work? Will the functions of the product in question perform in another hundred years? After being worn down by regular use? (1.4) If we are relying on networks for everything from thermostats to seat belts, we better be certain the technologies and topologies we use are accessible, serviceable, and scalable, for years to come.
However, it bears considering, should we look to the past to gauge the future? The NRC Committee says that’s a bad idea to use only the past to gauge. (1.14) The future is moving too fast to rate it at the same speed as the past. Should we be looking towards compatibility and preservation, relying on the indications of the past to assume there will be some catastrophe interrupting the functionality of our technological sub-structure, ensuring that all these technologies and utilities are usable in a thousand years. Or perhaps we could consider enabling and informing the masses to perpetuate production of microelectronics, so regardless of the condition of the global economy, a grass roots movement could provide a solution to any digital deficit interrupting society and their reliance on technology. By removing the monetary restrictions limiting and preventing people from the internet and higher level programming and multimedia development. By considering cyberspace a utility, a freedom, an unalienable right. And instead of focusing on what disposable products and novelties will be purchasable in 3017, focus on cultivating a populace that can benefit and most efficiently from the miracles of technology brought to us by the last millennia.
But then the question arises: is there sustainability? What money is there to be made with free internet and uninflated hardware? Would technology prosper in a utopia of freeware and printable circuitry, when no one was there to profit? Is financial well-being what drives the technology community, as it does the medical and law fields?
Where would we be now if financial limitations were lifted at the turn of the century, allowing financially unfortunate enthusiasts to prosper in an industry where a 7-dollar piece of silicon and silver is power by 7 thousand dollar’s worth of ideas. Would open source programs be more refined and adaptable? Or would the lack of interest and incentive drag us back to the days of DOS, with little interest in imagination or innovation? Where would we be if the software trends currently directed by a handful of tech tycoons, were vetted and refined by an international open source community, unbound by language, financial means, or physical accessibility? A stable and secure cyber utopia? Or an incompatible maelstrom of updates and chaos? Probably nowhere good, but it does verify that there is always another way, and we should always consider any reasonable option, to quote Rear Admiral Grace Hopper, “The most dangerous phrase in the language is, ‘We’ve always done it this way.’”
If I had to consider any difference in practice in the next ten years, I would have to say it would be the move away from the cowboy-esque lawlessness of cyberspace, the irradiation of anonymity. Just as a man can’t move westward and change his name anymore, society has evolved to a system of social security numbers and accountability. And as far as I can tell, prevailing trends of the internet are heading in the same direction of less anonymity. Gone are the days when software licensing was limited to a 15 digit, unverified CD key and a man’s word. Now everything requires an email address, that you had to use another email address to verify, which will consistently ask for your cell phone number. We live in a time where your cellphone, coupled with that doubly verified email address and any social networking you do through the device, will sift through any information it can access (which is all of it) and attempt to assume the identity of the caller, a phenomenon I experienced just this week when my Norwich Advisor Miss Gilman, contacted me.
Perhaps this is for the best. Population rates are skyrocketing and life expectancy is growing. Thanks to driverless cars, soon we can expect about a million deaths a year to just go away. That is a lot of people, and it will be increasingly difficult to keep track of those kinds of numbers. Yet with a little more authentication and accountability online, the internet could grow into a very useful tool for political necessities, like filing taxes, public census, participating in community forums, or even voting. There will, of course, be drawbacks to the eradication of anonymity. If users are subjected to a reliable authentication method prior to logging on, they would most likely be held accountable for their actions, or even opinions. We would likely see a rise in micro transactions for services, trivial fines for infractions, or even to access particular web pages.
As information becomes more accessible, and thanks to currency converters and language translators, we could also see a rise in globalization. More people participating and cooperating over the internet, the rise of a world economy, and possibly even see borders redefined, not by geographical limitations, but by other unknown quantifications, like interests and philosophies, or less appealing but more likely, the delineations would be based on economic status and religion. But like the NRC said, the future is coming forth at such a velocity it’s folly to attempt to predict it, and we could just as easily be headed in the opposite direction. With these leaks of information, and cases of tax evasion, and all of these questions of spying and security, we could just as easily find ourselves in a situation where our internets are closed, demoting the world wide web to closely controlled backbones by country, and all of the ignorance and prejudice that accompanies it.
And as we make our way towards these future times, new threats are sure to arise. Ranging from neglect, to robots, to information harvesting, all the way to social conditioning, 404 errors and other utility malfunctions. If, like an instance I predicted in earlier paragraphs, internet access is predicated by social authentication, then you are sure to see more cases of ID spoofing, (8.8) or the creation of fake usernames (identities). And with the inevitable internet of everything, every step, or click, in cyberspace with be monitored and measured, meaning every iota of information will be recorded by multiple sources, and invariably released to the wild. Datatapping will be easier than ever, and I’m sure analysts will spend hours trying to predict purchase patterns and psychological trends to garner more clicks.
It’s easy to imagine, with our world of browser incompatibility, incidental server malfunctions, and inevitable internet sluggishness, a future environment full of all the inconveniences of present technology. Your coffee maker having authentication issues, thereby disabling your custom cappuccino profile, forcing you to get a default decaf until the automated Keurig tech support can reset your preferences and enable a log in. Or the robotic snow shoveling service suffers a DHCP failure and blocks the only exit to the parking lot at work.
We are inevitably going to integrate any new technology into our lives, so we should be certain they are going to work for a long time, and withstand inordinate amounts of abuse, to ensure the functionality and sustainability of the future, preventing landfills from overflowing with forced obsolescence, technology designed to fail.