Thursday, February 21, 2013

protecting yourself from hackers, criminals and big brother

The recent Chinese hacking scandal is a real wakeup call... but how do we wake up?

Some folks would want to bark a lot, like a chihuahua dog, and then go back to sleep.
Or prepare for some kind of war with China.

Some of the Chinese army folks have really been trying to get our goat, that's for sure. "If you guys can use cyberwarfare to try to shut down Khamanei's plan to nuc Israel, why can't we use it to shut down the US economy, here and now?" (I wonder what Xi Jinping thinks about efforts to
shut down one of their biggest markets right now in the middle of a global recession? But the Bo Xlai
guys would love to get rid of Xi Jinping, in a flood of uncontained testosterone. Good old fashioned
warlord types.) What's more... I remember a talk on cybersecurity at the National Defense University in 2009, when they stressed that "it's not just software; folks can use this to kill hardware." In dark moments, I wonder what connections might or might not exist between the crash of my great
Imac at work in November, versus the new flood of viruses and the incessant, stepped-up attacks on ordinary folks at NSF which has become ever more visible over the past few weeks.

 A wake up call. The 1974 oil embargo should have been a wake up call.. and not just about
the price of gasoline then and there. This is not just about the Chinese army, though their willingness to attack right now without holding anything back is part of what we can deal with.

"Waking up" may include remembering an old idea on the back burner: should we seriously consider shifting BOTH from PCs and from Macs to machines with a properly installed SE-Linux kernel
or even Mimix? Should the US consider responding to the Chinese army AND TO THE MANY
OTHER such threats, by pushing hard for all government offices and critical infratsructure companies
to do the same? When my Mac died, should I have immediately shifted to something more secure immediately?

People once said "the Unix-like operating system of the Mac OS X makes it impossible for malware
to cause the same level of problem on a Mac as on a PC." Some grossly uninformed people have even said "Oh, all operating systems are created equal, it's a matter of principle." (So it doesn't matter whether the coder was implementing theorems, or just happened to be drunk and type in random code? Re the latter, I have had friends who got to see the "inner spaghetti" of some systems the world relies on.) But in fact... there is an interesting history of "macontrol" and "flashflake"
this past year. I haven't dared to visit websites like, now that I know
how easily the best macs with the most modern virus protection can be creamed just by clicking on the wrong thing. But it seems that even under Steve Jobs, Mac must have put in "back doors"
(not "phone home" stuff, but real back doors from the manufacturer, to let selected people
get back in), which the hackers found out about. The new Lion version does close one
of the most egregious back doors, but the  vibes out there suggest that the new generation is even more eager to please the folks who want big back doors.

Yes, there are folks who want all computers to have big back doors -- so that selected people
can keep an eye on you, and pursue legitimate goals such as protecting us from terrorists and mafias.
However, some of those folks have a very serious insider problem of their own, in part what I think of as "code name Trajan." Not Trojan, Trajan. And if the cost of backdoors is the ability of more serious folks to just shut us all down completely, are they really worth it? Are they sustainable,
in light of the problems now facing us?

By the way, I can think of technical means to make much safer backdoors, and other ways to
crack what people think cannot be cracked. But I don't see how that kind of technology "fix" would really change things. Technologies like solar power could be a big fix in their area, but in this area, even full-fledged superhuman machine intelligence would just add more players to the game.

Best of luck....

No comments:

Post a Comment