Categories
writings

Welcome to the aged, connected society

File under story I will never actually write:

In a not so far off future, an increasingly elderly society is decimated when massive numbers of people over 65 suddenly overdose. After much investigation the culprit turns out to be a group of young political activists who seek to save their future by eliminating retired people who are costing more and more in public health expenditure while also dominating the political process through their numbers. The effect of their age and voting block is that they keep raising the taxes of younger working people to fund their ever increasing healthcare needs. How did the hackers bring about an instant change in the political landscape? By hacking into internet connected automatic pill dispensers all the retirees use…

Categories
ranting

There is no security

Recently there have been a number of very interesting security stories out there. Last.fm and Dropbox password hashes and email addresses from hacks in 2012 were offered up – both of which include my email address. (And if you don’t understand the whole password/hashes/email address and why your password sucks, whatcha this: Password Cracking – Computerphile

The most recent story (a few days old now, because I’m slow posting things) is on using hacked IoT devices for DDoS attacks. This harks back to Stuxnet. A bunch of inetrnet connected things that no one ever thought to secure. Because, security is hard and, at least when I was in school, not properly taught to programmers. I hope they have fixed that.

Anyway, if you don’t know the details of Stuxnet, read Countdown to Zero Day. It’s amazing.

With Stuxnet, somebody went through a lot of trouble to attack Uranium Centrifuges. Somebody was willing to spend a lot of time and money on that, that’s for nukes so it makes sense. Spending that kind of money and time for a single high value target makes sense. The newest hack is more mass market, hack a million home security cameras and use them to launch DDoS attacks. The growth of IoT combined with our laziness in updating our devices (phones aside, when was the last time you updates your <insert connect but screenless device here>… your refrigerator may be responsible for the next major website take down. As Matthew Prince says in the Wall Street Journal’s article on the camera hack:

“It’s going to be very difficult to convince consumers to patch their refrigerator,”

Matthew Prince, CEO of CloudFlare, quoted in “Hackers Infect Army of Cameras, DVRs for Massive Internet Attacks” [wsj.com], on The Wall Street Journal