Last week media was buzzing with an oh-so-simple solution to deploy in order to protect your smartphone from hackers. From NBC News, to Voice of America, the Indian Express, the National Security Agency, locals, nationals, you-name-it, the news paid off by explaining how easy it can be to safeguard mobile devices. Phew! Security … reinstated.
Since time immemorial the good guys have been chasing the bad guys. Cops and robbers. In truly ancient times—like Paleolithic—communes of hominins began needing security. Window and door companies back then didn’t craft security solutions because windows, doors, and companies weren’t things yet. Security risks existed. Ancient mankind was still evolving toward being able to communicate about risks, much less mitigate them.
The wheel, fire … sure. Early wins for mankind. Doors come in as a close third place. Fast forward a couple million years and doors had become part and parcel to anyone’s home. Still, as you may know, may have practiced, or possibly even still do, doors were commonly left unlocked in many parts of the civilized world, trust in neighbors being in vogue at one point in history. My pessimism notwithstanding, the door was a seemingly easy security solution for a while. Then, the bad guys figured out a workaround: Just walk in.
In our chase-the-robbers mold, next came locks. Guess where you might learn about the history of the lock-and-key? That’s right. The Information Superhighway. Accordingly (I’m uninterested in a historical thesis, or anything even perfectly researched on the topic), the internet tells us that around 6,000 years ago in the Assyrian Empire in Mesopotamia the evolution of door locks began. Maybe they were around earlier still, but archeological discoveries point to this time as a reliable beginning for this simple technology meant to thwart thieves. An actual encyclopedia—this, youngsters, is the paper version of the internet, or at least of Wikipedia—added that the likely earliest uses of door locks were for prisoners’ captivity, not exactly to keep criminals out.
Door locks, and all sorts of lack-and-key security solutions, then amped up their commercial purposes and gains during the Industrial Revolution. Again, the robbers figured out how to circumvent. Lock picks and the picking of locks became part of the story. Master keys could be compromised and misused. How could door locks ever be effective security devices again?
Around 30 to 50 years ago door locks were boosted with electronics. There went the good guys: “If the bad guys are getting at the hardware, let’s implement a software solution. Solved!” Radio frequency ID badges interact with a lock’s internal electronics to verify, or not, whether a user is allowed to traverse the threshold. The door has an RFID reader that waits for a particular signal. If the holder of the badge had their card programmed to access the space … Green light. Entrez vous, But wait. The robbers are pretty slick. What happens if they just pilfer an RFID badge? How can a door even conceivably know whether the user of the RFID badge is the actual, rightful owner of it? Security, averted.
Once again the smart, if not lagging, security experts solved that new dilemma. Biometrics have come on the scene during the past couple decades. Also, a more historical solution got involved in the story, too: closed circuit television. The CCTVs watch the RFID doors so that, at least, when a robber breaches the space the cops can watch the tale of the tape and try to identify the bad guy. On the biometrics side we’re getting really techie. An eyeball. A fingerprint. A face. Each of these mostly unique features possessed by doorway users can be presented to verify they are who they present themselves as. They are then allowed in.
Biometrics is how many smartphones are protected. Some use a fingerprint. Some, facial recognition. Ocular readers compare a user’s eye as presented at the device to a set of measurements already in the system as being belonging to a bona fide, permissible enterer. Life’s measurements—here, a few of our very personal metrics suit the approach—became the challenges for modern day criminals. To be gruesome, you might imagine ways that a bad guy might circumvent this technology solution. Thankfully, there’s more than one way to fool a biometric reader, as the phrase goes. Enter, the hackers.
Hackers, the group mostly associated with computer hacking, have been siding with good guys and bad guys as long as they’ve been active in the game. Here, I limit their ilk to the bad guys version. With computer skills, and no stomach for body part dismemberment, a hacker can get past the biometric checkpoints of smartphones. By rearranging the phone’s ones and zeroes, a hacker can fool the device to believe that what it sees through its camera lens or fingerprint reader is the legit user, so the phone gets unlocked.
Still, and again, the cops are on it. Here, the “cops” are not typically law enforcement but the security experts, some of whom I train or teach; many could teach me, for sure. The smarties at Apple, Android, Microsoft and the others continually provide software patches, which are normally small pieces of software that fill in the area being breached. Thus, the hole gets patched. Bad guys exploited the hole to get in. Good guys patch that hole. Whack-a-mole is the carny version.
All of this history of security is to add just another chapter, or maybe just a page, or even a mere sentence to the never-ending story. The rash of media and security experts who solved things last week, as I teased above, have the newest door-lock-RFID-CCTV-biometric solution. Once a week, turn off and restart your smartphone. That’s it. The ol’ reboot. Problem solved. Bad guys … ruined. Security … reinstated.
Ed is a professor of cybersecurity, an attorney, and a trained ethicist. Reach him at edzugeresq@gmail.com.
Commented
Sorry, there are no recent results for popular commented articles.