Tech, culture, democracy. Scope, scale, speed. Loyal but disobedient.

The Sony hack, 2014

by Michael Peter Edson

A major cyberattack against the United States in 2014 was a clear example of how civilians can bear the brunt of such operations. Almost all cybersecurity experts and the FBI believe that the Sony Pictures hack that year originated in North Korea. A hostile country hit a U.S. civilian target with the intention of destabilizing a major corporation, and it succeeded. Sony’s estimated cleanup costs were more than $100 million. The conventional warfare equivalent might look like the physical destruction of a Texas oil field or an Appalachian coal mine. If such a valuable civilian resource had been intentionally destroyed by a foreign adversary, it would be considered an act of war.

In cyberwar, there are no rules: Why the world desperately needs digital Geneva Conventions, by Tarah M. Wheeler, Foreign Policy, 12 September 2018. Thinking about this in a new light today as we head to war with Iraq.

by Michael Peter Edson

“The location-tracking ‘MiSafe’ smartwatch may not be as safe as the name proclaims. According to security researchers from Pen Test Partners, the watches are easy to hack as they do not encrypt the data they use or secure each child’s account. The researchers found that they could track children’s movements, surreptitiously listen in to their activities and make spoof calls to the watches that appeared to be from parents.”

— MiSafe’s Child-Tracking Smartwatches Are Easy To Hack, posted by BeauHD on Friday November 16, 2018 @07:03PM from the not-so-safe-after-all dept

Cyberdefense is boring

by Michael Peter Edson

“Cyberdefense isn’t magic. It’s plumbing and wiring and pothole repair. It’s dull, hard, and endless. The work is more maintenance crew than Navy SEAL Team 6. It’s best suited for people who have a burning desire to keep people safe without any real need for glory beyond the joy of solving the next puzzle.”

In cyberwar, there are no rules, by Tarah M. Wheeler, Foreign Policy, 12 Septembe 2018

Privacy is hard

by Michael Peter Edson

“Privacy is Hard, Volume 18283833.

Knowing of 5 downloaded, non-vendor specific apps installed on a device is enough to uniquely identify over 90% of individuals in a sample of a million+ people.”

Privacy researcher and Director of Open Privacy Sarah Jamie Lewis (@SarahJamieLewis), 17 September 2018. Jamie Lewis cites Temporal Limits of Privacy in Human Behavior by Sekara et al, 2018

Jamie Lewis continues, “This result is not surprising but it’s a nice illustration of the how even seemingly ‘useless’/‘unimportant’ information like ‘what apps do you have installed’ can impact total privacy.”

Car hacking just got real

by Michael Peter Edson

“When I saw we could do it anywhere, over the Internet, I freaked out. I was frightened. It was like, holy fuck, that's a vehicle on a highway in the middle of the country. Car hacking got real, right then.”

Chris Valasek, as quoted in Hackers remotely kill a Jeep on the highway — with me in it, by Andy Greenberg, Wired, 21 July 2019

Valasek and his collaborator Charlie Miller found a way to remotely hack, and take, for all intents and purposes, full remote control of an entire class of automobiles by exploiting a vulnerability in their Internet-connected sound systems. Valasek and Miller’s work shows that hackers could create “a wirelessly controlled automotive botnet encompassing hundreds of thousands of vehicles.”

The Correct Sarah Connor

by Michael Peter Edson

If the Terminator were set in today’s world, the movie would have ended after four and a half minutes. The correct Sarah Connor would have been identified with nothing but a last name and a zip code—information leaked last year in the massive Equifax data breach. The war against the machines would have been over before it started, and no one would have ever noticed.

In cyberwar, there are no rules, by Tarah M. Wheeler, Foreign Policy News, 12 September 2018

The kindling was already everywhere

by Michael Peter Edson

There are no easy answers. More important, there are no purely digital answers.

…We didn’t get where we are simply because of digital technologies. The Russian government may have used online platforms to remotely meddle in US elections, but Russia did not create the conditions of social distrust, weak institutions, and detached elites that made the US vulnerable to that kind of meddling.

…Russia did not make the US (and its allies) initiate and then terribly mishandle a major war in the Middle East, the after-effects of which—among them the current refugee crisis—are still wreaking havoc, and for which practically nobody has been held responsible. Russia did not create the 2008 financial collapse: that happened through corrupt practices that greatly enriched financial institutions, after which all the culpable parties walked away unscathed, often even richer, while millions of Americans lost their jobs and were unable to replace them with equally good ones.

Russia did not instigate the moves that have reduced Americans’ trust in health authorities, environmental agencies, and other regulators. Russia did not create the revolving door between Congress and the lobbying firms that employ ex-politicians at handsome salaries. Russia did not defund higher education in the United States. Russia did not create the global network of tax havens in which big corporations and the rich can pile up enormous wealth while basic government services get cut.

…If digital connectivity provided the spark, it ignited because the kindling was already everywhere.

How social media took us from Tahrir Square to Donald Trump by Zynep Tufekci (with light editing), MIT Technology Review, August 2018

Keeping your powder dry

by Michael Peter Edson

“For everyone out there who is still operating by the old rules, and keeping their powder dry: This is the fight. You’re missing it. You won’t be remembered as wise for conserving your position later on; it won’t matter. None of it will. The fight is now.”

— Information warfare writer/researcher Molly McKew, @MollyMcKew, 27 July 2019

Some say the world will end in fire. Some say in ice.

by Michael Peter Edson

“…a European aircraft maker that said it cleans the cockpits of its planes every week of malware designed for Android phones. The malware spread to the planes because factory employees were charging their phones with the USB port in the cockpit.”

— Quoting security researcher Mikko Hyponnen, Technology News, via @allan