Television has come a long way from the old black and white days. Today’s TV comes from things from online connection to cameras. Speaking of cameras, Samsung Smart TV corrected a huge wrong.
Due to a manufacture’s mistake, Samsung Smart TV has been forced to correct a huge wrong. A flaw let hackers get into any screen and turn on the TV and watch the TV remotely. That’s right, they can watch your TV without your control, knowledge or consent. They can use this to log onto your web accounts to get your information. Or worse, they can be watching your every move, even during your more intimate moments. Don’t worry, Samsung did fix the mistake. A security firm named iSEC Partners identified the issue and the makers combated it with proper software.
But this brings up bigger issues. How many more televisions have security flaws like this that weren’t caught? I read an article about how the Xbox One has a camera that can monitor someone at all times. Many of these TVs that connect online have little security, except for a password that often gives you more grief than it ever would a potential hacker. Until firms like iSEC Partners dive into the big issues, I think security issues like this will become more difficult to remedy. When you’re watching your favorite TV show tonight, who might your uninvited guest be?
Perhaps the story of the year is the NSA surveillance situation. We’ve learned the government is spying on our cell phones, emails and social media post. Now there’s a new revelation in this gift that keeps on giving.
The NSA now proudly reveals a program called XKeyscore. That is a wide-reaching intelligence development system for the Internet. According to reports, XKeyscore can be used to access many, many agency databases by simply giving a reason for the access. Another says it can cover nearly everything everybody does on the Internet ever! Some analysts say?XKeyScore can intercept all Internet activity. Some say it allows legal authorization to track any American without a search warrant. And apparently, this just didn’t start. As early as 2008, the NSA documents 300 terrorists were brought to justice thanks to XKeyScore.
But what about the rest of us? What about the rest of us who are just living our lives and obeying the law? Yes, you can use that old line, “If you’re not doing anything, then you don’t have anything to worry about.” Really? What is you say something in an email or social media post the authorities don’t like? What if you buy something online the authorities don’t like? And when they question you, what if you give them the wrong answer? Or worse yet, what if this system gets into the wrong hands? I just?read a disturbing story about hackers controlling someone’s?car behind a computer screen. What’s going to be next?
In the United Kingdom, a local activist campaigned to get Jane Austen on the British 10 pound bill. They say no good deed goes unpunished. This one sure didn’t.
This odyssey started when a woman named Caroline Criado-Perez led the fight to get the late 18th-early 19th century novelist and women’s rights activist on the 10 pound note. Not long after this became official (Austen’s face will be on the bill around 2017), Mrs. Criado-Perez started getting vile tweets. Many of these tweets threatened her with rape. This evil tweets increased to around 50 an hour! But what made it worse was Twitter’s slow response. She reported this abuse on Thursday, but according to her own testimony, it took until Monday to respond. Monday, police made an arrest in the case. Also, this case got so much attention a petition went around. This petition demanded Twitter add a ‘report abuse’ button for all potential cases; it got over 65,000 signatures.
I commend this petition and Caroline Criado-Perez for staying on top of Twitter in this. To their credit, Twitter has answered these cries. They promised to make a ‘report abuse’ button more available to all users. I hope they do this sooner than later. Think of all the bullying cases that have led to suicide?over?Twitter abuse. There have been celebrities like Sherri Shepard targeted by cowards hiding behind Twitter. They don’t have the guts to confront people to their faces with such evil. Shepard also reported this to the police. A more affective ‘report abuse’ button may not eliminate the problem all together, but it’s a start. What do you think can be done to combat such ugliness?
Did you know that venture capitalist have invested a whopping $700 million dollars into security startups in the past 12 months? According to one research firm, that’s 10 percent of all venture dollars in the US. Former spy chiefs are also investing. In fact, over 80 companies work on cyber security. This market was worth $67 billion dollars in 2012. By 2017, it will be worth $93. While budget cuts are being sought after in other areas, more money is wanted in cyber security operations.
Part of the reason for this investment, or so we’re told, is to stop hacking, and what hacking can lead to. Some are quick to remind us that just one cyber attack can lead to an act of war or other catastrophe. Cyber security investor Ted Schlein said, “Wars in the future will be fought initially through cyber means…So, if a commercial company can develop a pre-emptive offensive technology,
think it makes perfect sense.” People in his field say more is needed to be done to keep space with the increasing dangers of cyberspace.
On the surface, investing in cyber intelligence may seem like a good idea. I’ve read reports of millions of dollars being stolen by hackers and thieves from banks and credit cards. I’ve read reports of nations spying on other nations of military secrets and other sensitive information. But the cynic in me is telling me there’s something more to this. Something’s telling me these investments are going to keep the spying on innocent Americans going. And Heaven forbid if that innocent American ‘gets out of line.’ That’s my fear. Am I right or am I just paranoid?
We’ve heard and had it all, haven’t we? We heard of malware problems from one major company to the National Security Advisory spying on our devices. We thought the SIM card was safe, right? Well…
After years of research led by German cryptographer Karsten Nohl, software flaws have been found that can hit millions of SIM cards and can open up more cans of fraud and surveillance. He’ll?address this at a conference in a week or?two. ?Nohl and his team tested about 1,000 mobile phones of all types.?They found vulnerabilities caused by old security standards and bad configuration codes. These can let hackers infect the cards and?steal all?kinds of information, leading to fraud and theft. But thinking about?what we know?now, they don’t have to be hackers. I can see gov’t agencies using this to their advantage.
In this research, Nohl found only 25% of the phones?and SIM cards he tested can be hacked, and an eighth of the?cards could be really venerable. But that’s a half?billion mobile devices. Their biggest concern is Africa, where SIM card payments are so widespread,?and where?technology fraud is perhaps the most rampant. According to Nohl, companies are desperate to fight?hacking and fraud,?no matter where it lies.
So what’s to make of this? First of all, don’t freak out!?This is not fear mongering. I’m glad I came across this report because knowledge is power. The majority of the SIM cards?are okay. And now we know there is a threat, something can?be done. It appears cell phone companies are already getting the memo. If not, we can?do what we can to raise awareness on these issues. How concerned should we be about Nohl’s findings?
Hackers often get a bad reputation. And often times, rightfully so. But there are time when hackers try to do the good things, like wise up governments. Or at least, that’s what they want us to think.
Nations like Malta, South Africa and South Korea are hiring hackers to break codes for several reasons. One main reason is security. Smaller nations want to know what bigger and more powerful countries are up to. Unfortunately, it’s rumored the NSA has hired hackers to help them spy on us. Hackers call these zero days: coding flaws in software that can be bought by a competitor or rival. Not long ago, companies like Microsoft would buy them off, but now, who can turn down the offer of a national government? A few years ago, the US and Israel attacked Iran technologically with a computer worm called Stuxnet due to concerns over their nuclear program.
A former White House security advisor says, “Governments are starting to say, ?In order to best protect my country, I need to find vulnerabilities in other countries’.” The biggest zero days buyers are Israel, Russia,?Great Britain, and India. The Middle East nations?use these tactics also. Hackers can charge anywhere from $35,000 to $160,000?for these services. I know that may ?sound cheap, but just 10-15 years ago, many hackers would do this just for the?thrill.
So what to make of this? On one hand, maybe this is a good thing to keep other nations in check. But the more cynical side of me is looking at the darker side. What if these hackers secrets?lead to intense conflict? What if a?nation finds out something so destructive about another nation that it decides it has to…ahem…take action? I’d like to think these hackers have good intentions, but the?road to you know where?is paved with good intentions. So is?’zero days’ an instrument of peace or a weapon just waiting to happen?
