Thursday, November 20, 2014

"The Prancing Pony" and the reality of digital security and privacy

“I amar prestar aen (the world is changing), han mathon ne nen (I feel it in the water), han mathon ne chae (I feel it in the earth), a han noston ned gwilith (I smell it in the air)”. The The Lord of the Rings film trilogy, an adaptation of Tolkien's most famous novel, started this way, in Elvish. This story reflects how thousands of small accidents make up an ever-changing reality.

Some years ago, the digital world was very different. Its risk was about the same, but there was no awareness of it. Users saw the Internet as a window to a world of fantasy and black hat hackers were devoted to less hazardous duties.

At the time, Tor was "The Prancing Pony" for every inhabitant of Middle Earth. Activism or fraudulent business were covered by digital anonymity, which does not exist anymore. At Genbeta they wonder how law enforcement managed to take several heads of the black market on the deep web to court following the Onymous Operation on a network like Tor, which is supposedly impregnable.

When Frodo finds the ring in The Lord of the Rings movie he goes across the world putting himself at risk for common good. In this sense, Google recently announced that it will take secure communication protocols as a variable for its search results ranking, which triggered a wave of security awareness. Now the EFF along with Mozilla and other Internet giants plans to launch Let's Encrypt, the first organization of free TLS connections certification. Thanks to it, the use of this communication encryption protocol will be democratized.

The Fellowship of the Ring faced the Saruman’s legions. Now we have to defend ourselves against criminal minds who have a juicy target: digital goods. An alleged screensaver for Steam which has been spread by the users of this gaming community actually is a sophisticated malware to steal the digital goods they have on their accounts. These digital goods have a real price on the market which means that they can affect millions of dollars.

On The Lord of the Rings movie, the ring is the story core. What would happen if Bilbo had never found it? What if he had decided to keep it instead giving it to Frodo? Even worse. What if he had lost it as Gollum did? The ring in Middle-earth could it be the SIM today. A SIM controls our phone number, and therefore controls most services with two factors authentication.

Fortunately, we are not alone. Operating systems and antivirus suites increasingly offer protection against these dangers. Apple has published an article where details all OS X Yosemite security features. Some of them will sound familiar, some are brand new.

But if tools do not work, agencies will do. The FTC is investigating Apple to clarify what the company will do with user’s data from Health, an app which is installed on the iPhone 6, iPhone 6 Plus, and on the future Apple Wear. It works even if the user has not given explicit consent.

The world is changing. But risks are still present, with different names and different bodies. The question is how to diminish its consequences.


Post a Comment