Friday, January 16, 2015

I’ve never cared for digital security

Best projects are born in your heart. It is said that James Hetfield wrote the following lines while talking on the phone with his girlfriend: "Never cared for what they say, Never cared for games they play, Never cared for what they do, Never cared for what they know." This stanza would eventually become part of one of the most famous ballads by Metallica called "Nothing else matters."

We never care about anything... until something becomes a problem. A home router commonly used in both Spain (Movistar) and Argentina (Arnet) has a critical vulnerability that allows an attacker to perform hijacking tactics on ​​outgoing connections. A criminal who knows the public IP of the router can steal sensitive information from his victim and even redirect him to fake services.

In fact, we don’t usually worry about something too much when things work well. We begin to worry when it stops working. Digital advertising platforms are used as a perfect gateway for malware distribution, as recently happened to Google AdSense. It suffered a campaign that redirected users to bogus websites where their devices were infected.

It is even worse when someone is concerned about the inner working of all this technological ecosystem since he tends to use it for not very ethical goals. The Taliban used an interesting method to communicate each other via email. They took advantage of controls and filter provided by services like GMail to send content that they knew for sure would be considered spam. This way they were able to bypass most of anti terrorist controls. In the end, who would consider an annoying commercial communication suspicious?

Perhaps it's time to start worrying. The song was released thanks to Lars Ulrich, the drummer of Metallica, otherwise it would never have reached the top-ten hit list in Europe and America for months. It is time to seriously consider how phishing works, so that we learn from our past mistakes, and avoid falling into deception over and over again.

It is also time to show solidarity with digital freedom and publicly reject situations like the one experienced by Raif Badawi, a blogger from Saudi Arabia who created a satirical forum on a number of religious figures and consequently was sentenced to 10 years in prison, a fine of $ 260,000 and receive 1,000 lashes.

We should be concerned about security and privacy, risk management and decide whether the security of cyberspace is a responsibility of the states or a responsibility of Internet providers. Actually it has been an open issue for years and that become stronger after Obama urged to unify resources, while some people see it as an open door for a new state of mass control.

“Nothing else matters.”


Post a Comment