Friday, January 19, 2018
Perspective

Prepare to be hacked

Wherever you're sitting right now, take a moment to note the connected devices around you. In your pocket or handbag, you probably have an electronic key fob. You likely have a smartphone, which is connected to a Wi-Fi network and also has voicemail service.

You might be wearing a Nike FuelBand, or a Fitbit, or possibly even a new pair of Google Glass. Maybe you can spot a traffic light or an orange highway sign out of your window. A power strip is likely not too far away.

All of these devices share one thing in common: They can be hacked.

As we herald the coming Internet of Things, it's easy to forget that our ever-expanding tech playground is mostly unsupervised. There is no playground teacher to blow a whistle when another kid takes control of your Bluetooth headset. There is no Norton antivirus software for your garage door opener.

If you can plug it in or connect it to a network, your device — no matter what it is — can be harnessed by someone else. And that someone doesn't have to be a Chinese superhacker to do some serious damage with it, either on purpose or by accident. It can be your Uncle Roger, who doesn't have his new iPhone figured out and is cluelessly turning your lights on and off via your Belkin WeMo.

I'm a hobbyist. Because I study emerging technology and the future of media, I'm often tinkering, breaking things and putting them back together. Once, I wanted to see if I could break into the protected Wi-Fi network we set up for my daughter at home. Less than an hour later, I'd failed to penetrate her network but managed to shut down the main network for our house. Which I knew, because of my husband's sudden yelling upstairs.

Part of what makes new technology so exciting is that, unlike the old days, it works right out of the box. You no longer need to know how to build a computer, connect a modem, run a terminal emulator and install bulletin board system software in order to send a racy message to a co-worker. Now any tech idiot can download Snapchat and accidentally send a racy photo to his sister-in-law. The tech playground is more accessible and, as a result, increasingly problematic.

Just after the annual Black Hat Internet security convention a few months ago in Las Vegas, I asked a group of my friends — a Navy engineer, a professional hacker and a hobbyist — to help me come up with a quick list of devices that will be vulnerable during the next few years as the Internet of Things becomes widespread. Here's our (incomplete) list. (Entries with an asterisk are those we've tried hacking at home, for fun.)

Obvious

smartwatches*, smartphones*, computers*, tablets and phablets*, home computer locks*, the cloud (services, storage, software), ATMs at banks, printers, GPS devices*, Wi-Fi routers*, webcams*, thumb and portable USB drives, hotel and gym safes (they tend to use a single default passcode), cable box or DVR, voicemail (especially those with a global call-in number that doesn't lock out after successive failed attempts — we saw this with the News of the World scandal)

Less obvious

power strips (can be infected with malware), power cords for your devices (code can be implanted), luggage trackers (such as the Trakdot), connected glasses (Google Glass, Oculus Rift. As of now, Google's QR barcodes for Wi-Fi store the full access point name and password as plain text), gaming consoles: PS3, Kinect, Nintendo*, refrigerators (such as Samsung), cars with computer operating systems, smart pens (like the Livescribe), gesture control devices (the Leap)*, SD cards, cameras, smart alarm clocks*, coffeemakers, key fobs, light switches*, moisture sensors*, kitchen and pantry trackers (such as Egg Minder), insurance driving monitors, such as Progressive's Snapshot device, traffic lights (MIRT transmitters can change lights to green in two to three seconds), highway signs that spell out text

And we didn't even get into medical devices, which are frighteningly exposed to mischief.

The proliferation of all this technology creates a constant need to keep devices updated and secure. Perhaps the most vulnerable object in any American house is the cable box, because it is so rarely updated.

If what I'm saying makes you uneasy, you're not alone.

So how should we think about our constant vulnerability? I make a daily assumption that everything I do is hackable, but almost nothing I do is worth hacking. I have an awareness of potential vulnerabilities, and I'm trying to develop an evolving set of street smarts. You should, too.

For example, since I do a lot of work on the road while I travel, I now carry my own Wi-Fi hotspot. I can use a secure virtual private network to send and receive email and to access content that I have stored in the cloud. (To be sure, that network can be hacked, too, but at least I can watch the logs of what's coming and going and attempt to fight off intruders.)

I also keep this network cloaked, meaning that I haven't named it "Amy Webb's Hotspot." I routinely look at networks, just for fun, and I'm astonished at how many people use their own names or the names of their companies.

Instead, I've changed the names of all of my devices to my mobile phone number. That way, if my laptop is lost or stolen, someone will see a phone number rather than my name, which I hope means there will be less of an incentive to poke around my machine to see what's there.

My passwords are easy to remember but difficult to crack.

According to my hacker friend, you're best off with a long phrase that also includes numbers and at least one capital letter. Something like "Iwant99pizzas-and12beersfordinnertonight" is actually more secure than "Gx1U2y," because the algorithms that are used to crack passwords have to process many more computations the longer a password is, and as of now they're mostly not using natural language processing.

Another good rule is to turn off your peripherals when they're not in use. Don't leave your nanny cam on all day long. Same goes for nonessentials on your network, such as additional computers, game consoles, and the like. The more things you have plugged in, the more opportunities there are for penetration.

More important, I'd argue that all this hacking isn't necessarily a bad thing. A lack of rules is actually helpful for our burgeoning Internet of Things. I'd much rather that we all come to a good understanding of how our machines work than to start imposing regulations and restricting access.

The tech playground is open to all, offering a fantastic opportunity to teach kids how to use and control the many devices that are inextricably tied to their futures.

The more they break, the more they'll learn how to collaborate, fix, and innovate. Organizations like SparkFun Electronics are using next-generation open-source code to show everyone how to build and hack our Internet of Things.

Open networks are vital to innovation, even if they aren't totally secure. Personally, I'm looking forward to 50 years from now when I think the wrong sequence while looking at the light fixture in my grandchild's house and accidentally cause a blackout.

Amy Webb is the head of Webbmedia Group, a digital strategy agency, the author of "Data, A Love Story" and the co-founder of Spark Camp.

© 2014 Slate

Comments
Princess Pigtails' diary: the first 97 days of a foster mom and the little girl in her care

Princess Pigtails' diary: the first 97 days of a foster mom and the little girl in her care

Editor’s note: Shannon Colavecchio, a former Tampa Bay Times reporter now living in Tallahassee, decided in the summer of 2016 to begin the process of becoming a foster parent. Having been raised by her grandparents after her biological mother ...
Published: 01/19/18

Five interesting things

97%of federal criminal convictions never even went to trial; they were the result of guilty pleas."PACOM (CDW)-STATE ONLY"is the confusing shorthand phrase in a computer program drop-down menu that an emergency worker in Hawaii accidentally selected,...
Published: 01/17/18
Updated: 01/18/18
By the numbers, a story of the federal worker and the size of government

By the numbers, a story of the federal worker and the size of government

Politicians have often painted the federal workforce as a drag on the budget and burden for the taxpayer. Look no further than President Ronald Reagan, who famously said, "The nine most terrifying words in the English language are, ĎIím from the gove...
Published: 01/17/18
Updated: 01/18/18
A Little Perspective: Finding your art double and hops on Mars

A Little Perspective: Finding your art double and hops on Mars

The Google Arts and Culture app became the most downloaded mobile app last weekend, enabling users to compare a selfie to a database of art and find the closest match. Art aficionados, dabblers, narcissists and soul searchers pondering a cosmic conne...
Published: 01/12/18
Updated: 01/18/18
PolitiFact: How trustworthy are the polls, more than a year after the 2016 election?

PolitiFact: How trustworthy are the polls, more than a year after the 2016 election?

Over the past year, political professionals have been picking over the pre-election polling data to figure out whether the polls failed to predict Donald Trumpís upset victory over Hillary Clinton.In many peopleís minds, the polls were flat wrong in ...
Published: 01/09/18
Updated: 01/11/18

Five interesting facts

2 hoursis how long the power was out last week for the CES, the consumer electronics show, in the Central Hall of the Las Vegas Convention Center. The biggest electronics show of the year couldnít do much without a key ingredient: electricity. The ca...
Published: 01/08/18
Updated: 01/12/18
Perspective: Two dying memoirists wrote best-sellers about their final days. Then their spouses fell in love.

Perspective: Two dying memoirists wrote best-sellers about their final days. Then their spouses fell in love.

By Nora KrugSAN MATEO, Calif. ó The literary pairing was inevitable.When Breath Becomes Air, Paul Kalanithiís memoir of his final years as he faced lung cancer at age 37, was published posthumously, in 2016, to critical acclaim and commercial success...
Published: 01/08/18
Updated: 01/12/18

Perspective: Why do we get so itchy when we canít use our smartphones?

Americans spend a lot of time on their smartphones. But what can we learn about the connected state of mind by observing what happens when we canít use our devices?While much has been written about the effects of using our phones, from worries about ...
Published: 01/08/18
Updated: 01/11/18
Perspective: Oprah, donít do it

Perspective: Oprah, donít do it

PARIS ó I miss a lot of must-see TV on this side of the Atlantic. But by the time Iíd dropped off my daughter at school Monday morning, it was impossible not to notice how many people in my social media feeds felt something politically significant ha...
Published: 01/08/18
Updated: 01/11/18
Perspective: The systematic crushing of a #MeToo pioneer

Perspective: The systematic crushing of a #MeToo pioneer

Eight decades ago, Patricia Douglas made nationwide headlines, upstaging even the wedding of the former king of England and the American double-divorcťe Wallis Simpson. Then, just as suddenly, she vanished, hounded into exile by Hollywoodís most omni...
Published: 01/05/18
Updated: 01/11/18