This page contains a Flash digital edition of a book.
Ioannidis, a principal researcher at the Foundation for Research and Technology – Hellas (FORTH), notes, for these consumer devices, security is a design afterthought, and every bit of extra software takes its toll in lost battery life. Still, he says, “all the security technologies we are using so far will stay with us, though they may run on a different layer or place on the network. It may use the latest and greatest hardware or newer algorithms. But it’s not like we’re going to get rid of sandboxing or fi rewalls.” For him, key upcoming dangers lie in the spread of internet connectivity to critical systems never designed for it – SCADA, the smart grid, power plants, the water supply network. “They’re all getting connected to the internet with access from anywhere in the world, and command-and-control decisions from across the globe”, Ioannidis observes. “There are multiple avenues of connection to the infrastructure and the potential for very, very bad results.” One aspect of this is that the standards for telecommunications equipment mandate lawful intercept: back doors in telecommunications equipment, so that everything everywhere is surveillance-ready.


Eric King, head of research at Privacy International, who last year exposed Western companies’ global trade in surveillance technologies, thinks a vital shift in government thinking is needed. “I don’t know when –


Much security decision- making will be outsourced, and the CISO will become more advisory


Bart Vansevenant Verizon


fi ve, ten, 30 years? – people will realize that the only way to protect national security and the national infrastructure is to ensure that consumer electronics are secured to the nines, because it’s the same stuff”, he contemplates. Today’s mandated back doors must go, in his view, because “when you try to tie that down and look at access logs or exercise oversight – it’s built so you can’t”.


To pull all this together into a longer


view, you need a science fi ction writer with a technical background like Charles Stross (Rule 34, Accelerando). Mulling the aforementioned trends, Stross imagines the planet decades hence: “Hot, unpleasant, crowded – but it won’t have a huge imbalance in wealth.” A key game-changer, in his view, is lifelogging; Moore’s Law will soon bring pocket-sized petabyte disks, storing full video and audio of all our waking lives, tagged with time, date, geolocation, and perhaps even health data. Text-to- speech will index it all, while making it searchable.


Even if the data is kept secure over a long period, how the meaning and context will change over time is unpredictable. Identity management will become a big issue. “We really do need to secure mobile phones better – tracking and wiping are just the beginning”, Stross says. “They’re not just people’s wallets, but their entire identity.” At which point, it may be that the thing most in need of protection will be the human carrying it. Be careful what future you wish for.


I Love You Dear, but I Have to Check My Email


When it comes to the future of information security, one thing is abundantly clear: the future is mobile. Not only are new mobile devices being gobbled up by consumers, enterprises are getting in on the act as well, with many allowing their employees to use their own devices to access enterprise networks. Our attachment to these


devices is why future security controls must think ‘mobile fi rst’, as was illustrated by some interesting polling results leading up to the recent Infosecurity Europe show in London:


38 What is the fi rst thing you do when you wake up in the morning? 25%


Kiss your partner


23.61%


Brush your teeth


15.28%


Check work email on your phone


22.22% 4.17%


Check your phone for messages


Do you perform work-related functions on your mobile device?


Look at your Facebook account on your phone


9.72% Other


33.33%


49.31% 17.36% No


Yes, and I use strong security


Yes, but I do not use strong security


Source: Infosecurity Europe street survey of 1000 people in London, March 26–30, 2012


May/June 2012


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52