Tag Archives: Security

SYNDICATED COLUMN: Security Is Ruining the Internet

Image result for no radio sign car

Another major cyberattack, another wave of articles telling you how to protect your data has me thinking about European ruins. Those medieval fortresses and castles had walls ten feet thick made of solid stone; they were guarded by mean, heavily armored, men. The barbarians got in anyway.

At the time, those invasions felt like the end of the world. But life goes on. Today’s Europeans live in houses and apartment buildings that, compared to castles of the Middle Ages, have no security at all. Yet: no raping, no pillaging. People are fine.

Security is overrated.

The ransomware attack that crippled targets as diverse as FedEx and British hospitals reminds me of something that we rarely talk about even though it’s useful wisdom: A possession that is so valuable that you have to spend a lot of money and psychic bandwidth to protect it often feels like more of a burden than a boon.

You hear it all the time: Change your passwords often. Use different passwords for different accounts. Install File Vault. Use encrypted communications apps. At what point do we throw up our hands, change all our passwords to “password” and tell malicious hackers to come on in, do your worst?

I owned a brand-new car once. I loved the look and the smell but hated the anxiety. What if some jerk dented it? Sure enough, within a week and the odometer reading in the low three digits, another motorist scratched the bumper while pulling out of a parallel parking space. I was so determined to restore the newness that I paid $800 for a new bumper. Which got scratched too. That was 13 years, 200,000 miles and a lot of dings ago. Still drive the same car. I don’t care about dents.

I’m liberated.

The Buddha taught that material attachments bring misery. He was right. During the 1980s crack epidemic addicts stole car stereos to finance their fixes. To avoid smashed windows, New Yorkers took to posting “No Radio” signs on their cars. But the really smart drivers’ signs read “Door unlocked, no radio.” It worked.

Hackers, we’re told, are ruining the Internet. I say our reaction to hack attacks has ruined it. It’s like 9/11. Three thousand people died. But attacking Afghanistan and Iraq killed more than a million. We should have sucked it up instead.

Security often destroys the very thing it’s supposed to protect. Take the TSA — please! Increased airport security measures after 9/11 have made flying so unpleasant that Americans are driving more instead. Meanwhile, “civil aviation” flights out of small airports — which have no or minimal security screenings — are increasingly popular. So are trains — no X-ray machines at the train station, either. Get rid of TSA checkpoints at the airport, let people walk their loved ones to the gate so they can wave goodbye, and I bet more people would fly in spite of the risk.

It’s not just government. Individuals obsess over security to the point that it makes the thing they’re protecting useless.

For my 12th birthday my dad gave me a 10-speed road bicycle. I still have that Azuki. It weighs a ton but it runs great. It’s worth maybe $20.

Bike theft is rife in Berkeley and Manhattan, but I tooled around both places on that banana yellow relic of the Ford Administration without fear of anything but the shame of absorbing insults from kids on the street. I often didn’t bother to lock up my beater. Never had a problem.

In my early 40s and feeling flush, I dropped $2400 on a royal blue Greg LeMond racing bike. Terrified that my prize possession might get stolen, I only ride it to destinations I deem ridiculously safe or where I’ll only have to leave it outside for a few minutes. So I hardly use it.

I’m an idiot.

Nice things are, well, nice to have. But they’re also a pain in the ass. In college one of my girlfriends (who I am not suggesting was a “thing,” obviously, and whom equally obviously I never thought I “had” in any ownership-y sense) had dazzling big blue eyes and golden blonde hair down to her waist and was so striking that guys literally walked into lampposts while gawking at her. Being seen with her was great for my ego. But every outing entailed a risk of violence as dudes catcalled and wolf-whistled; chivalry (and my girlfriend) dictated that I couldn’t ignore all of them. I sometimes suggested the 1980s equivalent of “Netflix and chill” (Channel J and wine coolers?) rather than deal with the stress. (We broke up for other reasons.)

So back to the big ransomware attack. What should you do if your ‘puter locks you out of your files unless you fork over $300? Wipe your hard drive and move on.

Back up regularly, Internet experts say, and this threat is one reason why. With a recent backup you can usually wipe your hard drive and restore your files from a backed-up version that predates the virus. Take that, villains! But no one does.

Meanwhile, our online lives are becoming as hobbled by excessive security as the airlines. Like the countless locks on Gabe Kaplan’s Brooklyn apartment door in “Welcome Back Kotter,” two-step authentication helps — but at what cost? You have to enter your password, wait for a text — if you’re traveling overseas, you have to pay a dollar or more to receive it — and enter it before accessing a site. Tech companies force us to choose a new password each time we forget the old one. Studies show that makes things worse: most users choose simpler passwords because they’re easier to remember.

The only thing to fear, FDR told us, is fear itself. What if we liberated ourselves from the threat of cyberattack — and a ton of work maintaining online security — by not having anything on our Internet-connected devices that we care about?

This would require a mental shift.

First, we should have fewer things online. When you think about it, many devices are connected to the Internet for a tiny bit of convenience but at significant risk to security. Using an app to warm up your house before you come home is nifty, but online thermostats are hardly worth the exposure to hackers who could drive up your utility bills, start a fire or even cause a brownout. Driverless cars could be remotely ordered to kill you — no thanks! I laugh at the Iranian nuclear scientists who set back their nation’s top-secret research program for years because their desire to cybercommute opened their system to the Stuxnet attack. Go to the office, lazybones!

The Internet of Things needs to be seriously rethought — and resisted.

As for your old-fashioned electronic devices — smartphones, tablets and laptops — it might be time to start thinking like a New Yorker during the 1980s. Leave the door unlocked. Just don’t leave anything in your glove compartment, or on your hard drive, that you would mind losing.

(Ted Rall (Twitter: @tedrall) is author of “Trump: A Graphic Biography,” an examination of the life of the Republican presidential nominee in comics form. You can support Ted’s hard-hitting political cartoons and columns and see his work first by sponsoring his work on Patreon.)

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditDigg thisShare on StumbleUponEmail this to someone

Never Satisfied: Why Russian Hackers Want to Steal Your Eye

Originally published by ANewDomain.net:

Russian hackers, and also hackers from former Soviet republics that are not Russia whom we lump with their Russian counterparts partly for convenience and mostly out of geographic ignorance, are trying to hack into your stuff.

No one knows why. What’s in it for them? What are they going to do? Steal your negative bank balance? Bring it on, fuckers!

I mean, for some reason, we are supposed to be really upset and scared when Target, or Bank of America, or the U.S. government, or whatever gets hacked and our precious “data” gets taken. Even though, if someone uses your credit card, nothing happens. You call them. They take off the charges. (If they’re total jerks, they can charge you a whopping $50 per card. Whatevs.)

Yeah, you have to call them, but hey, while you’re on the phone with them anyway, maybe you can give them a hard time about the 25.24 percent “penalty charge” interest rate they’re charging you despite the fact that this ain’t Weimar Germany.

I say, screw it: Give your credit card number out to random bums! Tell them not to use it in any stores with cameras, though — which there aren’t any. Never mind.

russian-hackers-want-to-steal-your-eyeAnyway, the latest development/fad on the trying-to-keep-Russian-hackers-out-of-your-personal-crap front is biometric identification: using your fingerprints (like on the iPhone), iris scans (like in creepy dystopian movies and at passport control at American airports) and voice recognition in lieu of a password.

Pretty smart! Fingerprints are pretty much unique, except for evil identical twins. (Don’t bother, evil fraternal twins.) Ditto for iris scans — not the flower, stupid — and voice recognition. If it’s your face, or fingerprint, or eye, then that’s you and not some Russian hacker. Right?

Maybe not.

It’s not impossible to imagine some mash-up of the 1997 movie “Face/Off,” in which John Travolta and some other guy who looks like Nick Cage get their faces switched and stuff happens, and the even older TV show “Mission Impossible,” which constantly deployed form-fitting face masks, as a way to foil biometric face ID technology. Take that, NSA with your real-time tracking of our heads via ubiquitous street surveillance cameras!

On the eye front, what if the Russians take a cue from the 1980s street gang the Westies, who controlled the Hell’s Kitchen neighborhood in Manhattan? Guys kept getting killed, and the prints on the murder weapons always suggested the same suspect — biggest gangster serial killer ever! Turned out the fingerprints belonged to a dude who’d been killed himself.

A clever boss kept the dead guy’s arm in the freezer and used it to apply his fingerprints to any gun used by his crew.

What if a Russian hacker stole your eye? Or hacked into your computer camera —yes,  they can do that — and created a 3-D scan of your orb on a 3-D printer?

Fingerprints, it turns out, are actually an incredibly shitty form of security. “Hackers have already made dummy fingerprints — using pictures of people’s hands available online — to swipe into the iPhone 6 scanner,” reports NPR.

Tech investor David Cowan says: “Either a password or a biometric can be stolen. But only the password can be changed. Once your fingerprint is stolen, it’s stolen forever, and you’re stuck.”

Well, not exactly. You could cancel that fingerprint, and use one of your other nine. But we take Cowan’s point: Best to stick with the classic “123456″ and “PASSWORD” passwords.

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditDigg thisShare on StumbleUponEmail this to someone

SYNDICATED COLUMN: I’m Not Changing My Passwords Just Cuz Hackers

http://i2.wp.com/cdn.bgr.com/2014/04/hackers-hacking-2.jpg?w=952

The 2003 film “House of Sand and Fog” depicts a tragic string of events that follows a woman who loses her house after ignoring eviction notices mistakenly sent to her for nonpayment of county taxes. A recovering drug addict recently abandoned by her husband, she’s overwhelmed by the deluge of bureaucratic housekeeping demanded by contemporary American society.

I think of that beleaguered woman’s character whenever I receive yet another notice from my credit card company that they are changing their terms and conditions, when an airline urges me to join their frequent flyer program, when a client informs me that they never received the email I’m sure I sent out, but now I can’t find in my sent messages. So much crap, so many petty details, why bother to get up in the morning?

Never is this deluge more front and center than during the immediate aftermath of the latest mass hacking, typically, allegedly, by online gangs in the former Soviet Union. During the Cold War, they said they would bury us. Now they are — in security-focused inanity.

In the latest fiasco that has to make one question if we are really better off now than we were in the old days of passbook savings, they’re saying that as many as 76 million households may have had their account information compromised by an incursion into computers at the banking conglomerate JPMorgan Chase. “The intrusion compromised the names, addresses, phone numbers and emails of those households, and can basically affect anyone — customers past and present — who logged onto any of Chase and JPMorgan’s websites or apps,” reports The New York Times. “That might include those who get access to their checking and other bank accounts online or someone who checks their credit card points over the web. Seven million small businesses also were affected.”

Understand this: we are supposed to be very very scared. And we’re supposed to be scared for a reason: they want us to act. They – the banks and corporations – want us to spend an awful lot of time and energy protecting their money.

Bear in mind, when someone steals your credit card data and makes unauthorized purchases or withdrawals, you’re not responsible. In short, it’s not your problem. But the media is colluding with the megabanks in order to make us care about something that we really shouldn’t.

Consider, for example, this advice to us banking customers in the Times article: “Those who want to add a layer of security to their financial life should consider a ‘security freeze,’ one of the strongest tools against theft because it prevents someone from trying to open a new account in a consumer’s name. When you freeze your reports, the big three credit bureaus will not release your credit reports to any company that does not already have a relationship with you. Financial providers and other companies typically request such reports before issuing a new account.”

Considering that this is something that the powers that be want us to do, they’re not making it easy.

The paper continues: “Consumers need to approach each of the three credit bureaus — Equifax, Experian and TransUnion — and may need to pay a small fee, depending on where they live. The process can be a hassle because the freeze has to be ‘thawed,’ or lifted, to apply for a new credit card, for instance, or for a mortgage. (And consumers may need to keep PINs and other information handy to do that).”

Uh-huh.

So let me get this straight. Credit agencies that earn billions of dollars selling our information, much of it erroneous, want to charge us for our own data, so we can protect the big banks that we bailed out in 2009 at taxpayer expense and even now refuse to refinance mortgages or lend to small businesses, a major reason that the economy is still terrible, and waste God knows how many hours online or on the phone dealing with this boring crap.

Well, hear this, Russian hackers and American banksters: I’m a busy person. I have a lot to do. Like most Americans, I work three jobs. If I ever find myself with any spare time, it’s going to be on the beach and is going to involve margaritas and good books.

I am not going to change my passwords every time I read one of these scare stories. I refuse to pick new unique passwords for each of my dozens of accounts. I will not freak out on behalf of people who don’t give a damn about me or anyone I care about. And it will be a cold day in hell before I put a credit freeze on my own account, and pay for the privilege.

(Ted Rall, syndicated writer and cartoonist, is the author of the new critically-acclaimed book “After We Kill You, We Will Welcome You Back As Honored Guests: Unembedded in Afghanistan.” Subscribe to Ted Rall at Beacon.)

COPYRIGHT 2014 TED RALL, DISTRIBUTED BY CREATORS.COM

 

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditDigg thisShare on StumbleUponEmail this to someone

The Little Prez

Public access to the White House and its environs has shrunk steadily since Andrew Jackson hosted a wild party there. Now the wake of a run by a deranged vet through the White House has security experts recommending that a safety corridor be extended several blocks beyond the White House fence. How safe is safe enough?

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditDigg thisShare on StumbleUponEmail this to someone

A Little Extra

After the 9/11 attacks, Americans reasoned that if they had to give up a little extra time at the airport in exchange for security, that was a bargain they were willing to make. As the NSA revelations demonstrate, however, that devil’s bargain led to a slippery slope.

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditDigg thisShare on StumbleUponEmail this to someone

LOS ANGELES TIMES CARTOON: A California Town Gets The Runaround

I draw cartoons for The Los Angeles Times about issues related to California and the Southland (metro Los Angeles).

This week:

I draw cartoons for The Los Angeles Times about issues related to California and the Southland (metro Los Angeles).

This week: The city of Newport Beach ran up a $35,000 bill providing additional security for an Obama fundraiser. Now the city says it is getting the runaround and that the Obama campaign, the U.S. Secret Service, and the Democratic National Committee keep passing the buck.

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditDigg thisShare on StumbleUponEmail this to someone

Boycott the Body Scan

If you’re flying Thanksgiving week, support the national boycott on the radiation-based body scan machines at TSA checkpoints. Insist on a pat-down. It’s humiliating and intrusive, but at least there won’t be a nude image of you on sale somewhere next year. Also, it slows down the system–which could force the government to reconsider this awful decision.

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditDigg thisShare on StumbleUponEmail this to someone