Nobody Would Have Agreed to This

Written by

Geoff Halstead

Published on

Reading time

9 min.

Even George Orwell Could Not Have Imagined the World We Live in Today

Let’s Start with a Thought Experiment

If you are old enough, think back about 30 years or so – and if you are not, imagine your young self around about 1994. We are at the dawn of the Internet:  a new golden age of possibilities promising the democratization of information and economic power to the masses. You are in an auditorium, listening to a noted expert and evangelist tell you about this bright, shiny new future.

“The Internet will be pervasive global network, both wired and wireless, ubiquitously connecting all of us at all times to a massive grid of supercomputing power beyond our present capacity to even understand. We will carry with us at all times personal computing devices – they will be called tablets, laptops, mobile smartphones. Our residences and offices will have ‘smart home hubs,’ ‘smart speakers’ and ‘smart TVs’.  Our bodies will have wearable devices – watches, goggles and more – even embedded devices. When we go outside, cameras and sensors will watch us on every building and street corner – even from our neighbors’ doorbells! All of these devices will plug into this global network of centralized, supercomputing power so that every action we take and every word we speak will be surveilled, captured and fed into engines of artificial intelligence which continuously optimize their algorithms so that gigantic corporations can control and manipulate us. Governments – even in ‘democratic’ countries – will use this awesome matrix to spy on citizens, and authoritarian regimes will build the perfect tools for surveillance, repression and control. Every person born into this world will grow up having never experienced or even heard of the concept of privacy. Everyone will think this is normal.”

While some may feel otherwise, our take is: Nobody would have agreed to this!

And yet that is the world we live in today.  Like the proverbial frog in the pot of water, year by year over the course of decades, our privacy was taken away degree by degree until now we arrived at the boiling point. And all the while, we smiled happily, bedazzled by our screens and clickbait and the perpetual race to be ever more efficient.

How Did We Get Here?

Like most good stories, it’s both complicated and simple. The through line is that the Internet and telecommunications networks – which we depend upon for everything we do in the digital world and most of what we do outside of it – are insecure and NOT private. There are root causes for this – both by accident and by design.

1. Centralized Architecture and Control

The Internet was designed to be decentralized – a way to connect computing devices directly to other computing devices. Yet, the Internet we use today is completely dependent upon and run by centralized servers, certificate authorities and networks – all of which are controlled by people.   

How this happened is the subject of many great blogs, books and even movies, but the situation today can be understood by looking at 3 central pillars that run the Internet.

Certificate compromised

Centralized Networks. All of your activities and transactions online run over a small group of Internet Service Providers and Telecommunications companies which are permeated with back doors and gaps exploited by hackers and authoritarian governments in equal measure.

Centralized Servers. “The Cloud” that we all depend upon brings data and application logic together into enormous data centers with chains of servers controlled by a handful of companies that process and store everything in data lakes, and every device and end user depends on their safeguarding.

Centralized Certificate Authorities. The entire ‘Chain of Trust’ that is meant to guarantee privacy and security on the Internet depends on Certificate Authorities. These are entities that store, sign, and issue digital certificates which are used by parties (Web servers and the applications and devices of end users) to secure all of the connections, transactions and communications between them. But the market for globally trusted TLS/SSL server certificates is largely held by a small number of multinational companies today.

2. Networks and Connections are Visible and Vulnerable

With Internet Protocol, network addresses and traffic are visible, and connections are insecure by default. 

Network and connection vulnerable

You can think of a server – or any device – connected to the Internet like a house, and hackers like robbers on the prowl. But unlike a house, attackers on the Internet can find and study a Web server and its network of connections from anywhere in the world, using automated tools that never sleep. They can observe and study all of the doors, windows and other entries, who enters and leaves, how and where they do that. If the front door is locked, they can go around and test them all, and if one is left open, get in. And thanks to Internet Protocol, they can always test and “knock” until they find an opening, steal the key from legitimate users or any of innumerable other techniques to penetrate their target. It only takes one mistake or gap.  

3. Data is Vulnerable

When robbers break into your house, they steal cash and goods. When hackers break in, it is usually data they are after – and data is everything now:  your email, messages, documents, videos, health records, money . . . everything.

But data is vulnerable both on cloud servers and our endpoint devices because it is either not encrypted or someone else has the keys. So, when the first two vulnerabilities lead to compromise, the data is just lying around for theft, exploitation, surveillance or otherwise.

“Just Trust Us”

So today you always have to just trust the Privacy Policies and ability of Web platforms, application providers – and yes also VPN companies – and the people in them – to defend their platforms and infrastructure from outside and inside attacks. This is why – to cite just a few examples:

What these examples all have in common are the three vulnerablities above.

  • Things which are centralized are always run by people – so your security and privacy is only as good as their lowest paid engineer – or any disgruntled insider.
  • Even when humans don’t fail, Internet Protocol ensures that there will be a back door waiting to be found.
  • When attackers do get in – the data is lying around unencrypted, or the keys are right there up there with it on the Cloud.

It doesn’t matter whether your are a gigantic organizations with the best security architectures and processes in place, or an average individual Internet user:  the whole design of the system is stacked against you. Sooner or later, if it is valuable enough, it will be compromised.

So Here We Are – and It’s Getting Even Worse

The result of all this is the world we live in today.

  • Surveillance by governments, corporations and the industrial information complex is pervasive.
  • No device, data, or digital asset of value is safe from criminals and hackers.
  • Everything and anything of value on the Internet can and will be compromised.

And as bad as it now, just wait – it will get much worse thanks to two massive technology revolutions now washing over us.

Artificial Intelligence

Artificial Intelligence is exponentially lowering the costs and increasing the scale and power of surveillance and malicious or criminal cyberattacks. The bad guys used to only go after the big data lakes because – like banks  – that’s where the money was. But when you can use AI driven automation and spoofing to:

that changes the equation.

Is AI also being used to thwart cyberattacks? Of course. But what history tells us is that the attackers are always 3 steps ahead, and so long as the fundamental vulnerabilities of the networking, communications and data in the Cloud are not addressed, they will remain so.

Internet of Things (Hint- this includes your Smart Home and Office)

The Internet of Things is rightly called a major driver of the 4th Industrial Revolution. The possibilities of connecting billions of people and machines, with access to unprecedented amounts of data, storage capacity and processing power are endless. Amongst those are the possibilities for ransomware gangs, nation state actors and others to move on to hacking:

your Smart Car – while you are in it;

  • your smart, connected pacemaker and insulin pumps;
  • your Smart Home thermostat; and
  • whatever else we dream up to embed into our homes, offices, lives and bodies.

What could go wrong?!    We will find out soon enough:

What Can We Do About It?

That will be the focus of our next blog – and is the mission to which Faction has dedicated itself. This is not something that we – or any person or company alone – can fix. But it starts with three things.

We have to be aware and care

This blog and news site is our small contribution to that effort, putting a spotlight on the challenges in areas where our technology can make a difference. There are many great journalists, bloggers and privacy organizations doing the real work here, and we will pass you on to them for the in-depth coverage of stories that pique your interest.

We need tools that put each person in control of their own privacy

Our part in this is giving people the ability to truly control the privacy and security of their networking, communications and data to their own devices and within their collaborative groups. Other companies, individuals and groups are attacking other parts of this problem, and we will ally, partner and integrate wherever we can to move the cause of personal digital privacy and security forward. 

We need to start now

Back to that frog in the boiling pot of water. There’s no time to lose:  opt out now! We can use all these wonderful technologies of the 4th industrial revolution, but we don’t have to be their prisoners. Every journey begins with the first steps. Ours starts here.  

Related Blogs

WiFi

Alert: Two major flaws expose WiFi networks to attack, affects billions of users

Reading Time: 5 min.

Summary Two major flaws in open-source software could enable bad actors to break into password-protected home and enterprise WiFi networks. The…

Read more

The Internet Cannot be Defended from the PRC

Reading Time: 4 min.

The NSA release this week a comprehensive report with explicit details of the extent of the activity and ‘Tradecraft” of…

Read more
Keep It Simple

KISS: Keep It Simple Security

Reading Time: 7 min.

Faction Networks changes the paradigm and enables K.I.S.S. by going back to the foundation of actually securing networking, and then…

Read more
Linux XYZ Utils Back Door

The System is Blinking Red

Reading Time: 6 min.

The “Good Enough” strategy in Cyber Security is not going to cut it any more. The time frame here is…

Read more

How Could This Happen?! A Deep Dive into the Change Healthcare Attack

Reading Time: 11 min.

It’s not an aberration – it WILL happen again As many of you have no doubt heard or read about,…

Read more
Food Manufacturing

Not Just ‘Factories’ – 40% of Food & Beverage Manufacturers Impacted by Ransomware Attack

Reading Time: 1 min.

JSB Foods ransomware incident just a prominent example According to Claroty, more than 40% of food and beverage-sector respondents had…

Read more
Hacking data

Why a 2nd Class Air National Guardsman Could Read the Pentagon’s Briefings on Ukraine’s War Plan

Reading Time: 3 min.

Most people by now have heard of Jack Teixeira, or if not at least the infamous story of how a…

Read more
Smart UPS Devices

Uninterruptible Power Supply (UPS) Devices In the Bullseye for Hackers

Reading Time: 2 min.

Weak Protocols and Built-in Back Doors Make These Inviting Targets The Cybersecurity and Infrastructure Security Agency (CISA) and the Department…

Read more

Nobody Would Have Agreed to This

Reading Time: 9 min.

Even George Orwell Could Not Have Imagined the World We Live in Today Let’s Start with a Thought Experiment If…

Read more

5 Easy Cybersecurity Steps to Radically Reduce Your Risk NOW

Reading Time: 9 min.

For most small to mid-sized business owners, just keeping business and operations running is the primary concern. When one looks…

Read more

Warning: Undefined array key 0 in /var/www/factionnetworks/wp-content/themes/bricks/includes/elements/code.php(216) : eval()'d code on line 19

Warning: Attempt to read property "cat_ID" on null in /var/www/factionnetworks/wp-content/themes/bricks/includes/elements/code.php(216) : eval()'d code on line 19

Warning: Undefined array key 0 in /var/www/factionnetworks/wp-content/themes/bricks/includes/elements/code.php(216) : eval()'d code on line 20

Warning: Attempt to read property "cat_name" on null in /var/www/factionnetworks/wp-content/themes/bricks/includes/elements/code.php(216) : eval()'d code on line 20

Nobody Would Have Agreed to This

Even George Orwell Could Not Have Imagined the World We Live in Today Let’s Start with a Thought Experiment If you are old enough, think back about 30 years or so – and if you are not, imagine your young self around about 1994. We are at the dawn of the…

Reading Time: 9 min.

Even George Orwell Could Not Have Imagined the World We Live in Today

Let’s Start with a Thought Experiment

If you are old enough, think back about 30 years or so – and if you are not, imagine your young self around about 1994. We are at the dawn of the Internet:  a new golden age of possibilities promising the democratization of information and economic power to the masses. You are in an auditorium, listening to a noted expert and evangelist tell you about this bright, shiny new future.

“The Internet will be pervasive global network, both wired and wireless, ubiquitously connecting all of us at all times to a massive grid of supercomputing power beyond our present capacity to even understand. We will carry with us at all times personal computing devices – they will be called tablets, laptops, mobile smartphones. Our residences and offices will have ‘smart home hubs,’ ‘smart speakers’ and ‘smart TVs’.  Our bodies will have wearable devices – watches, goggles and more – even embedded devices. When we go outside, cameras and sensors will watch us on every building and street corner – even from our neighbors’ doorbells! All of these devices will plug into this global network of centralized, supercomputing power so that every action we take and every word we speak will be surveilled, captured and fed into engines of artificial intelligence which continuously optimize their algorithms so that gigantic corporations can control and manipulate us. Governments – even in ‘democratic’ countries – will use this awesome matrix to spy on citizens, and authoritarian regimes will build the perfect tools for surveillance, repression and control. Every person born into this world will grow up having never experienced or even heard of the concept of privacy. Everyone will think this is normal.”

While some may feel otherwise, our take is: Nobody would have agreed to this!

And yet that is the world we live in today.  Like the proverbial frog in the pot of water, year by year over the course of decades, our privacy was taken away degree by degree until now we arrived at the boiling point. And all the while, we smiled happily, bedazzled by our screens and clickbait and the perpetual race to be ever more efficient.

How Did We Get Here?

Like most good stories, it’s both complicated and simple. The through line is that the Internet and telecommunications networks – which we depend upon for everything we do in the digital world and most of what we do outside of it – are insecure and NOT private. There are root causes for this – both by accident and by design.

1. Centralized Architecture and Control

The Internet was designed to be decentralized – a way to connect computing devices directly to other computing devices. Yet, the Internet we use today is completely dependent upon and run by centralized servers, certificate authorities and networks – all of which are controlled by people.   

How this happened is the subject of many great blogs, books and even movies, but the situation today can be understood by looking at 3 central pillars that run the Internet.

Certificate compromised

Centralized Networks. All of your activities and transactions online run over a small group of Internet Service Providers and Telecommunications companies which are permeated with back doors and gaps exploited by hackers and authoritarian governments in equal measure.

Centralized Servers. “The Cloud” that we all depend upon brings data and application logic together into enormous data centers with chains of servers controlled by a handful of companies that process and store everything in data lakes, and every device and end user depends on their safeguarding.

Centralized Certificate Authorities. The entire ‘Chain of Trust’ that is meant to guarantee privacy and security on the Internet depends on Certificate Authorities. These are entities that store, sign, and issue digital certificates which are used by parties (Web servers and the applications and devices of end users) to secure all of the connections, transactions and communications between them. But the market for globally trusted TLS/SSL server certificates is largely held by a small number of multinational companies today.

2. Networks and Connections are Visible and Vulnerable

With Internet Protocol, network addresses and traffic are visible, and connections are insecure by default. 

Network and connection vulnerable

You can think of a server – or any device – connected to the Internet like a house, and hackers like robbers on the prowl. But unlike a house, attackers on the Internet can find and study a Web server and its network of connections from anywhere in the world, using automated tools that never sleep. They can observe and study all of the doors, windows and other entries, who enters and leaves, how and where they do that. If the front door is locked, they can go around and test them all, and if one is left open, get in. And thanks to Internet Protocol, they can always test and “knock” until they find an opening, steal the key from legitimate users or any of innumerable other techniques to penetrate their target. It only takes one mistake or gap.  

3. Data is Vulnerable

When robbers break into your house, they steal cash and goods. When hackers break in, it is usually data they are after – and data is everything now:  your email, messages, documents, videos, health records, money . . . everything.

But data is vulnerable both on cloud servers and our endpoint devices because it is either not encrypted or someone else has the keys. So, when the first two vulnerabilities lead to compromise, the data is just lying around for theft, exploitation, surveillance or otherwise.

“Just Trust Us”

So today you always have to just trust the Privacy Policies and ability of Web platforms, application providers – and yes also VPN companies – and the people in them – to defend their platforms and infrastructure from outside and inside attacks. This is why – to cite just a few examples:

What these examples all have in common are the three vulnerablities above.

  • Things which are centralized are always run by people – so your security and privacy is only as good as their lowest paid engineer – or any disgruntled insider.
  • Even when humans don’t fail, Internet Protocol ensures that there will be a back door waiting to be found.
  • When attackers do get in – the data is lying around unencrypted, or the keys are right there up there with it on the Cloud.

It doesn’t matter whether your are a gigantic organizations with the best security architectures and processes in place, or an average individual Internet user:  the whole design of the system is stacked against you. Sooner or later, if it is valuable enough, it will be compromised.

So Here We Are – and It’s Getting Even Worse

The result of all this is the world we live in today.

  • Surveillance by governments, corporations and the industrial information complex is pervasive.
  • No device, data, or digital asset of value is safe from criminals and hackers.
  • Everything and anything of value on the Internet can and will be compromised.

And as bad as it now, just wait – it will get much worse thanks to two massive technology revolutions now washing over us.

Artificial Intelligence

Artificial Intelligence is exponentially lowering the costs and increasing the scale and power of surveillance and malicious or criminal cyberattacks. The bad guys used to only go after the big data lakes because – like banks  – that’s where the money was. But when you can use AI driven automation and spoofing to:

that changes the equation.

Is AI also being used to thwart cyberattacks? Of course. But what history tells us is that the attackers are always 3 steps ahead, and so long as the fundamental vulnerabilities of the networking, communications and data in the Cloud are not addressed, they will remain so.

Internet of Things (Hint- this includes your Smart Home and Office)

The Internet of Things is rightly called a major driver of the 4th Industrial Revolution. The possibilities of connecting billions of people and machines, with access to unprecedented amounts of data, storage capacity and processing power are endless. Amongst those are the possibilities for ransomware gangs, nation state actors and others to move on to hacking:

your Smart Car – while you are in it;

  • your smart, connected pacemaker and insulin pumps;
  • your Smart Home thermostat; and
  • whatever else we dream up to embed into our homes, offices, lives and bodies.

What could go wrong?!    We will find out soon enough:

What Can We Do About It?

That will be the focus of our next blog – and is the mission to which Faction has dedicated itself. This is not something that we – or any person or company alone – can fix. But it starts with three things.

We have to be aware and care

This blog and news site is our small contribution to that effort, putting a spotlight on the challenges in areas where our technology can make a difference. There are many great journalists, bloggers and privacy organizations doing the real work here, and we will pass you on to them for the in-depth coverage of stories that pique your interest.

We need tools that put each person in control of their own privacy

Our part in this is giving people the ability to truly control the privacy and security of their networking, communications and data to their own devices and within their collaborative groups. Other companies, individuals and groups are attacking other parts of this problem, and we will ally, partner and integrate wherever we can to move the cause of personal digital privacy and security forward. 

We need to start now

Back to that frog in the boiling pot of water. There’s no time to lose:  opt out now! We can use all these wonderful technologies of the 4th industrial revolution, but we don’t have to be their prisoners. Every journey begins with the first steps. Ours starts here.  

If you liked this post, Share it on: