July 25, 2021

719 words 4 mins read

This Is How the World Will End

This Is How the World Will End

It is no secret that I am a big fan of technology. I recently had a conversation with a friend where she was recounting to me an incident where she left her phone at the gym, walking away for a good 20-minutes before she realized what she had left behind. My immediate response to that was “I am amazed that people can leave places without their phones.” Asked to explain that sentiment, I elaborated that I do almost everything on my phone. I use it to listen to music, it is my source of news, and it is the multi-factor authentication key to all of my accounts. My friend’s only comment at all of that was just that she didn’t like how we have all become so reliant on our phones.

Unfortunately though, like it or not we have become reliant on our phones. And as the world continues on this path of digitization, we will continue to become more reliant on our phones, computers, and technology in general.

But in an age where headlines frequently consist of companies being hit by ransomware attacks , products being exploited , and new zero days being found ; we need to be conscious of the risks to this trend. As well as what we can do to mitigate them where possible.

This is what Nicole Perlroth’s book, "This Is How They Tell Me the World Ends: The Cyberweapons Arms Race ", seeks to accomplish. In it, Pelroth undertakes the herculean task of disentangling and explaining the opaque zero day cyberarms market.

A “zero day ” is a "[vulnerability] in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it." Zero days are valuable because they can give bad actors (i.e. hackers) the ability to access any target system remotely, and do whatever they want within that system.

Think of everything in the world that runs on a computer. Hospitals , power generators , dams , nuclear reactors , and nuclear missiles. Now think about what would happen if even one of these things were hacked and were to go awry in some way shape or form. The scary truth of the matter however, is that these things have already happened (click on the links). And that we are lucky that the damage hasn’t been as large as it could have been. But our luck could eventually run out.

Pelroth’s deep dive into the murky world of cybersecurity is both illuminating and absolutely terrifying. Up until reading this book I did not fully realize the size and dynamism of the zero day exploit market. Think of any piece of technology, and dollars to donuts, someone has probably developed an exploit to hack into it. And depending on the specific piece of technology, that developer was probably paid anywhere from a few thousand to a few million USD for that exploit.

This is the zero day market. And in her book, Pelroth goes into detail as to the origins of this market; one that was almost single-handedly developed by the US government. The new players in this market; Russia, China, North Korea, Saudi Arabia, and Iran to name a few. The full extent and impact of a zero day exploit on everyday people; a huge of impact. And the level of understanding and control that those wielding these cyberweapons have on their own stockpile; not a lot. Perhaps the most terrifying revelation is that it is easily believable that any state could accidentally start World War III following an “oops” moment due to an unforeseen behavior in their own exploit.

The book is simultaneously informative and a cautionary tale on the dangers of technology. And I would definitely recommend it for anyone that is looking to get a better understanding of how the cybersecurity to our 21st century infrastructure works.

As far as the implications of what Pelroth’s book go. As a tech-head, after reading this, I am definitely much more conscious about what data I put out there in the world, even on my own systems. But it isn’t enough to get me to forsake technology. Technology is the way forward. But we need to be responsible and secure in the way that we use that technology.

Books Security Technology
Use a Password Manager

Use a Password Manager

January 24, 2021

If you are anything like me you have a lot of accounts to keep track of. Email. Social Media. Finance. Work. The list is endless. Each of these accounts all do different things. But despite those differences they all share one thing, you want to keep them secure. You want to make sure that only you have access to these accounts. Typically the best way to secure your account is to make sure that you have a good password.
Augmenting Reality

Augmenting Reality

August 22, 2021

Projects can come from the weirdest places at times. In this case it was a friend’s random offhand comment, “it would be cool to have an AR app that would help customers visualize having our products in their homes.” There must be something like that floating around the internet, right? An opensource augmented reality (AR) project that could be modified to use different, custom, 3D models. A quick google search later, and lo and behold such projects do exist .
What Does It Mean to Be a ‘Digital’ Business?

What Does It Mean to Be a ‘Digital’ Business?

July 4, 2021

Google, Facebook, Apple, Microsoft. These are the names that most come to mind when people think about “digital businesses”. They are companies that produce digital tools, but they do not have a monopoly on the concept of being digital businesses. Every company can be a digital business. And in fact, if COVID-19 has taught us anything, in the 21st century every company must become a digital business to survive and thrive.