Tag Archives: cybersecurity

Nanotechnology and cybersecurity risks

Gregory Carpenter has written a gripping (albeit somewhat exaggerated) piece for Signal, a publication of the  Armed Forces Communications and Electronics Association (AFCEA) about cybersecurity issues and  nanomedicine endeavours. From Carpenter’s Jan. 1, 2016 article titled, When Lifesaving Technology Can Kill; The Cyber Edge,

The exciting advent of nanotechnology that has inspired disruptive and lifesaving medical advances is plagued by cybersecurity issues that could result in the deaths of people that these very same breakthroughs seek to heal. Unfortunately, nanorobotic technology has suffered from the same security oversights that afflict most other research and development programs.

Nanorobots, or small machines [or nanobots[, are vulnerable to exploitation just like other devices.

At the moment, the issue of cybersecurity exploitation is secondary to making nanobots, or nanorobots, dependably functional. As far as I’m aware, there is no such nanobot. Even nanoparticles meant to function as packages for drug delivery have not been perfected (see one of the controversies with nanomedicine drug delivery described in my Nov. 26, 2015 posting).

That said, Carpenter’s point about cybersecurity is well taken since security features are often overlooked in new technology. For example, automated banking machines (ABMs) had woefully poor (inadequate, almost nonexistent) security when they were first introduced.

Carpenter outlines some of the problems that could occur, assuming some of the latest research could be reliably  brought to market,

The U.S. military has joined the fray of nanorobotic experimentation, embarking on revolutionary research that could lead to a range of discoveries, from unraveling the secrets of how brains function to figuring out how to permanently purge bad memories. Academia is making amazing advances as well. Harnessing progress by Harvard scientists to move nanorobots within humans, researchers at the University of Montreal, Polytechnique Montreal and Centre Hospitalier Universitaire Sainte-Justine are using mobile nanoparticles inside the human brain to open the blood-brain barrier, which protects the brain from toxins found in the circulatory system.

A different type of technology presents a risk similar to the nanoparticles scenario. A DARPA-funded program known as Restoring Active Memory (RAM) addresses post-traumatic stress disorder, attempting to overcome memory deficits by developing neuroprosthetics that bridge gaps in an injured brain. In short, scientists can wipe out a traumatic memory, and they hope to insert a new one—one the person has never actually experienced. Someone could relish the memory of a stroll along the French Riviera rather than a terrible firefight, even if he or she has never visited Europe.

As an individual receives a disruptive memory, a cyber criminal could manage to hack the controls. Breaches of the brain could become a reality, putting humans at risk of becoming zombie hosts [emphasis mine] for future virus deployments. …

At this point, the ‘zombie’ scenario Carpenter suggests seems a bit over-the-top but it does hearken to the roots of the zombie myth where the undead aren’t mindlessly searching for brains but are humans whose wills have been overcome. Mike Mariani in an Oct. 28, 2015 article for The Atlantic has presented a thought-provoking history of zombies,

… the zombie myth is far older and more rooted in history than the blinkered arc of American pop culture suggests. It first appeared in Haiti in the 17th and 18th centuries, when the country was known as Saint-Domingue and ruled by France, which hauled in African slaves to work on sugar plantations. Slavery in Saint-Domingue under the French was extremely brutal: Half of the slaves brought in from Africa were worked to death within a few years, which only led to the capture and import of more. In the hundreds of years since, the zombie myth has been widely appropriated by American pop culture in a way that whitewashes its origins—and turns the undead into a platform for escapist fantasy.

The original brains-eating fiend was a slave not to the flesh of others but to his own. The zombie archetype, as it appeared in Haiti and mirrored the inhumanity that existed there from 1625 to around 1800, was a projection of the African slaves’ relentless misery and subjugation. Haitian slaves believed that dying would release them back to lan guinée, literally Guinea, or Africa in general, a kind of afterlife where they could be free. Though suicide was common among slaves, those who took their own lives wouldn’t be allowed to return to lan guinée. Instead, they’d be condemned to skulk the Hispaniola plantations for eternity, an undead slave at once denied their own bodies and yet trapped inside them—a soulless zombie.

I recommend reading Mariani’s article although I do have one nit to pick. I can’t find a reference to brain-eating zombies until George Romero’s introduction of the concept in his movies. This Zombie Wikipedia entry seems to be in agreement with my understanding (if I’m wrong, please do let me know and, if possible, provide a link to the corrective text).

Getting back to Carpenter and cybersecurity with regard to nanomedicine, while his scenarios may seem a trifle extreme it’s precisely the kind of thinking you need when attempting to anticipate problems. I do wish he’d made clear that the technology still has a ways to go.

Digital life in Estonia and the National Film Board of Canada’s ‘reclaim control of your online identity’ series

Internet access is considered a human right in Estonia (according to a July 1, 2008 story by Colin Woodard for the Christian Science Monitor). That commitment has led to some very interesting developments in Estonia which are being noticed internationally. The Woodrow Wilson International Center for Scholars (Wilson Center) is hosting the president of Estonia, Toomas Hendrik Ilves at an April 21, 2015 event (from the April 15, 2015 event invitation),

The Estonia Model: Why a Free and Secure Internet Matters
After regaining independence in 1991, the Republic of Estonia built a new government from the ground up. The result was the world’s most comprehensive and efficient ‘e-government’: a digital administration with online IDs for every citizen, empowered by a free nationwide Wi-Fi network and a successful school program–called Tiger Leap–that boosts tech competence at every age level. While most nations still struggle to provide comprehensive Internet access, Estonia has made major progress towards a strong digital economy, along with robust protections for citizen rights. E-government services have made Estonia one of the world’s most attractive environments for tech firms and start-ups, incubating online powerhouses like Skype and Transferwise.

An early adopter of information technology, Estonia was also one of the first victims of a cyber attack. In 2007, large-scale Distributed Denial of Service attacks took place, mostly against government websites and financial services. The damages of these attacks were not remarkable, but they did give the country’s security experts  valuable experience and information in dealing with such incidents. Eight years on, the Wilson Center is pleased to welcome Estonia’s President Toomas Hendrik Ilves for a keynote address on the state of cybersecurity, privacy, and the digital economy. [emphasis mine]

Introduction
The Honorable Jane Harman
Director, President and CEO, The Wilson Center

Keynote
His Excellency Toomas Hendrik Ilves
President of the Republic of Estonia

The event is being held in Washington, DC from 1 – 2 pm EST on April 21, 2015. There does not seem to be a webcast option for viewing the presentation online (a little ironic, non?). You can register here, should you be able to attend.

I did find a little more information about Estonia and its digital adventures, much of it focused on digital economy, in an Oct. 8, 2014 article by Lily Hay Newman for Slate,

Estonia is planning to be the first country to offer a status called e-residency. The program’s website says, “You can become an e-Estonian!” …

The website says that anyone can apply to become an e-resident and receive an e-Estonian online identity “in order to get secure access to world-leading digital services from wherever you might be.” …

You can’t deny that the program has a compelling marketing pitch, though. It’s “for anybody who wants to run their business and life in the most convenient aka digital way!”

You can find the Estonian e-residency website here. There’s also a brochure describing the benefits,

It is especially useful for entrepreneurs and others who already have some relationship to Estonia: who do business, work, study or visit here but have not become a resident. However, e-residency is also launched as a platform to offer digital services to a global audience with no prior Estonian affiliation – for  anybody  who  wants  to  run their  business  and  life in  the  most convenient aka digital way! We plan to keep adding new useful services from early 2015 onwards.

I also found an Oct. 31, 2013 blog post by Peter Herlihy on the gov.uk website for the UK’s Government Digital Service (GDS). Herlihy offers the perspective of a government bureaucrat (Note: A link has been removed),

I’ve just got back from a few days in the Republic of Estonia, looking at how they deliver their digital services and sharing stories of some of the work we are up to here in the UK. We have an ongoing agreement with the Estonian government to work together and share knowledge and expertise, and that is what brought me to the beautiful city of Tallinn.

I knew they were digitally sophisticated. But even so, I wasn’t remotely prepared for what I learned.

Estonia has probably the most joined up digital government in the world. Its citizens can complete just about every municipal or state service online and in minutes. You can formally register a company and start trading within 18 minutes, all of it from a coffee shop in the town square. You can view your educational record, medical record, address, employment history and traffic offences online – and even change things that are wrong (or at least directly request changes). The citizen is in control of their data.

So we should do whatever they’re doing then, right? Well, maybe. …

National Film Board of Canada

There’s a new series being debuted this week about reclaiming control of your life online and titled: Do Not Track according to an April 14, 2015 post on the National Film Board of Canada (NFB) blog (Note: Links have been removed),

An eye-opening personalized look at how online data is being tracked and sold.

Starting April 14 [2015], the online interactive documentary series Do Not Track will show you just how much the web knows about you―and the results may astonish you.

Conceived and directed by acclaimed Canadian documentary filmmaker and web producer Brett Gaylor, the 7-part series Do Not Track is an eye-opening look at how online behaviour is being tracked, analyzed and sold―an issue affecting each of us, and billions of web users around the world.

Created with the goal of helping users learn how to take back control of their digital identity, Do Not Track goes beyond a traditional documentary film experience: viewers who agree to share their personal data are offered an astounding real-time look at how their online ID is being tracked.

Do Not Track is a collective investigation, bringing together public media broadcasters, writers, developers, thinkers and independent media makers, including Gaylor, Vincent Glad, Zineb Dryef, Richard Gutjahr, Sandra Rodriguez, Virginie Raisson and the digital studio Akufen.

Do Not Track episodes launch every 2 weeks, from April 14 to June 9, 2015, in English, French and German. Roughly 7 minutes in length, each episode has a different focus―from our mobile phones to social networks, targeted advertising to big data with a different voice and a different look, all coupled with sharp and varied humour. Episodes are designed to be clear and accessible to all.

You can find Do Not Track here, episode descriptions from the April 14, 2015 posting,

April 14 | Episode 1: Morning Rituals
This episode introduces viewers to Brett Gaylor and offers a call to action: let’s track the trackers together.

Written and directed by Brett Gaylor

Interviews: danah boyd, principal researcher, Microsoft Research; Nathan Freitas, founder, and Harlo Holmes, software developer, The Guardian Project; Ethan Zuckerman, director, MIT Center for Civic Media*

April 14 | Episode 2: Breaking Ad
We meet the man who invented the Internet pop-up ad―and a woman who’s spent nearly a decade reporting on the web’s original sin: advertising.

Directed by Brett Gaylor | Written by Vincent Glad

Interviews: Ethan Zuckerman; Julia Angwin, journalist and author of Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance*

April 28 | Episode 3: The Harmless Data We Leave on Social Media
This episode reveals how users can be tracked from Facebook activity and how far-reaching the data trail is.

Directed by Brett Gaylor | Written by Sandra Marsh | Hosted by Richard Gutjahr

Interviews: Constanze Kurz, writer and computer scientist, Chaos Computer Club

May 12 | Episode 4: Your Mobile Phone, the Spy
Your smartphone is spying on you—where does all this data go, what becomes of it, and how is it used?

Directed by Brett Gaylor | Written and hosted by Zineb Dryef

Interviews: Harlo Holmes; Rand Hindi, data scientist and founder of Snips*

May 26 | Episode 5: Big Data and Its Algorithms
There’s an astronomical quantity of data that may or may not be used against us. Based on the information collected since the start of this documentary, users discover the algorithmic interpretation game and its absurdity.

Directed by Sandra Rodriguez and Akufen | Written by Sandra Rodriguez

Interviews: Kate Crawford, principal researcher, Microsoft Research New York City; Matthieu Dejardins, e-commerce entrepreneur and CEO, NextUser; Tyler Vigen, founder, Spurious Correlations, and Joint Degree Candidate, Harvard Law School; Cory Doctorow, science fiction novelist, blogger and technology activist; Alicia Garza, community organizer and co-founder, #BlackLivesMatter; Yves-Alexandre De Montjoye, computational privacy researcher, Massachusetts Institute of Technology Media Lab*

June 9 | Episode 6: Filter Bubble
The Internet uses filters based on your browsing history, narrowing down the information you get―until you’re painted into a digital corner.

Written and directed by Brett Gaylor*

June 9 | Episode 7:  The Future of Tracking
Choosing to protect our privacy online today will dramatically shape our digital future. What are our options?

Directed by Brett Gaylor | Written by Virginie Raisson

Interviews: Cory Doctorow

Enjoy!