Security Through Simplicity
I recently stumbled upon a picture of myself from when I was 5-years-old sitting in front of my first computer – what would arguably be the catalyst that led me down the career path I am currently treading.
Like many do when confronted with reminders of our past, I thought back to what life was like then and how much has changed. It was immediately apparent – given that the oversized computer in this photo was much-less-powerful than the version currently nestled in my pocket – that times have changed on the technology front.
As with most things, for all of the advantages and conveniences that this astronomical leap in technology has brought us, there have also been disadvantages. For example, the increased convenience of banking and financial transactions created more opportunity for those wishing to move that money into their own pockets. With more complex systems and plugins that are all working separately to bring you a final product, a plethora of bugs and vulnerabilities have been introduced – if for no other reason because people simply cannot keep up with the speed at which all of those different technologies evolve.
With more methods of communication came more attack vectors for criminals to plant viruses that use our resources, or outright steal information or cash (even if that cash is blockchain). And of course with the proliferation of smart technology into every aspect of our lives, criminals (at least according to current law as far as most courts seem to be concerned) aren’t the only ones that are interested in collecting and storing our intimate details…
Decreased security and privacy alone don’t make up the sum of the price we’ve paid for better, faster, and stronger technology. It has caught my attention that there seems to be a growing interest in reducing one’s daily distractions – at work, and in their daily life. I’ve read several articles offering advice on how to reduce distractions and “become more productive” (the irony of searching for such a thing while working is not lost on me). Some suggestions include analog improvements like “creating a quiet, distraction-free workspace” and “tackle one thing at a time”, while others target technology directly – suggesting that you “turn off or silent your cell phone,” “manage your use of email and social media,” or perhaps the most audacious advice I’ve seen: “switch off your WiFi connection” (gasp!).
All joking aside, I believe you’d be hard-pressed to find a job that truly doesn’t require an internet connection since that is a pretty unreasonable suggestion for someone looking to decrease distractions while also improving productivity.
Even my text editor was in the cloud until recently…
The Fart in Smart
I found my smart TV often makes (incorrect) decisions on its own about types of input and how it should display them. Firing up Wireshark reveals that it sources a nonsensical network traffic jam of constant web requests for resources it already has and those that no longer exist.
The consensus, ignoring those that don’t seem to realize the implications of allowing a TV’s intelligence to go unchecked (have you seen terminator!?), seems to be to either:
- Disconnect it from the internet – and miss out on security/performance updates
- Buy a projector – and have a big, white wall
- Buy a “dumb” TV – but deal with the lower quality
- Buy a commercial monitor – $$$
Personally, I hope there are some “dumb” TV options on the horizon. Alternatively, the OS that Samsung uses for its TVs (Tizen) is open source, and LG has followed suit with webOS, but it may be worth a perusal to see what corrections can be made (or maybe it’s not worth our time).
The Google search trends must be increasing on this topic – they seem to have created an ad for android devices masquerading as P.h.D. backed advice that focuses entirely on how to “minimize distractions.” I’m not sure which is the chicken and which is the egg in this case, but Big Brother is not the only company to put stock in the idea that focusing on the lack of distraction their product can offer is good for business. Other members of this decreasingly exclusive club include:
- reMarkable – an e-ink device that promises to “keep you focused”
- MobiScribe – another e-ink device that is cheaper and open source
- The Light Phone – which encourages to “go light” while boasting that its product is “designed to be used as little as possible”
- The Traveler – “the ultimate distraction-free writing tool” which is not the first distraction-reduction focused product this company has created.
- Freedom – an app that allows you to block apps and websites
- Escape – an app for OSX that tracks the distracting sites you use
- SelfControl –
something tech giants should have with our dataanother OSX app. This one allows you to block distracting sites outright (at least on a timer).
- Productivity Planner – a notebook to help you be more productive… wait, where do you plug this one in?
As I was searching for examples of these pro-productivity devices, I can’t help but find the idea of owning devices that are simpler, dumber, and serve fewer purposes attractive. In fact, as previously mentioned, many of the security woes we’ve faced over the years have been due to the sheer unmanageable scale of all the different software and plugins that are all running simultaneously, making the attack surface of our gadgets potentially gargantuan.
The point is, if you like to manage your security on your own, you’re going to have a bad time with today’s electronics. It’s essentially a full-time job given that your attack surface is so great. But if you want to lessen that attack surface, then it may go a long way by starting to use devices that have a single (or at least fewer) purpose in mind (must… not… draw parallel to functional programming). They also have the added benefit of not tracking you all the time.
I’m not naive enough to say that this is the answer we’ve all been searching for, but I will say that I (like many others) am often annoyed with the amount of stuff my devices are doing without my knowledge or consent. Adopting devices that are doing less is a step in the right direction for security, and for my peace of mind.
With less power… comes less responsibility?
Dig Deeper with These Resources
Awake Security 2 Minute Explainer Video
What if security could think? What if it could sense danger, calculate risk, and react quickly based…
Real World Incidents Detected and Stopped by Awake
Organizations across industries use Awake every day to identify and stop modern threats from both internal and…