Want to network your Jeep Cherokee? Try smoke signals: they’re safer

This morning’s Observer column:

‘‘Jeep Cherokee hacked in demo; Chrysler owners urged to download patch”, was the heading on an interesting story last week. “Just imagine,” burbled the report, “one moment you’re listening to some pleasant pop hits on the radio, and the next moment the hip-hop station is blasting at full volume – and you can’t change it back! This is just one of the exploits of Charlie Miller and Chris Valasek … when they hacked into a Jeep Cherokee. They were able to change the temperature of the air conditioning, turn on the windshield wipers and blast the wiper fluid to blur the glass, and even disable the brakes, turn off the transmission, take control of the steering, and display their faces onto the dashboard’s screen.”

In some ways, this was an old story: cars have been largely governed by electronics since the 1980s, and anyone who controls the electronics controls the car. But up to now, the electronics have not been connected to the internet. What makes the Jeep Cherokee story interesting is that its electronics were hacked via the internet. And that was possible because internet connectivity now comes as a consumer option – Uconnect – from Chrysler.

If at this point you experience a sinking feeling, then join the club. So let us return to first principles for a moment…

Read on

LATER: Chrysler has issued a recall for 1.4 million vehicles as a result of the hacking revelations.

Appeasement over encryption is a *really* bad idea

This morning’s Observer column:

Ever since the internet emerged into public view in the 1980s, a key question has been whether digital technology would pose an existential challenge to corporate and governmental power. In this context, I am what you might call a recovering utopian – “utopian” in that I once did believe that the technology would put it beyond the reach of state and corporate agencies; and “recovering” in the sense that my confidence in that early assessment has taken a hammering over the years. In that period, technology has sometimes trumped politics and/or commercial power, but at other times it’s been the other way round.

The early battles were over intellectual property. Since computers are essentially copying machines, making perfect copies of digital goods became child’s play. As a celebrated trope put it: “Copying is to digital technology as breathing is to animal life.” So began the copyright wars, triggered by widespread piracy and illicit sharing of copyrighted files, which emasculated the music industry and led to the emergence of new corporate masters of the media universe – Apple, Spotify, YouTube and the rest – and the taming of the file-sharing monster. Result: Technology 1, Establishment 1.

The second battleground was the monitoring of network communications. The internet enabled anyone to become a global publisher and to exchange information via email with anyone who had a network connection. And this posed acute difficulties for established powers that were accustomed to being able to control the flow of information to their citizens. Since nothing on the net in the early days was encrypted, everyone communicated using the virtual equivalent of holiday postcards – readable by everyone who handled them en route to their destination. The only difficulty that states experienced in monitoring this unprotected torrent was its sheer volume, but Moore’s Law and technological development fixed that. It became feasible to collect “the whole goddam haystack” (to quote a former NSA director) if you threw enough resources at it. So they did – as Edward Snowden revealed. Result: Technology 0 Establishment 1.

But the biggest battle has always been about encryption…

Read on

Humans are the weakest link

This morning’s Observer column:

PGP (now in its fifth incarnation) does indeed enable one to protect one’s communications from spying eyes. It meets Snowden’s requirement for “strong crypto”. But it hasn’t realised its revolutionary potential because it turns out that powerful software is a necessary but not sufficient condition for effective security. And the reason is that, to be effective, PGP has to be implemented by humans and they turn out to be the weak link in the chain.

This was brought forcibly home to me last week at a symposium on encryption, anonymity and human rights jointly organised by Amnesty International and academics from Cambridge University…

Read on

So why are Internet users resigned to being surveilled?

This morning’s Observer column:

It would be patronising to assume that every internet user – except for the occasional geek – is a mug. Some people do read the terms and conditions to which they have to agree when signing up to use “free” internet services. They fully realise that “if the service is free then you are the product”. And yet they persist in using it. Why?

One possible reason is that they place a value on those “free” services. Various studies have tried to estimate what that value might be. A study by the consultancy company McKinsey, for example, asked 3,360 consumers in six countries what they would pay for 16 internet services that are now largely financed by ads. The conclusion was that households would pay €38 (£27) a month on average for those services. From this, McKinsey estimated that “free” internet services generate €32bn of consumer surplus in America and €69bn in Europe.

These calculations are music to the ears of Facebook and Google executives, who interpret them as proof that consumer tolerance of corporate surveillance is really evidence of “rational” economic behaviour. People put up with companies spying on them because they get a good deal out of it.

Into this comforting ointment, three academics have just implanted a number of flies…

Read on

Learning to read

Today’s Observer column:

I never thought I’d find myself writing this, but the Daily Mail has finally done something useful for society. Mind you, it’s done it unintentionally: it didn’t know it was doing good. But still… It would be churlish not to acknowledge its achievement…

Sounds improbable? I know. But read on

The biggest question posed by the Anderson Report

This morning’s Observer column:

When, in the summer of 2013, Edward Snowden began his revelations of the shocking scale of the electronic surveillance currently practised by the NSA and its overseas franchises in Britain, Canada, Australia and New Zealand, the big and obvious question was: is this just another scandal; or is it a real crisis?

Until this week, I’d have said that it was just another scandal…

Read on

Ed Snowden has definitely had an impact but…

This morning’s Observer column:

For anyone still in doubt about the impact of Edward Snowden’s revelations, it might be instructive to review what has been going on in the US Congress over the last few months, with legislators grappling with bills aimed at curbing the surveillance capabilities of the NSA and other federal agencies. In the end, in a classic congressional farce, there was a brief intermission in the NSA’s data-gathering capabilities, after which the Senate passed a bill to end the agency’s bulk collection of the phone records of millions of Americans.

At one level it’s a significant moment: one in which – as a Guardian leader writer put it – “an outlaw rewrites the law”. And in a few other countries, notably Germany, Snowden’s revelations do seem to be having a demonstrable impact – as witnessed, for example, by the Bundestag’s inquiry into NSA surveillance within the Federal Republic.

These are non-trivial outcomes, but we shouldn’t get carried away…

Read on

An iCar? Really? Is Apple smoking its own exhaust?

This morning’s Observer column about the strange fascination that the automobile industry has for otherwise sane geeks:

I remember once being in a British shopping arcade on the day that the local Apple Store opened for the first time. Long queues had formed from the moment the arcade gates had been unlocked that morning. Then came the magic moment: the glass doors opened, a hush fell on the assembled crowd, a group of T-shirted staff walked out, formed a human avenue leading into the store and then clapped rhythmically as the mob surged in. It was a truly extraordinary moment in which the conventional marketing mantra about the customer being king was turned on its head. In the case of Apple, it seemed, the customers felt privileged to be allowed to enter the store.

At the time, I concluded that much of this Apple worship could be put down to the astonishingly charismatic personality of Jobs. He was, after all, the only chief executive in the history of the world to be accorded the kind of adulation normally granted to rock stars and messiahs. Apple was obviously a one-man band and he was the Man. It seemed reasonable to conclude when he died, therefore, that the cult of Apple would diminish or at any rate that its share price would have peaked. An Apple car? Computer firm hires automotive engineers Read more

How wrong can you be? Jobs has been succeeded by Tim Cook, a nice man for whom the phrase “charisma deficit” might have been invented. But the cult of Apple is still going strong…

Read on.

Why Bitcoin is interesting

This morning’s Observer column:

When the banking system went into meltdown in 2008, an intriguing glimpse of an alternative future appeared. On 31 October, an unknown cryptographer who went by the name of Satoshi Nakamoto launched what he described as “a new electronic cash system that’s fully peer to peer, with no trusted third party”. The name he assigned to this new currency was bitcoin.

Since then, the world has been divided into three camps: those who think that bitcoin must be a scam; those who think it’s one of the most interesting technological developments in decades; and (the vast majority) those who have no idea what the fuss is about.

I belong in the second camp, but I can see why others see it differently…

Read on

Implications of a new machine age

This morning’s Observer column:

As a species, we don’t seem to be very good at dealing with nonlinearity. We cope moderately well with situations and environments that are changing gradually. But sudden, major discontinuities – what some people call “tipping points” – leave us spooked. That’s why we are so perversely relaxed about climate change, for example: things are changing slowly, imperceptibly almost, but so far there hasn’t been the kind of sharp, catastrophic change that would lead us seriously to recalibrate our behaviour and attitudes.

So it is with information technology…

Read on