Taking control back26 Jan 2020
What is the purpose of technology? I think it’s purpose to serve us, people, to improve our lives, not the other way around. Recent decades of technological progress made a lot of things possible, for example connecting us to friends and family regardless of where we are in the world. Today we are carrying computers that are capable of running AI calculations in our own pockets. Who could have imagined that 10-20 years ago. Today each household has a lot of devices/gadgets(essentially computers) online and number will continue to grow. For example in IoT space there is a projection that by 2025 we will see around 80 Billions of connected devices, which is almost 10 times more than number of people on the planet today. Each of these devices will be constantly exchanging data with internet servers. Everything runs on data created by us using it. While device is serving it’s purpose how can you tell that it’s not gone rouge, or even if it is working as designed how do you know what it suppose to do on a back end and what data it transmits. Unfortunately often times, especially in start-up environment, security added to the product as an afterthought. Short on cash start-ups rushing their products to the market, and in that rush potentially delivering products with security flaws. As such those flawed devices will eventually populate botnets that are being sold and used by hackers. It’s not a question of “if” it’s a question of “when”. Usually as long as product serves it’s purpose complexity of how everything works is dismissed by regular consumers. However even anonymized data can be used for bad purposes in wrong hands just like what Washington Post reported about fitness trackers back in 2018 or more recent from NY Times. Key point is that even consumer grade systems has to be built with security and ethics in mind since very inception.
Complexity only goes up when you look at laptops or smartphones, as each of them runs hundreds if not thousands applications and each application built from a many components and security flaw in a single component can compromise entire system. It’s entirely different dimension when you factor in users, and fact that those usually are not professionals. People who installed devices into their homes may not necessarily understand best practices of protecting those devices which may results into some bad actors gaining access to it.
Another interesting question that comes to my mind is whether those devices are truly yours even though you paid for them. What was the last time you actually read and fully understood terms of service? For example Apple was testing legal boundaries of users taking full control of their devices back in 2010. Sometimes start-ups would just go too far in their attempts to protect their public image and cut the service for users who was not happy with service. Those types of stories lead me to only one conclusion that even after paying significant sums of money, device still may not be fully yours and you have to understand to what extent it relies on external services and what data is being transmitted and where. Because at some point service may be discontinued by company and then you left with a “brick”, sometimes nice looking and expensive “brick”.
There are a lot of products available for corporate users to provide visibility back into corporate networks, as well as there are a lot of products built by open source community and fairly useful for professionals. However it’s obvious that there is lack of easy to use products for regular consumers and I have decided to take IonTec Software LLC on the journey in that area and we are launching Ethiork project, with goal to bring ethics back into networking. Today it’s geared to be a primarily research project on many aspects of networking, however we are planning to launch crowdfunding campaign for monitoring device allowing regular people to get insights into their network and take control back. Stay tuned, and visit Ethiork’s site in mean time.