Hadeel Al-Alosi
Technology has led to rapid advancements in our society. While reading this, many of us will probably be scrolling through a Facebook page or flicking through an iPhone. Much of the data we are accessing may well be stored in the Cloud.
At its broadest level, cloud computing is the provision of computing resources as a service over a network, usually, the Internet. Cloud computing services have been made available for a number of years, including by well-known organisations such as Google, Microsoft and Hotmail. These services allow consumers to access data and applications without having to install or store these on their personal computers.
The personal cloud promises many benefits. It allows you to manage all of your PC and mobile devices, and to have every piece of data you need at your fingertips, so that you can share your information with friends, family and colleagues in an instant.
But before becoming over-excited by all the benefits that cloud computing promises to deliver, there are important issues to consider.
Theft and loss of data: should cloud service providers be bound by some minimum security standards that ensure personal information is not lost or stolen? Should service providers be able to limit their liability contractually for lost or stolen data? What if the service provider is forced to close down due to financial or legal problems, which causes customers to lose their data? Who should be responsible in having back-up and recovery processes in place?
Data location: the fact that data is stored by a cloud provider, which may be located overseas, means that individuals and businesses have less control over their data. Users should be questioning who is actually holding their data and where it is being located. With the growth in reliance by Australians on cloud computing services, it may be worth choosing a provider based in Australia. This would reduce risks in storing data with overseas providers, which may be in countries that have inadequate privacy laws or are prone to natural disasters.
Privacy issues: there are endless privacy issues raised by cloud computing, such as who will have access to your data and whether (and which) privacy laws will apply. Are there circumstances that justify the disclosure of data (for example, to aid law enforcement)? Also, what happens to data once a contract with a cloud service provider is terminated? For example, Google Docs states that it “permanently deletes” data from its system. However, it also warns that “residual copies of your files and other information may remain in our services for three weeks”.
Most individuals and some businesses overlook these important issues. As is often the case with e-commerce transactions, many people blindly click on the “I agree” button when signing up for services without reading the terms and conditions provided. We tend to think more about these issues when something goes wrong. For example, when someone's Facebook account has been hacked into by a revengeful ex-partner, or when precious data has been lost.
As to the future of cloud computing services, I think it is timely that we generate some solutions to these problems. Perhaps, somewhere over the rainbow, we can find solutions that allow us to reap the benefits of the cloud, while ensuring we are protected from all external threats.
So, what do you think? – is cloud computing a threat or an opportunity?
Showing posts with label security. Show all posts
Showing posts with label security. Show all posts
Friday, 24 August 2012
Tuesday, 10 April 2012
The Most Secure SmartPhone?
Alana Maurushat and David Frew
With each new technological development or release of a new product comes the often-not-thought-about question, “Is this technology secure?” Most of us are quick to notice the price then we dive straight into the fascinating world of “what new things does my new gadget do?” Companies rush to deliver products jam packed with applications and attributes in order to meet the Christmas rush. Security, while part of the process, does not play a significant role in hardware and software development. This begs the question, which smartphone is the most secure?
This is an easy question to answer – whatever smartphone has the least amount of market share. Why? Criminals are drawn to technologies with maximum customers. The black market exploits and targets the companies who dominate the market. Market research by the NPD Group, Inc. suggests that Microsoft smartphone operating system has the smallest share, accounting for 2% of smartphone sales since launch. Apple’s iPhone follows at 29% of the market with Google’s Android leading the market with 53% of the total market. Microsoft is the safest smartphone – in attracting the least attention of the black market – because it is the least popular.
Malicious applications are developing quickly to take advantage of the smartphone market. There are some security features of both the iPhone and Android that are worth considering. iPhone “apps” downloaded from the App Store must first be vetted by the Apple security team; though this process is by no means foolproof. Android, on the other hand, does not vet any of its apps, only removing insecure and malicious apps once they are discovered. This does not, however, mean that the iPhone as a base product is necessarily safer than the Android.
In recent times, there has also been attention paid to the efforts of a variety of security experts in exposing alternative vulnerabilities of the Android system, though it would also be possible to exploid such vulnerabilities on Apple’s iOS. Though the Android security breach was extremely expensive (US$15,000 in software and development) it also relied upon the complete trust and lack of awareness of the greater smartphone-using population. Whilst Apple, Google and Microsoft will do everything in their power to protect their smartphones from unauthorised access, there is little they can do to prevent users from personally authorising malware. Ironically, this method of breach is both the most potent and the easiest to prevent as it simply involves educating users to be savvy when links are sent their phones via text, particularly from unrecognised numbers.
The jury is hung: both the iPhone and Android command control of the smartphone market and both have features which allow, if not altogether encourage, cybercrime. So if safety is your ultimate concern, head for the Microsoft smartphone.
Image by William Hook, made available by Creative Commons licence via Flickr.
With each new technological development or release of a new product comes the often-not-thought-about question, “Is this technology secure?” Most of us are quick to notice the price then we dive straight into the fascinating world of “what new things does my new gadget do?” Companies rush to deliver products jam packed with applications and attributes in order to meet the Christmas rush. Security, while part of the process, does not play a significant role in hardware and software development. This begs the question, which smartphone is the most secure?
This is an easy question to answer – whatever smartphone has the least amount of market share. Why? Criminals are drawn to technologies with maximum customers. The black market exploits and targets the companies who dominate the market. Market research by the NPD Group, Inc. suggests that Microsoft smartphone operating system has the smallest share, accounting for 2% of smartphone sales since launch. Apple’s iPhone follows at 29% of the market with Google’s Android leading the market with 53% of the total market. Microsoft is the safest smartphone – in attracting the least attention of the black market – because it is the least popular.
Malicious applications are developing quickly to take advantage of the smartphone market. There are some security features of both the iPhone and Android that are worth considering. iPhone “apps” downloaded from the App Store must first be vetted by the Apple security team; though this process is by no means foolproof. Android, on the other hand, does not vet any of its apps, only removing insecure and malicious apps once they are discovered. This does not, however, mean that the iPhone as a base product is necessarily safer than the Android.
Most smartphones run on a 3G or 4G system. These systems were designed with some security in mind. The typical 3G network allows for User Equiptment (UE) to ensure the connection is to an intended network rather than an impersonator. There is also the use of a block cipher to ensure encryption of data. In most Australian cities there is excellent 3G and increasingly 4G coverage. In more remote areas, however, there is only 2G coverage. The 2G coverage is extremely insecure as it was not developed with any security mechanisms in place. This makes any smartphone running on a 2G network susceptible to message interception and all sorts of cybercrime. Most smartphones automatically will look for 2G coverage when no 3G or 4G is available. The Android allows the user to set its default so that it will not connect to 2G coverage if a 3G or 4G network is unavailable. The iPhone does not offer this setting. Thus the user cannot instruct an iPhone not to switch to 2G coverage which, in turn, may expose iPhone users to cybercrime.
The jury is hung: both the iPhone and Android command control of the smartphone market and both have features which allow, if not altogether encourage, cybercrime. So if safety is your ultimate concern, head for the Microsoft smartphone.
Image by William Hook, made available by Creative Commons licence via Flickr.
Monday, 20 February 2012
@Courtroomjunkie: Leave your phone at home!
Fatimah Omari
This story got me thinking: what impact do we have on the administration of justice when we bring our own technology into a courtroom? In a world of iPods, iPhones and iPads, we have clearly become addicted to a drug called technology and consumed by one mantra: iCan’tLiveWithoutIt. While the judiciary is embracing the shift towards sophisticated electronic courtrooms, many judges remain somewhat hostile towards the use of electronics by members of the public. The capacity of modern mobile phones and laptops to covertly capture sound and video or to instantly transmit information across the globe at the touch of a finger is proving to be a challenge for courts and judges.
Restrictions on the use of technology by members of the public are increasingly being introduced to avoid unnecessary interruptions to court proceedings and to protect the identities of witnesses and jurors.
A young Sydney woman recently discovered that justice is swift for those who flout the rules. The woman in question was charged with contempt after her inner photographer came out to play. She had heard through the grapevine that a family friend was serving on a jury and, to mark what she believed to be a notable occasion, the woman took a photo of the courtroom and several jurors’ faces. In a world of tweets and tumblrs, such images can be mass-broadcast, edited, tagged, discussed, re-tweeted and blogged in a matter of minutes.
This woman insisted that she attended court with good intentions and for the purpose of satisfying her curiosity of the Australian legal system. The judge handed down a slap on the wrist and released her without conviction. In contrast, a UK judge recently sentenced a man to two months in prison in order to send a simple message to the public: photography in the courtroom will not be tolerated. Imagine the impact on a closed session of court if a reckless Gen Y juror tweeted a blow-by-blow account of proceedings.
It may be obvious to some that the taking of photos, capturing video or recording speech and sounds in a courtroom is a no-no. However, the cases mentioned above are a sign of the times and reflect the impact of the technology revolution on human behaviour. It has become commonplace for a person to pull out their phone in response to anything mildly photogenic, so it should come as no surprise that the knee-jerk reaction of one woman, who was excited to see a familiar face in the jury, was to take a photo. The use of camera phones to capture and instantly circulate weird and wonderful images has become popular, particularly amongst younger generations. With every moment now being regarded as a Kodak one, the photographer feels compelled to share with masses of digital friends and random acquaintances.
Of course mobile phones and cameras are not the only devices capable of frustrating judges and court officers. When I worked as a paralegal on a case involving terrorism charges, I witnessed the transformation of the Sydney West Trial Court into a fortress. Dual security checkpoints at the entrance to the complex and the courtroom made me feel like I was passing through stringent airport security. Since the trial concerned matters of national security, all recording-enabled devices had to be surrendered prior to entry into the courtroom. Separation anxiety ran high.
The intimidating routine of being scanned with a wand, having bags checked and handing over phones and laptops quickly became annoying for paralegals and regular visitors. However, there was no denying that electronics were a potential security risk given their diminutive size and ubiquitous nature. According to a court officer, confiscation of my iPod was necessary as (with a small attachment) it is able to record sound.
The technology revolution has proved to be a double edged sword. With respect to courtrooms, the risk lies not only in the ability to discreetly photograph or record sensitive material, but also the ability to instantly transmit this data. Fortunately, such violations of court rules are minimal and, for the majority of people, common sense prevails over a desire to share images taken inside the Supreme Court.
Image courtesy of Robin Hutton, made available by creative commons licence via Flickr.
A young man recently had the audacity to steal a police officer’s hat from a Sydney courtroom. To the embarrassment of the thief, CCTV footage showed him looking up at the cameras seconds before committing the crime. Were it not for the CCTV cameras installed in the courtroom, the Police would have been at a loss to explain how a $150 hat could suddenly vanish into thin air. So what could possibly motivate the brazen young thief? The man, a part time dancer, sought a genuine police hat to add an element of reality to his dance ensemble. The magistrate did not share the same zeal for costume authenticity and described the crime as ‘stupidity at its highest’, placing the man on a two year good behaviour bond.
Restrictions on the use of technology by members of the public are increasingly being introduced to avoid unnecessary interruptions to court proceedings and to protect the identities of witnesses and jurors.
A young Sydney woman recently discovered that justice is swift for those who flout the rules. The woman in question was charged with contempt after her inner photographer came out to play. She had heard through the grapevine that a family friend was serving on a jury and, to mark what she believed to be a notable occasion, the woman took a photo of the courtroom and several jurors’ faces. In a world of tweets and tumblrs, such images can be mass-broadcast, edited, tagged, discussed, re-tweeted and blogged in a matter of minutes.
This woman insisted that she attended court with good intentions and for the purpose of satisfying her curiosity of the Australian legal system. The judge handed down a slap on the wrist and released her without conviction. In contrast, a UK judge recently sentenced a man to two months in prison in order to send a simple message to the public: photography in the courtroom will not be tolerated. Imagine the impact on a closed session of court if a reckless Gen Y juror tweeted a blow-by-blow account of proceedings.
It may be obvious to some that the taking of photos, capturing video or recording speech and sounds in a courtroom is a no-no. However, the cases mentioned above are a sign of the times and reflect the impact of the technology revolution on human behaviour. It has become commonplace for a person to pull out their phone in response to anything mildly photogenic, so it should come as no surprise that the knee-jerk reaction of one woman, who was excited to see a familiar face in the jury, was to take a photo. The use of camera phones to capture and instantly circulate weird and wonderful images has become popular, particularly amongst younger generations. With every moment now being regarded as a Kodak one, the photographer feels compelled to share with masses of digital friends and random acquaintances.
Of course mobile phones and cameras are not the only devices capable of frustrating judges and court officers. When I worked as a paralegal on a case involving terrorism charges, I witnessed the transformation of the Sydney West Trial Court into a fortress. Dual security checkpoints at the entrance to the complex and the courtroom made me feel like I was passing through stringent airport security. Since the trial concerned matters of national security, all recording-enabled devices had to be surrendered prior to entry into the courtroom. Separation anxiety ran high.
The intimidating routine of being scanned with a wand, having bags checked and handing over phones and laptops quickly became annoying for paralegals and regular visitors. However, there was no denying that electronics were a potential security risk given their diminutive size and ubiquitous nature. According to a court officer, confiscation of my iPod was necessary as (with a small attachment) it is able to record sound.
The technology revolution has proved to be a double edged sword. With respect to courtrooms, the risk lies not only in the ability to discreetly photograph or record sensitive material, but also the ability to instantly transmit this data. Fortunately, such violations of court rules are minimal and, for the majority of people, common sense prevails over a desire to share images taken inside the Supreme Court.
Image courtesy of Robin Hutton, made available by creative commons licence via Flickr.
Monday, 12 September 2011
The microchipping of people and the uberveillance trajectory
Associate Professor Katina Michael
First came i-mode and then the iBook. Next the iPod, iPhone and iPad. Is it only a matter of time before we see the iPlant suddenly make its debut onto the global market? This is a real possibility for your future: a subdermal microchip implant that will potentially give you ubiquitous connexity: always on, always with you, 24x7x365.
The term “uberveillance”, coined by MG Michael in 2005, is defined in the Macquarie Dictionary as an omnipresent electronic surveillance facilitated by technology that makes it possible to embed surveillance devices in the human body. In that same year, the Parliament of Australia’s Senate Standing Committee on Legal and Constitutional Affairs published: "The Real Big Brother: Inquiry into the Privacy Act 1988”. Chapter three on “emerging technologies” addresses the role that microchip implants in humans could play in the future.The idea of implanting technology into people is not new. The first implantable cardiac pacemaker was created in 1958. Since then, we have seen the introduction of the cochlear implant to help the deaf to hear and the brain pacemaker to aid those suffering with epilepsy, Parkinson's disease, major depression and other diseases.
However, human implant technology is getting cheaper, easier to access and looks increasingly like it is going to be part of your everyday future life.
So-called “do-it-yourself implantees”, like Jonathan Oxer of Melbourne and Joe Wooller of Perth, have had implants inserted into their bodies using a short procedure and is similar to getting one’s cat or dog chipped. Oxer modified his house so that his implant could be used to personalise settings in his home. Wooller can open the doors to his house, car and motorbike with a swipe of his hand.
The microchip implant, most commonly a passive radio-frequency identification (RFID) tag, carries a unique pin that identifies the chip. How does this let you open a door? An antenna in close proximity triggers the RFID tag embedded in the body and an ID is transmitted to a reader, which grants access to the implantee (but may also grant access to a potential hacker).
Opening doors using a unique RFID tag is elementary when compared to the role that microchip implants play in brain pacemakers. But the potential for implanting citizens with microchip technology has been considered to be beneficial on several fronts. Proponents of microchipping people often state that implants would signal the end of credit card fraud, losing your keys, kidnapping, even a partial solution to reducing carbon emissions. The most popular argument is often connected to national security. This is despite the reality that RFID is the most insecure ID technology in the market. The loss of privacy in any of these or other contexts is an issue which needs to continually be addressed.
Microchips are set to bring new life to a whole gambit of control applications. It was only a few months ago that wearable GPS monitoring devices were embraced by the Queensland State Government for use by sufferers of mental illness and, later, sex offenders. Australian cricketers have been using body wearable technologies to record their match fitness levels and productivity since 2006. We are now talking about the mainstream commercialisation of such technology solutions, along with a movement from wearable to implantable technology. Microchips will provide us with the ability to locate, track and monitor people and provide data such as longitude and latitude coordinates of an individual down to a metre, as well as their speed, distance, time stamps, altitude, direction, temperature, heart rate, pulse rate and other physiological measures.
RFID implants for humans are now clearly on the political agenda. Recently, South Australia’s Police Commissioner Mal Hyde stated that there were quite a few different groups of people he’d like to see microchipped. And Sunshine Coast MP Peter Wellington was widely cited as saying that he would like to see child sex offenders microchipped.
The question is how long it will take for integrated solutions based on microchip implants to surface in everyday applications and how the law will deal with the continued rise of new and disruptive technologies which have the capacity to change just about everything. The problem is that, in many instances, legislation will offer few permanent or secure solutions, leaving the question open to the broad spectrum of ethics and debates involving difficult moral judgments.
Photo by ONT Design, made available by a Creative Common licence via Flickr.
Subscribe to:
Posts (Atom)