Technology & Reality: Is it a Rival Match?

This article arises because i'm a true believer in the statement "Technology will soon take over the world". The year 2000 was a real "wake-up" for data communications and network security officials with the Y2K Love Bug, but we failed to see any change in security for the real world. Sure, you could feel secure because you've just downloaded and installed the latest virus definitions or Windows updates, but this is irrelevant to what i'm talking about. I'm talking about, since 2000, 8 years ago, technology has dramatically changed. We now have almost everything electronically controlled, wireless, or satellite based. Sure, encryption systems are advanced, but it's the flaws in the technology that we have forgotten about.

Firstly before we go further on into the article let me define "Flaw" a little more in depth. Flaws, Vulnerabilities, and Exploits are everywhere. It could be purposely created by an author of a piece of software or technology as a backdoor into his system, it could be a hardware or software fault that had been exploited by an end-user to reduce or enhance functionability, or it could be an override of a piece of technology to gain administrative priveledges to a targeted system or infrastructure.

These kinds of things are easy to find, even when not in regard to computers. Take for example a common used piece of technology, the Wireless Telephone (Yes, the one at home that is commonly used on your landline). This piece of technology, most of the time is not encrypted. A target could be exploited by what we modern day technicians call "Phreakers".

A "Phreaker" (previously known as a hacker) is one that knows about, uses, and practices exploitations in telecommunication lines, monitors phone lines, taps phone lines, BOX's phone lines, and can ultimately destroy phone lines.

A phreaker can easily listen & monitor your Wireless Home Telephone (and can sometimes use it), by intercepting wireless frequencies that are used (usually 100mhz/110mhz/120mhz) by using a scanner, another model of home telephone, or any wireless receiver that runs on the same frequencies. This can ultimately lead to confidential information being handed out to the perpertrator. (eg: credit card numbers, passwords, etc)

Something akin to Wireless Telephones, are Wireless Networks (Yes, the ones you can set up for the internet.) These are, 30% of the time encrypted. These are dangerous to keep open infrastructured, not only because a random person can connect to it and use your internet chewing up your precious bandwidth, but because once a perpetrator is connected to a wireless network they can eavesdrop and spy on it for a period of time by setting up a piece of software that will route all network traffic to his/her computer before going to the modem/router so all passwords, usernames, credit card numbers etc are saved to his system. The perpetrator can also program a piece of software to attack your network with a bunch of usernames and passwords to gain access to your modem/router to wreck your whole network or gain access to your ISP (internet service provider) username and password.

Now back on track with the article. Now you've seen how trusted wireless technology's such as Wireless Internet and Wireless Telephones can be exploited, even randomly, we can now imagine alot more broader. How about mobile phones? Oh now this is a good one.

Mobile Phones nowadays are a little more secure than the earlier fashioned mobile phone "analogue" days. In the analogue days, anyone with a mobile phone was typically a millionaire, needed one, or was a business consultant. Nowadays, over 90% of people in the world have a mobile phone, not because they need one, because you can pick up a brand new one for $49AUS ready to go with a phone number in seconds upon opening the package. Analogue mobile phones were easy to tap into, a way very akin to intercepting frequencies like the Wireless Home Telephone we just learned about. They've now gone digital, so they're not so easy to intercept. But with everything, there's a flaw. Moving right along, we'll talk about Bluetooth Headsets for the mobile phone. These are easy to intercept, with most models keeping a default pin number, a perpetrator can target a victim and connect to his/her mobile headset device using this default pin number and listen to the conversation in real-time.

Still feel comfortable? I think not. Now we arise onto some larger subjects. Take for example; power, water, gas and money.

All of the above are vulnerable for attacks. Imagine if one of the above was exploited by an intruder, what would happen to the world, the economy and even human life? No power means no lights, no water means no food and death. And what if the gas was built up into pipes and turned towards a city such as New York, or Sydney? Imagine tonnes of gas in one pipe heading towards millions of people ready to explode. Scary hey? But possible. All of this is controlled via a large infrastructure of systems, which could be very much vulnerable like our Telephones or Computers.

A popular one of the subjects listed above is Money. A very big motive for an attacker to intrude a system. Money lye's everywhere in the digital world. ATM Machines, Stock Markets, Internet, Telephone Banking, and almost everywhere you think you'll need or use money. Now i'm saying that hooking a rope around an ATM Machine and attatching it to a car and driving away is NOT considered a flaw in the digital world. This is a stupid attempt to steal money and you should see a professional and/or get arrested immediately. ATM and Stock Markets are an attack that is less likely going to happen remotely, well at least compared to Telephone Banking and the Internet for the most part. The internet and telephone are prime places everyday for everyday people to get "Scammed" by either Social Engineering, Intrusion of Systems, Fraud, or Email Spam.

Lets go into three of the subjects more in depth.

Social Engineering is a codename for "tricking" someone into believing something, or to give out precious information. Famous hacker Kevin Mitnick used this technique to hack hundreds of phone lines and override hundred's of system infrastructures.

Intrusion of Systems is a phrase used in the digital world to break into a system, such as a telephone, computer, or infrastructure.

Email Spam: is a type of email that is sent to emulate a string of already subscribed mail. eg: An email could emulate my bank statement that requires my username and password to be entered. (also see: spam, fraud)

Let's talk a little bit about the "best" technology in the word, the internet.

Hackers, very few, play a small part in the internet world. The internet world is full of the infamous "Script-kiddies", or in other words attackers who use pre-programmed applications to exploit a known system. These type of people call themselves "hackers" or "underground kids", but they're typically people who live in their parents basement surfing famous teenage chat rooms awaiting for their next victim.

Marketing Consultants, or what we technology people call "Spammers" are the lowest form of human life on the internet. These people are not hackers, they do not have a life, are paid at a minimal wage per hour, and fill innocent systems with "Spyware", such as Bonzi Buddy, or MyWebSearch for revenue to pornography websites or a not-so wealthy company no-one has heard of.

Back onto a technological aspect here. The internet is great, it's a virtual gateway to everything you need, you can even do shopping over the internet. This is what scares me.

In all sanity, I think the world really needs quite a wake-up here.