I am sure that (based on my limited viewership), you guys must have watched the Avengers. No, not the highly disappointing sequel but the groundbreaking phenomenon of 2012. You must have seen and got intrigued by the way Hawkeye scooped out an eyelid (or that's how we were lead to believe).
That got me thinking, really? There is no way to protect oneself from things just like that? I mean for so long, we were lead to believe that fingerprints are reliable to trace a person but the problem is that it's as vague as getting two consecutive tens while picking a number from a heap of a bazillion numbers and replacing it every next time assuming of course, the standard rules of probability being applied. Now we are shoved with iris technology and many of its digital manipulations.
I don't know if Spielberg is a time traveler but he called the drawback like 13 years ago when minority report came out. The flaw he pointed out is not just the flaw of the technology but the flaw of the system itself. There is no way to protect you from social engineering anyway and since passwords like voice detection or iris verification (which is a misnomer because it is a retina scan actually) and if we were going with Krrish, heartbeat(?) are so easy to get around, what makes them so secure? Speaking of social engineering, some websites or apps don't require your age for any purpose, They are making it available for some reason to the hackers. It's just pathetic if you asked me. I mean why store an information when you don't need it. It's not like your apps are greeting you every single birthday of ours but if you think that would be cool, I suggest you make some friends immediately.
Let's first deal with the problem at the hand --- The developers. See, the developers actually are the people who make the apps. They are good as in good enough to keep the product up and running but they kiss goodbye to some of the important steps. They want to finish their work quickly and if you read my previous post, you'll understand that most of the developers are bodgers. They just pick up the code from their pals and reuse it until it dies one day. We'll discuss about the life-cycle of code some day (Hey just to be sure, why don't you comment if you want it?). Moving on, they don't have the responsibility to be well, responsible. Most of the times, the code is sent to a less interesting job of testing which is more likely to be handled by a lesser degree people if I were to believe Indian job placement system. There are some good workers out there who get more paid or have respect towards their job. If you are one of them, I salute to you. These people are liable to see if the app is deployable but mostly all they do is run through coding errors or run test cases until the app fails. Trust me when I say that this takes nearly 60% of the time spent in developing an app. Everything runs fine until one of the sly people in hacker community plant their flag.
There are tools called penetration testers (invalid penis joke) who penetrate (please get your mind out of gutter, thank you) the software (holy cow man! Okay, sorry, what was I thinking... KFC caption... no... okay yes) which are operated by penetration engineers. It is a special zone of software testing where you intentionally hack the system to know its vulnerabilities. This stage is spent less of a time and according to reddit posts, it's declining. So, if someone clever does that unethically, you know what happens next. He blackmails the company with whatever he has to get whatever he needs. More often than never, you might have guessed it, he gets a job. Now, if that's not being done, you my dear loyal android user are in pain. Your data is easily retrievable and crackable to know everything you own. You might just be carrying a burning charcoal if you wanted a hole in your pockets. Worse yet, you might be carrying the spawn of the devil. Now, Apple is more hackable but at least its market is nowhere near Android but still manages to get more than Microsoft. My concentration is on Android because it reminds me of the time Code Red virus became a sensation.
Now that we have the platform as a flaw, we go a level up to deal with the surface problem. In short, there is not a single way that exists today to overcome social engineering and get your passwords. These attempts create a diversity to prevent you from getting hacked by the bad guys. They are in no way secure. For example, there is always eye-transplant like in Minority report or scooping up your eye like in Avengers. Fingerprints are as easy as searching a door knob or coffee mug, facial scan is as effective as playing a video and worst case, heartbeat which in no way is a unique identity. Your DNA is the most easily available substance and there is no safe way to trigger security breach without giving yourself out in the first place. This is a real complex scenario and fortunately, there is a way out. You may google it to know more and it will make you a bit more prepared for the case study I am going to present you somewhere next week. Thanks for your support and give me your feedback.
Until next time
Horopter
That got me thinking, really? There is no way to protect oneself from things just like that? I mean for so long, we were lead to believe that fingerprints are reliable to trace a person but the problem is that it's as vague as getting two consecutive tens while picking a number from a heap of a bazillion numbers and replacing it every next time assuming of course, the standard rules of probability being applied. Now we are shoved with iris technology and many of its digital manipulations.
I don't know if Spielberg is a time traveler but he called the drawback like 13 years ago when minority report came out. The flaw he pointed out is not just the flaw of the technology but the flaw of the system itself. There is no way to protect you from social engineering anyway and since passwords like voice detection or iris verification (which is a misnomer because it is a retina scan actually) and if we were going with Krrish, heartbeat(?) are so easy to get around, what makes them so secure? Speaking of social engineering, some websites or apps don't require your age for any purpose, They are making it available for some reason to the hackers. It's just pathetic if you asked me. I mean why store an information when you don't need it. It's not like your apps are greeting you every single birthday of ours but if you think that would be cool, I suggest you make some friends immediately.
Let's first deal with the problem at the hand --- The developers. See, the developers actually are the people who make the apps. They are good as in good enough to keep the product up and running but they kiss goodbye to some of the important steps. They want to finish their work quickly and if you read my previous post, you'll understand that most of the developers are bodgers. They just pick up the code from their pals and reuse it until it dies one day. We'll discuss about the life-cycle of code some day (Hey just to be sure, why don't you comment if you want it?). Moving on, they don't have the responsibility to be well, responsible. Most of the times, the code is sent to a less interesting job of testing which is more likely to be handled by a lesser degree people if I were to believe Indian job placement system. There are some good workers out there who get more paid or have respect towards their job. If you are one of them, I salute to you. These people are liable to see if the app is deployable but mostly all they do is run through coding errors or run test cases until the app fails. Trust me when I say that this takes nearly 60% of the time spent in developing an app. Everything runs fine until one of the sly people in hacker community plant their flag.
There are tools called penetration testers (invalid penis joke) who penetrate (please get your mind out of gutter, thank you) the software (holy cow man! Okay, sorry, what was I thinking... KFC caption... no... okay yes) which are operated by penetration engineers. It is a special zone of software testing where you intentionally hack the system to know its vulnerabilities. This stage is spent less of a time and according to reddit posts, it's declining. So, if someone clever does that unethically, you know what happens next. He blackmails the company with whatever he has to get whatever he needs. More often than never, you might have guessed it, he gets a job. Now, if that's not being done, you my dear loyal android user are in pain. Your data is easily retrievable and crackable to know everything you own. You might just be carrying a burning charcoal if you wanted a hole in your pockets. Worse yet, you might be carrying the spawn of the devil. Now, Apple is more hackable but at least its market is nowhere near Android but still manages to get more than Microsoft. My concentration is on Android because it reminds me of the time Code Red virus became a sensation.
Now that we have the platform as a flaw, we go a level up to deal with the surface problem. In short, there is not a single way that exists today to overcome social engineering and get your passwords. These attempts create a diversity to prevent you from getting hacked by the bad guys. They are in no way secure. For example, there is always eye-transplant like in Minority report or scooping up your eye like in Avengers. Fingerprints are as easy as searching a door knob or coffee mug, facial scan is as effective as playing a video and worst case, heartbeat which in no way is a unique identity. Your DNA is the most easily available substance and there is no safe way to trigger security breach without giving yourself out in the first place. This is a real complex scenario and fortunately, there is a way out. You may google it to know more and it will make you a bit more prepared for the case study I am going to present you somewhere next week. Thanks for your support and give me your feedback.
Until next time
Horopter
No comments:
Post a Comment