Monday, 16 November 2015

Errors to the rescue

How do you secure your smart devices to protect them and their content from theft or unwelcome strangers taking a look inside?

According to Paul Rincon, an advance has been made that should allow us to verify with confidence the identity of electronic devices by including a tiny tag that makes use of the inevitable atomic-scale errors that happen during manufacture. The peculiar random pattern cannot be copied, which makes it a reliable device identifier says Rincom in "Nano-scale 'fingerprint' could boost security" (2015).

The article presents a more dramatic example of why it's becoming increasingly important to verify with confidence the identity of an electronic device in a world where everything increasingly connects with everything. My own interest was bit more personal. These device identity tags won't stop me losing mine, but they will enable my devices to be absolutely sure that they are connecting to the right servers and other devices, not fakes trying to corrupt them or steal my data, and vice-versa. It will also mean that the true owner of a device is known, which might deter theft even better than the current device tracking and locking options that are available.

I love the interconnectedness of everything today: when I walk into my home, in fact, when I walk out of the lift, my phone, tablet and laptop all connect to my home wifi. Within my home, the TV connects with everything, and even my camera and printer are now wi-fi enabled. Getting rid of wires is cool. And the best thing is that everything is synced between devices. I usually read books and things on a tablet at home, but if I'm waiting somewhere, or on the BTS, I can whip out my phone and read from wherever I was up to; when I return to the tablet, it's at the same page.

The idea for the "identity tags" came
from imperfections that creep into
nano-scale structures
But the thing that first got my interest in the article and made me want to blog it was that this new technique works because of errors. I thought that was neat. It also reminded me of what often happens in our class. For example, if someone says that the verb conclude means "to sum up or restate a main idea," it's wrong, but clarifying how that mistake arose and became so common can help us to get a deeper understanding about the organization of ideas in an essay and other pieces of work.

For now, I'm glad I can use my fingerprint to access my devices - that's way more convenient than using a password, although I suspect it isn't quite as secure. Still, it's good enough for me. I don't think that any major governments are trying to find out what's on my smartphone. My thumb is quick and easy and means I don't have to worry about people looking over my shoulder as I enter a password, although I still use passwords for some things, such as the start up boot that also decrypts the content.

I suppose a determined thief could force me to put my thumb on a device, but then they could also force me to enter the password; I think that the current simple security measures are enough to keep out the snoops I'm likely to encounter most days. Ea isn't strong enough yet to forcefully hold my thumb on the right place to turn on the tablet so he can play with it. (Actually, I've set up his own account, which he can unlock with his fingerprint. Kids these days have so much more amazing toys than I had!)

___________
Reference
Rincon, P. (2015, November 10). Nano-scale 'fingerprint' could boost security. BBC News. Retrieved from http://www.bbc.com/news/science-environment-34780787

4 comments:

  1. I also love interconnectedness, but one thing I'm afraid of is one-password-for-every account problem. If I were hacked the password, it means I am at risk of loosing valuable information in my every electronic device. So, it somehow makes me not fully reliable on it.

    ReplyDelete
    Replies
    1. Passwords are a worry.
      I use a password vault service (Norton's). I have no idea what my Facebook, Twitter, and a range of other passwords are. When I need them, I open the vault, copy the password and paste it in. I use two very strong passwords to protect the vault, since it contains all of the others, but I only have to remember two, which I've never written down anywhere.

      Actually, I have a third one that I remember for my main bank accounts.

      This is not a perfect solution, but it's worked well for me for some years now. And because they are stored online, I can access any particular password or other confidential information whenever I need it. If I forget one of the access passwords, I'll really be stuffed.

      Delete
  2. Maybe I've heard about the Big Brother from 1984 too much. It means the superpower state that can monitor or read their citizens' mind in order to control them down deep to the core of our identity.

    Do we need that kinda state-of-the-art key for our privacy? Can we trust them? Recently, I've heard to the news about the DNA identification can be false, because his twin is dead since in their womb of labor period and still remain in his body and sperm which lead to misinterprete his child DNA test. What a tricky world we live in! Do you still rely your life and belief to the technology?

    ReplyDelete
    Replies
    1. The problem with DNA is similar to a known problem with fingerprints: a determined hacker could get my fingerprint from anywhere in my home, make a mould of it, and use that to access my devices. I'm assuming that most of the possible snoops I come across are not that committed to accessing my smartphone or tablet.

      The Big Brother worry is more serious. I think governments should be kept under very strict control, and that citizens should be able to use strong encryption that keeps things secret from their government. After the awful Paris attacks, the CIA and other security agencies said that they should be allowed access to encrypted information, but they are wrong. It would be a mistake to give security agencies any more power than they already have to spy on citizens. (This sounds like a topic on which someone should write new blog post for comments.)

      Delete

Before you click the blue "Publish" button for your first comment on a post, check ✔ the "Notify me" box. You want to know when your classmates contribute to a discussion you have joined.

A thoughtful response should normally mean writing for five to ten minutes. After you state your main idea, some details, explanation, examples or other follow up will help your readers.

Note: only a member of this blog may post a comment.