Recently, it was discovered that a school district in Philadelphia had issued Apple laptops to students that contained “anti-theft” software that was secretly taking pictures with built-in webcams.
Students had been complaining about the little green light next to the camera lens occasionally “flickering” on, then quickly off again. When parents asked the school, they were repeatedly told it was a glitch. (a glitch that affected every student’s laptop, and was never fixed?!? yeah… right ;))
One family had had enough, and sued the school district claiming privacy invasion, but they didn’t have any proof, just suspicion. My own personal reaction was one of “they must be over-reacting” and “conspiracy theorists”…
Well, now the experts are looking into this. Bruce Schneier, one of the leading experts of not just Computer security but security in general has found a FANTASTIC blog post by a researcher who has dug deeply into this case, and the findings are SHOCKING. Not only was the family right, but the extent of the capabilities of the “anti-theft software” are now known.
If you have any interest at all in this sort of thing, you REALLY need to read this guy’s blog entry. It’s enlightening. As a parent, this raises the hair on the back of my neck.
The realm of software security has always been a Cat-and-Mouse game between hackers and security researchers. Typically, you have hackers trying to come up with new viruses to get around anti-virus programs… Then, security researchers improve the anti-virus and anti-malware programs to catch what the hackers have come up with… Then, the hackers create new spyware and malware that can evade the new anti-malware software. It’s a VICIOUS cycle.
Well, now it looks like the cycle has been turned upside down. In this case, an Authority (the good guys??!?) has been caught using secret hidden software to spy on Children (the bad guys!!?!??), and the Ethical Hacker community has caught them red-handed. so what happens next? Does the cycle loop back again and continue?
Ethical Hackers are security researchers who use techniques developed by the real bad guys (real hackers) to find weaknesses in the software we all use to protect ourselves from the bad guys (again, real hackers).
You know what this feels like to me? This feels like history repeating itself.
The second amendment to the constitution of the United States of America protects the right of the public to “keep and bear arms”, which helps to keep the government in check. Without this right, a corrupt government could enslave it’s people – just look at other countries.
So, are we going to someday need a new amendment that protects our right to examine the software installed on computers that come into our homes? Will we need a “well regulated militia of ethical hackers” to watch over a government on the verge of corrupting?
We ALL need to keep an eye on this.
No comments:
Post a Comment