The Internet of Things, Hacked

Count me as one who thinks this will soon be a big deal, if not by being hacked by being tracked.  We have already all voluntarily signed on the “track me anywhere” line, just promise me a 5% discount…

A hacked Chrysler Jeep Cherokee speeding along the highway, its engine shut down as an 18-wheeler truck rushed towards it, is a high-profile example of what can go wrong with the coming Internet of Things — objects equipped with software and connected to digital networks. The selling point for these well-connected objects is added convenience and better safety. In reality, it is a fast-motion train wreck in privacy and security.

The early Internet was intended to connect people who already trusted one another, like academic researchers or military networks. It never had the robust security that today’s global network needs. As the Internet went from a few thousand users to more than three billion, attempts to strengthen security were stymied because of cost, shortsightedness and competing interests. Connecting everyday objects to this shaky, insecure base will create the Internet of Hacked Things. This is irresponsible and potentially catastrophic. [NY Times]

Hacked autos and refrigerators may be a bit down the road, but hackers helping insider trading is already here.

From their suburban homes in the United States, dozens of rogue stock traders would send overseas hackers a shopping list of corporate news releases they wanted to get a sneak peek at before they were made public. The hackers, working from Ukraine, would then deliver how-to videos by email with instructions for gaining access to the pilfered earnings releases.

In all, 32 traders and hackers reaped more than $100 million in illegal proceeds in a sophisticated and brazen scheme that is the biggest to marry the wizardry of computer hacking to old-fashioned insider trading, according to court filings made public on Tuesday. One of the men, Vitaly Korchevsky, a hedge fund manager and former Morgan Stanley employee living in a Philadelphia suburb, made $17 million in illegal profits, the indictment said. [NY Times]

AND, if you have been thinking that passwords would and should soon be replaced by finger print recognition — more secure, etc.  Hold on!

While fingerprint scanners have become a popular way to avoid using a password or PIN, especially on mobile devices … research highlights some of the potential pitfalls of the tech: As a biometric marker, fingerprints are impossible to change.

They’re also public. You leave fingerprints on, well, almost everything you touch. And researchers have even been able to spoof fingerprints based onpublic photos — all of which makes fingerprints  a pretty hard sell as the future of authentication to some experts. If someone else can make a copy of your prints, they stop being an effective security mechanism. [WaPo]