Now is the time for a totally secure communications device
We live in a wonderful time. Most of us carry around a relatively small electronic device with us all the time. With a few button presses we can talk to anyone anywhere in the world — or we can send short messages if a conversation is just too much work. We can share a picture with thousands of people almost instantaneously. And we literally have all the information of the ages at our finger tips.
All this power comes with a cost — a couple costs, actually.
The first is a physical cost. We must buy these electronic doodads with money, then we must pay a monthly subscription to connect them to the networks over which the information flows. For some, these costs are trivial. For others they prove to be significant barriers to entry that further widen the so-called “digital divide”.
There’s another cost that we don’t like to talk about. It’s intangible — you can’t really put a price on it. It’s your privacy.
These fancy little gadgets that almost everyone has with them expose a lot of information about who we are, who we talk to, who our friends are, what we’re interested in, and even our location. Our emails are nothing more than “postcards” on the Internet, open and available for anyone along the way to read. Our contacts and files are stored online. Our browsing habits are tracked and sold to marketers. Even the content of our telephone calls is being monitored under the guise of “security”.
That’s where things get really concerning. Your phone calls and Internet activity are being monitored. Many of you reading this article may think that it’s just the U.S. Government spying on its own people to “prevent terror attacks”.
With all due respect, you’re wrong.
Recent information has come to light that indicates that not only are entities inside the U.S. Government monitoring people communicating with suspected “terrorists”, they’re also keeping tabs on virtually every person inside the United States. What’s more, they’re also monitoring traffic from several other countries — “just in case”. If you think you’re immune to data mining and monitoring, you’re not. They may not be singling you out, but they probably can if they want to.
Our personal communications are pretty insecure. Cellphone calls can be monitored by anyone with a radio that’s tuned to the right frequency. Sure, it’s illegal, but laws don’t stop crimes, they just make people criminals. Email is completely insecure. Like I mentioned earlier, it’s more like a postcard than a personal letter tucked away in a sealed envelope. Texts fly back and forth in the clear. And all of the web sites that we visit are “resolved” by our ISP’s DNS servers.
This is all over the news. If you’re unaware that all this spying is going on, it’s time to wake up. What’s more, it’s time for the development community to wake up!
Securing email isn’t hard. Using relatively simple public key infrastructure (X.509, PGP, GPG, etc.) two people can send emails back and forth with a fair amount of security. Just like physical mail, unintended recipients can still get into them, but you can usually tell when someone’s opened it and looked at it. Phone calls can be encrypted in a similar manner. We are already moving to HTTPS/SSL as the preferred protocol for serving web pages, when will we apply the same logic to email, text, phone calls, and other communications that we make and receive through our phones?
What we need is a device that’s setup to use a pin or password combined with some kind of bio-metric reader. The two security measures combined would serve as the “key” to get into your device, and would form the basis upon which all your communications would be encrypted. Once it’s set up, interacting with your device would be no different than it is now.
People with a similar setup would be able to communicate with your (and you with them) securely. Everyone else would have a big, red warning sign plastered over their face to let you know that your communications with them are at risk. Eventually, enough people would care about their privacy and would migrate to this system.
There are two groups of people out there who will argue against this. One group will claim that if you’re not doing anything wrong, you don’t need to worry about being monitored. To this group, I’m sorry. Giving up even a little privacy for “security” is simply wrong. You’re welcome to your opinion, of course, but as soon as your opinion runs contrary to the opinion of someone “in power”, all your activity and correspondence can and will be used against you.
The other group of people are those who are involved in the “intelligence” business. My brother retired from 30+ years working on the Police Force. My Dad was a Marine before he passed away. I respect people in law enforcement and the military. No, I don’t always agree with them, but I respect them. But the other side of that coin is that they need to respect me, or, more specifically, my Rights. One of those Rights is the Right to privacy. It’s such an important Right that it’s specifically enumerated in the Bill of Rights. No, that doesn’t mean that it’s “just an American Right”, it’s a Right that belongs to all humans regardless of country — or it should be.
Back on-point: it’s time for us — you and I — to take our privacy back. We need people in the development community to spearhead this movement. Our information is our own. We need to put pressure on our telecommunication providers to ensure that they’re security our private information — AND that they’re providing tools for us to do it ourselves. Now is the time for a totally secure communications device! Who’s with me?
Image credit: (cc) The Big Shizzle