Everything Electronic You Own—iPhone to Subway Card to Power Strip—Can Be Hacked. So How to Defend Yourself?

Innovation, the Internet, gadgets, and more.
Nov. 26 2013 3:15 PM

Can You Hack It?

Everything electronic you own—iPhone to subway card to power strip—can be hacked. So how to defend yourself?

(Continued from Page 1)

The proliferation of all this technology creates a constant need to keep devices updated and secure. Perhaps the most vulnerable object in any American house is the cable box, because it is so rarely updated.

If what I’m saying makes you uneasy, you’re not alone. There are plenty of new products exploiting the fears of techno-theft, promising to keep you locked down and safe, such as this neck security wallet from REI, which says it’ll block criminals from scanning the RFID chip in your passport. I travel to a lot of different countries every year for work. I’ve had zero attacks on my passport. On the other hand, I’ve had two laptops and an iPhone compromised.

So how should we think about our constant vulnerablitly? I make a daily assumption that everything I do is hackable, but almost nothing I do is worth hacking. I have an awareness of potential vulnerabilities, and I’m trying to develop an evolving set of street smarts. You should, too.

Advertisement

For example, since I do a lot of work on the road while I travel, I now carry my own Wi-Fi hotspot. I can use a secure virtual private network to send and receive email and to access content that I have stored in the cloud. (To be sure, that network can be hacked, too, but at least I can watch the logs of what’s coming and going and attempt to fight off intruders.)

I also keep this network cloaked, meaning that I haven’t named it “Amy Webb’s Hotspot.” I routinely look at networks, just for fun, and I’m astonished at how many people use their own names or the names of their companies. Instead, I’ve changed the names of all of my devices to my mobile phone number. That way, if my laptop is lost or stolen, someone will see a phone number rather than my name, which I hope means there will be less of an incentive to poke around my machine to see what’s there.

My passwords are easy to remember but difficult to crack. According to my hacker friend, you’re best off with a long phrase that also includes numbers and at least one capital letter. Something like “Iwant99pizzasand12beersfordinnertonight” is actually more secure than “Gx1U2y,” because the algorithms that are used to crack passwords have to process many more computations the longer a password is, and as of now they’re mostly not using natural language processing. Speaking of passwords, I change them weekly. It should go without saying that each one of your networks and devices should have a different password. When was the last time you changed yours? Because I know you’re wondering: There is no workaround for this and no way to game the management of your own passwords.

Another good rule is to turn off your peripherals when they’re not in use. Don’t leave your nanny cam on all day long. Same goes for nonessentials on your network, such as additional computers, game consoles, and the like. The more things you have plugged in, the more opportunities there are for penetration. Be cognizant of who’s plugging what into your network and connected devices. An innocent-looking thumb drive can destroy your computer within seconds. I’m not preaching abstinence here, but I am saying that computer viruses can be as menacing as sexually transmitted diseases: invisible to the naked eye, but most of the time totally preventable with the right precautions taken in advance.

More importantly, I’d argue that all this hacking isn’t necessarily a bad thing. A lack of rules is actually helpful for our burgeoning Internet of Things. I’d much rather that we all come to a good understanding of how our machines work than to start imposing regulations and restricting access. Sometimes, a collaborative hacking effort yields beneficial results for all. For example, the city of Philadelphia launched a contest and invited hackers to create apps and widgets to help citizens receive updates on emergencies and city news and to contact city administration. During Superstorm Sandy, Philly311 was the 33rd most-downloaded app in the country. The city since partnered with Random Hacks of Kindness and Code for America to bring local hackers together with residents, share knowledge, and build more resources.

The tech playground is open to all, offering a fantastic opportunity to teach kids how to use and control the many devices that are inextricably tied to their futures. The more they break, the more they’ll learn how to collaborate, fix, and innovate. Organizations like SparkFun Electronics are using next-generation open-source code to show everyone how to build and hack our Internet of Things.

Open networks are vital to innovation, even if they aren’t totally secure. Personally, I’m looking forward to 50 years from now when I think the wrong sequence while looking at the light fixture in my grandchild’s house and accidentally cause a blackout.

Amy Webb writes a column about data for Slate. She's the head of Webbmedia Group, a digital strategy agency, the author of Data, A Love Story and the co-founder of Spark Camp.

  Slate Plus
Slate Picks
Dec. 19 2014 4:15 PM What Happened at Slate This Week? Staff writer Lily Hay Newman shares what stories intrigued her at the magazine this week.