Last month’s remote hacking of Jeeps through their entertainment systems was a wake up call to the technology industry as it underscored the risks of connected devices and now a series of initiatives are looking at improving the security landscape.
One of the benefits of the new top level domain regime, despite its reeking of rent seeking by the ICANN names agency, is larger companies and industry groups can improve management of their online identities and those of the services and devices their operations rely upon.
Top level security
Having their own top level domains and being able to issue security certificates for devices and services within their own walled gardens means financial institutions, hardware vendors and service providers can have more confidence in the identities of those they are dealing with.
Bloomberg Business examines how corporations are applying for domains to enhance and while the focus is on guaranteeing the veracity of their websites, the scope in having done that expands to a range of other application, particularly that of ensuring everything from bank point of sale equipment through to connected cars and kettles are authenticated.
A top level domain is only part of the answer though and for the systems to work effectively there has to be more sophisticated ways for systems to ensure they are talking to trusted parties. This need becomes particularly acute with automated systems making business decisions in milliseconds where corrupt or incorrect data can cause havoc with financial markets or supply chains.
Some of the work being done around Bitcoin, particularly with the use of Blockchain technology to ensure transactions are valid, is one intriguing area where researchers are looking at ensuring all parties in a connected society are genuine and trustworthy.
It’s early days yet in the development of these services and there will be many mistakes as businesses and consumers adopt services where security hasn’t been properly thought through or implemented.
As Chrysler found with the Jeep hack, the risks of getting it wrong are real and potentially fatal and it’s notable Uber has hired the researchers who discovered that vulnerability to design security for their driverless car project.
With autonomous vehicles authentication is essential, not just for the passengers or operator starting the car but for all the devices and services communicating from outside and within. As the Jeep hack showed, the braking system needs to have confidence the instructions its receiving are genuine and not coming from a malicious outsider.
Outside the car other services will be communicating, the vehicle’s navigation system needs to be confident the mapping information it’s receiving is reliable and from the genuine provider. Similarly plans to reduce the road toll using roadside devices and other cars needs to ascertain the data being transmitted about highway conditions is trustworthy.
It’s often said computers are only as smart as the data going into them – garbage in, garbage out is the classic saying of the computer industry. As we move into a world where more decisions are being made by machines, those systems are going to become more demanding that information is trustworthy.