Thursday, 23 October 2008

The illusion of security

Security is - and always has been - really just an illusion. The most secure vaults can be broken in five minutes, the most secure countries have been the victims of terrorist attacks and the most secure computer systems have been hacked. In fact security is generally not supposed to be impenetrable - that is impossible - instead its measured in how long it would take to beat the security system in question. That's why most of are happy to put a lock on the doors to our houses, even though locks can be circumvented with ease by a locksmith or a thief with the right tools and similar know-how, and why we dont padlock, chain and dead bolt our doors at night. A lock is good *enough* for most situations. That same level of thinking goes right the way through security decision making.

So security is just an illusion and it always has been. Here is yet more evidence of this - Keystrokes can be recovered remotely. That's right folks, your keyboard gives off electromagnetic waves when you type that can be measured up to twenty metres away and decoded back to what was typed. So kiss your passwords goodbye if you type them and someone is 'listening in' to those waves.

Presumably, it is better to send those same keystrokes over an encrypted wifi connection as the wifi network itself must be cracked before they can be read. Or maybe Bluetooth. But I seem to recall Bluetooth being hackable too. He he

No comments: