Defeating modern Information Security the old way: with 5$ technologies

5$ is the amount of money required to burst the tech bubble.

Security is always a problem of money. Why have the trouble of owning bikes when a lock costing the price of your bike does not even protect it for more than 2hours? In worst hypothesis, you'd need to spend 4 times the price of bikes and locks to amortize a bike per year.

Security and unsecurity can make a cheap expense very expensive. At the point you stop buying bike.

If you leave in Montréal it happens. Then, you resort (cause maybe your budget is killing you) to stolen bikes, fueling the very cause of the market unsustainable for any players. Even the thieves. No one gains.

The market of the bikes disappearing explaining how the dragons disappeared.

Funnily the world Treasure in german is Shatz from the verb shützen to protect.

Heroes took the habit of killing every dragons, because since they were known to protect huge treasures hence a dragon was supposed to always be on a heap of gold.

Specisism! Some young dragons did not have the time to earn enough proof of their value, thus had little to peanuts.

So, by prejudice dragons became extinct, heroes too having no more fiends to defeat, and a new era of creating safe vaults appeared. That's how the dragon's bubble bursted in 400 and heroes became bank robbers with dynamite. IT is a dragon of paper.

The need for secured transactions will always be there, but, if it can be harmed with 5$ then your way of securing them might disappear for a cost excedeeding 5$.

But even worse, you could have negative prices.

And Information Technology as an industry is making the exact conditions from which negative prices will exists on the market of technologies able to break itself.

What is the opposite of IT/high tech? Low tech. IT by taking part in a massive development of a low tech vulnerabilities on a scale that is growing exponentially.

Heard of side channel attacks?

Imagine I only need to know "when the lawyers of my opponent on the case are the most active on the network" ?

Well, their daily trash filling per day might increase. I am pretty sure that more workforce, means more works thus more probably network usage. Information does leak a lot in the physical world.

Imagine a smart bitcoin contract worth 10B$ is protected by a unbreakable cryptography for those who don't have the passwords?

Well, if you are ready to crack some bones, a 5$ club might do the job. With enough persuasion data can be extracted in the physical world.

These cases are happily extreme and not common. However, the problem is these are gonna be more frequent.

Tax dodging in IT is a common practice resulting in a non competitive market. Share values of company raise and new competition on the market has to be more aggressive than the other ones. Real innovation in IT is an efficient way to dodge tax.

However it became efficient. Gains now being marginal in this field. One other resource is available for making more money: wages.

GAFA outsource most of their services to avoid any liability in hiring armies of underpaid workers to do the trivial cleaning, delivering, construction work, expedition, security ... and abuse the local markets. Okay.

This proportion increases a growing population who works for less than required for a decent living. AAA batteries not included. And that's a problem, people may need this 5$ pack of AAA battery.

IT requires this workforce for ultra secretive places or data, to do operations that requires trust.

Such as making sure a hard drive sent from the providers has not been tampered by the underpaid receptionnist.

And the more data-center, third party authenticaction and trutees grow so does the hyper-surface of vulnerability.

Your USB devices, CPU, Hard Drive, electricity, information required for your "secret questions", your phone line, anything you rely on physically for your job even your 2FA have in its chain of trust disgruntled under paid workers.

Imagine how much trouble if a cleaning lady took picture of the post it in your whole organization?

By the cold calculus of rationnality some of your workers may see that your failure as IT might benefit them. And you know which organization have no ethics?
Criminal one.

Especially the one IT relies on. Tax dodging weakens justice and results in development of corruption. Not yours of course, but it helps having an increase on the offering part of the market of corruption.

Underpaid justice and public order officers result in more demand on the market street of corruption. A direct consequence of tax dodging.

People who benefit of your fiscal innovation are criminal or corrupted organizations. Bank reuse your astute laundering scheme for better use.

One side product of IT tax dodging is the development of not only reason to get corruptible but also an economical benefit in doing so by lowering the friction to benefit from the money of crime.

It also gives a lot of required persons in the everg growing chain of value people that incentive to betray.

It is a classical game theory problem with a feedback loop which output is certain. People will incrinsingly betray and for less, higher and higher in your chain of trust.

It is not the technology that will cause the end of the IT bubble, but the social and economical strain it put on society that weakens it at the point one day the costs of IT will be more than the benefits of the community as whole including: users, consumers, regulators, workers, providers, contractant, tax payers.

1848, 1870, 1900 the aftermath of industrial revolutions that saw stormy social changes never came from the disruption in technology, but from the one who did to much of a captation of the benefits without giving back to those who actually made it possible, even the cleaning lady.

No matter how IT sees itself, is just no different from the one of the arrogant steel maker, coal mine owners and old pretentious indutry of the victorian era, even imposing its puratinistic view on nudity as the most shared censorship on the whole globe.

The business model of intellectual property has something of unfair: spectre/meltdown was discovered simultaneously by 3 teams.

It happens a lot in the field of R&D. But who will be the best rewarded?

The first on the market, the one having the money to register first, or the one that benefits from an exclusive increase in productivity? IP economy builds growing incentive for monopolies that does reward neither merit nor risks taking but the one who has the biggest initial capital.

Thus, smart high value workers will understand that monopoly more than innovation is there interest. So, you are or will head towards an advantage in fighting innovation. The interest of IT is diametrically opposed to the one of the common interest. Basically: better pay, better products, progress in exchange for IP revenues.

IP claims are a huge costs to under funded public judicial system.

The more IT build its success at the detriment of the mass, the more it is undermining itself. The feedback loop being there, IT showing no efforts in fighting it, it is not a question of if it will happen, but when.

An industry betting on taking more advantages out of of the community than giving back to it will end up killing the community it parasites.

And that's how heroes and dragons disappeared. Because their greed in thinking wealth belongs to the more powerful killed the weak peasants that were not able to feed anyone anymore.

You can have all the gold on earth you want but if no one can make a living out of cropping you are dead too, and stupidly some peasant do not intend to die. So, you should really think of paying your taxes and wages before it's too late.

The persistance of peasants nowadays while dragons and heroes disappeared around us is the  undeniable scientific proof I am right.

1 comment:

Alessandro said...

Ha! Great post, loved the little Dragon Parable xD

Yeah, I.T industry is pretty fuc*ed up - lots of greedy short-vision people in the 1% of 1%.