The past is the future for hi-tech

Your eyes could become a target for hi-tech hackers.

We still don't think enough about securing our technology, says regular commentator Bill Thompson

The iTunes Application Store was one of the year's biggest successes, whatever one might think of Apple's arbitrary approvals process or the constraints placed on application authors, and Google really did launch Wave, albeit as an early, buggy alpha release.

...the sort of systems thinking that would make data security an essential part of the design process is still rare enough to be remarkable. Bill Thompson

Looking forward is much trickier. When it comes to recent innovations it is simply too early to judge their impact, so there is no way we can tell whether Wave really will bring about a revolution in collaborative working or fade away into technology history.

The rate of technological change is so fast that extrapolation simply cannot be useful guide, with new products and services appearing all the time.

Nobody can tell how the ebook market will adapt to the imminent release of Apple's tablet computer because we don't yet know what the tablet will look, feel or work like.

That doesn't stop us trying, of course, even if we get it painfully wrong.

I recall predicting the imminent death of the analogue modem several years before they even began to decline in popularity, while my final column of 2005 includes an admission that I'd failed to appreciate the disruptive impact of wireless technology in previous years.

On the up side, I did use the same column to point out the danger that the music industry would never learn to trust their customers but try "to exert even more control, and perhaps using their lobbying powers to change laws to make their systems unavoidable".

Looking ahead

However, as we enter the last year of the first decade of the 21st century I am willing to stick my neck out and make a prediction about a technology that is still in the lab and is at least 10 years from being commercially available.

I am confident that at some point around 2020 we will all be distracted by early reports that the latest display technology using smart contact lenses that draw images directly onto the retina using low-powered micro-lasers are being hacked into by unscrupulous criminals.

They will be replacing paid-for adverts with ones for their own illicit services while using the augmented reality data feeds that the lenses offer to steal personal data and infiltrate company networks.

Medical implants may be at risk in the future, says Bill.

At that point the manufacturers of the lenses will scramble to add some high-end security to the data transfer protocol used to link their lenses to the personal data networks we have all adopted by then, but doing so will break lots of applications and services and never be widely adopted.

People will prefer to live with the risk of seeing the odd pornographic image to having to reconfigure a product that was sold as being "as easy as seeing", and the criminal gangs will continue to harvest personal data and sell illicit advertising.

Digital contact lenses are one the technologies that have recently become possible thanks to some breakthrough work in the research labs.

They are under development at the University of Washington, where Babak Parvis has a prototype with a single red LED, powered by radio frequency transmissions like the passive RFID chips in Oyster cards.

Eventually he believes we will have lenses with built-in control circuits, display circuits and miniature antennae that project images directly onto the retina. Although the engineering hurdles to be overcome are enormous this one feels to me like something we will see in the mass market within a decade.

But I have a horrible feeling that in all the excitement about getting the things to actually work the developers will not bother to build encryption into the data transfer protocols, because doing so will delay bringing them to market or add too much to the cost.

Lessons to learn

The past may not always be a good guide to the technological future, but sometimes it is, and the development of medical implants offers a salutary lesson here.

Pacemakers and other devices have been implanted in people for many years, and more and more of them have some form of wireless monitoring and control.

Over the years we've looked at many on Digital Planet, the World Service radio programme I appear on as studio expert because they are an important medical advance, not least because they reduce the need for repeat surgery.

Smart contacts could help mix real and virtual

And in March 2008 researchers at the University of Massachusetts, Amherst demonstrated that you could snoop on the radio signal coming from a combination pacemaker/defibrillator and reprogram it to deliver a potentially lethal electric shock to a patient.

Their experiment required several students and some expensive equipment to monitor and decode the signals from a Medtronic Maximo pacemaker, but it prompted significant concern within the medical profession because of the danger it exposed.

Up to that point the manufacturers had been worried about possible interference with the implants from external radio sources like metal scanners or store alarms, and the potential for hacking seems not to have occurred to them.

I fear that we will see the same pattern repeat itself again and again, because the sort of systems thinking that would make data security an essential part of the design process is still rare enough to be remarkable.

The first generation of analogue mobile phones sent conversations in the clear, and it was only when they went digital that some encryption was built in, and this sort of short-sighted thinking still seems prevalent.

Bill Thompson is an independent journalist and regular commentator on the BBC World Service programme Digital Planet. He is currently working with the BBC on its archive project.

E-mail this to a friend

Printable version