In 1984, Tina Turner released the song: “What’s Love Got to Do with It?” and it went to #1 on the US Billboard Hot 100 and remained there for three weeks. At the heart of the song was a sentiment that physical attractions, and the actions one may take based on those feelings, did not necessitate emotional attachments like love. Lines like “Who needs a heart, When a heart can be broken” suggests that focusing on the moment, without unnecessary overhead, is the better path to take.
Flash forward nearly 3 decades and similar sentiment could be made around security today. With everyone working full speed to get rich by making the next Angry Birds game or invent the coolest tablet for wild gaming on the go, some people may question:
What’s Security Got to Do with It?
In truth, like everything in life, security is not free. There’s processing power required to perform certain complex security related algorithms (go read about Elliptic Curve Cryptography, it is a great cure for insomnia). Back when I wrote my first encryption chip report when I worked for In-Stat, it took me a month to read and understand all the different types of security, cryptography, and the math behind them all. At the time, the big emphasis was around “online shopping” and things like buying stuff off the web so you could do so safely without fear of getting important financial information stolen. Since that time, the need for better security has long since expanded beyond enabling people to just order books off Amazon.com (remember when that was mostly all they did?). We know that, from Embedded to Enterprise to End Users, security must be a forethought, not an afterthought, in order to stay ahead of the threats that are out there.
It is for this reason that Intel was a Platinum Sponsor of the RSA Conference as well hosted a booth and gave 3 Technical Sessions. In our booth, we had a number of interesting demos, from Deep Packet Inspection (think super-awesome X-ray machine, but for digital content on the Interwebs instead of in the security line at the airport) and Skein Hash Algorithm performance (yes, I looked that up on Google, don’t judge me) to awesome security technologies for a more secure cloud infrastructure (think puffy white cloud inside a cast-iron lock box) and even the enablement of Anti-Theft technologies (making it a safer for companies to give employees clients without fear). Beyond the booth, we even had the CTO for the Intel Intelligent Systems Group, Pranav Mehta, give a keynote about how consolidating different work loads (often found in any large infrastructure installations) onto a single architecture (bonus points for you if you guess “Intel”) can help bring more efficient services (similar to what data centers enjoy from virtualization) as well as better security. Here was an interview that he gave while at the show:
Today, at the “Dawn of Intelligent Systems,” the need for better security becomes a whole lot more fundamental. But first, one must understand what types of usage models we are focusing on here. Sometimes, when I need to explain what words like “Embedded” or “Intelligent Systems” mean, I often turn to a simple 2 word answer: Star Trek. I don’t care if the TOS, TNG, DS9, or even the Prequel: Enterprise, when you watch those shows, you understand what we mean by “Embedded” or “Intelligent Systems” – everything you interacted with was simply “smarter.” The doors were smarter (they would open by themselves), the walls were smarter (you could talk to them & they’d answer nearly any question), even the pests (the Tribbles) were smarter. But in all be the last case, it wasn’t due to magic, like the animated newspapers in Harry Potter, but rather great science and engineering. Mazel Tov! Wonderful! What could be the problem with everything getting smarter? Answer: Everything not getting more secure AS they get smarter.
Take a simple example – Near Field Communications found in the world’s best smart phones (and coming to iPhones eventually). On the one hand, this could be AWESOME! Need to pay the parking meter? Wave your phone in front of it & maybe it will even text you if you need to feed the meter more (and maybe you can do it remotely). Want to see a movie, wave your phone over the kiosk and Presto! Movie Tickets! Stopping to fill up your car? Your phone lets you pay fast & get on your way. On the surface (no pun intended), NFC sounds like it could be a great thing. BUT, I would argue, ONLY if you feel that it is a secure process. What if the parking meeting is communicating wirelessly over a cellular network but NOT doing so securely? Did you *want* to pay for every parking meter on the block? Or pay some hacker’s parking for the next year? Every place you want to use NFC, you want the providers of that service to do so securely! Without good security, the whole concept is a useful as a submarine with a screen door.
Not to get too deeply into the origins of words, (that is a job for Etymology-Man), but I would argue that the word “Trust” is closely tied to the word “Security.” I don’t care if you are buy a song, off iTunes, on your iPhone, while sitting in an iGloo (see what I did there?), you expect that transaction to be secure. You TRUST that the transaction will be secure & that you didn’t just fund your neighbor’s musical tastes for the next year.
And, beyond wireless infrastructure equipment, anything that is “Intelligent” and “Connected” NEEDS to also be “Secure.” In a recent blog, I wrote about how excited I am over the concept of a more connected car. The ability to avoid traffic, order fast food quicker, or even just the ability to seamlessly understand my voice – I think these are all great things coming to a car near you. But what if your car isn’t secure? Do you want people re-programming your routes as a prank? Do you want someone changing your radio presets because you rooted for the “wrong team” during the super bowl? (The Yankees won this year, right?). Without Security, there is no Trust. Without Trust, there is no Use. It is as simple as that.
From here, the list of what needs to be secure is logical, but grows exponentially. That airport kiosk that needs you to “swipe” your credit card to get you to where you are going – is that secure? It better be! The digital signage that is helping you pick out gifts for your loved ones – is that secure? You better hope so. What about the ATM your using because it will be a while before you can use NFC to pay for everything – is that secure? I think the answer by now should be obvious. In every place Intelligent Systems are today and every place they will be in the future, if you have Intelligence & Connectivity without Security, they you have a problem, not a solution.
So, the next time you are talking about Embedded or Intelligent Systems designs and someone asks: “What’s Security Got to Do with It,” you will hopefully be able to explain to them how vital security is in that design. An Intelligent System without the right level of security is as safe as a jet-powered skateboard. Things like that are only fun or funny in cartoons – in real life, they are dangerous!
Let me know in the comments below what you think is most important about Security, or, as always, hit me on Twitter: @Geek8ive