What if Great Britain, Germany, Italy, Sweden,… had WHS tamper-proofing technology?
Would the US be prevented from spying? We are not in the business of getting our military technology by copy-cat and espionage of our allies, I hope. They need to prevent their secrets from leaking, both to their and to our enemies. However, any others who spy on the above countries would have less success if WHS technology would be in place.
What if China had our tamper-proofing technology?
Would we be prevented from spying? Maybe. I doubt that puts us back a lot, I think our technology is ahead. It may put back some other countries. China may have slightly less motivation to speed up the arms race. Good for the Chinese people, good for us.
What if Russia had our tamper-proofing technology?
Would we be prevented from spying? Could be. A small price to pay for other countries spying on Russia having a harder job. Russia may have slightly less motivation to speed up the arms race. Good for the Russian people, good for us.
What if Iran, Iraq, ISIS…
I can’t see where that would cause real suffering for us, nor for anybody else, them included.
What if the US would use our tamper-proofing technology? Fewer secrets would be lost through reverse engineering. There would be less fear software sabotage. Our defense technology wouldn’t really be more potent, but it would last longer until it is outdated. Cyber-criminals would need to work harder on any software that has been protected with WHS technology. Less profit for cyber-criminals will certainly not cause more crime.
What if software producers, movie producers had our technologies to protect their copyrights? There could be more revenue where it belongs, and less revenue for stolen copies.
For the 2015 State of the Union address, cyber security played an important role. New laws were proposed. Such laws are not unproblematic however. Rob Graham made some interesting comments in the “Wired Magazine” about what might happen with such laws. That is how governments, ours included, seem to act. I would never think the bad consequences were intentional. I think this is nothing more than a simple over-reaction to a problem which seems to get out of hand. Hacking is the new scare. People are either totally unprepared, or deadly scared. Neither is rational. Enacting laws when scared is almost a guarantee for enacting bad laws. I recommend punishing performing a crime, but don’t make the punishment depending on the technology and on how scared the victims are.
In our opinion, there are better solutions to cyber-space problems. The essence of the best solutions lie probably both in the social and economical adjustments. However, the part of the solution a startup company like ours can safely provide is on the technological site. With some good technological solution there wouldn’t be a need for overreacting and society would by kinder and safer.
There rarely is a one technology which fixes all. However, there are several technologies which can make a difference. Tamper proofing your software for example. It may still be overkill for simple problems like stealing from buggy websites. But tamper proofing is ideal for critical software. Maybe this method of protection will become standard and thus can easily be affordable, so it can be implemented everywhere, but not yet. Tamper proofing may not be the only solution, but it is a good one.
Compare your digital treasures to your nest egg of savings. Do you pile your money on the front lawn, make tougher laws and blame the neighbors when the pile is gone in the morning? No, you put your money in a safe box or into a bank. Equally, commercial software users and producers just need to do their part of due diligence in protecting software.
“We estimate that the likely annual cost to the global economy from cybercrime is more than $400 billion.”
Do you have a clue how much money that is?
According to the report: more than the national income of most countries
Like most bloggers I cannot judge whether this number is too high or too low. Lots of arguments for either side might be made. Given the title, I assume that these numbers are the losses only and do not include the cyber security costs implied for preventing the losses from becoming larger. The report also states that a large fraction of damages are not reported and that statistics in different countries are quite different.
I found the following table interesting, putting the costs into some perspective:
Activity Cost As % of GDP
Maritime Piracy 0.02% (global)
Transnational Crime 1.2% (global)
Counterfeiting/Piracy 0.89% (global)
Pilferage 1.5% (US)
Car Crashes 1.0% (US)
Narcotics 0.9% (global)
It would be interesting for White Hawk to know what part of these losses are considered caused by insufficient tamper-proofing.
For several reasons we cannot answer that question:
The report is not detailed enough.
Certain (probably more correct: most) losses could have been prevented by multiple solutions.
As classical security companies don’t do tamper proofing, there is no appropriate category in the report.
And even if we could answer the question… who would believe us?
Lastly, in protecting critical infrastructure, knowing the possible damage can be more of a driving factor then the past damage specially when the really bad things didn’t happen.
Recently some people have asked us why we don’t call our software “hacker-proof tools” rather than tamper-proofing software tools. Both terminologies are correct of course, but we think the word “hacker” often has a connotation of “amateur” or at least not full time professional.
Yes, we want to protect your software from hackers, but we also want to protect it from professional code-breakers, competitors and virus developers. Hence the stronger term tamper-proof.
In Washington on Thursday Nov 7th, FBI Director James Comey said that cyber attacks are increasingly representing the most serious threats to the homeland security and in the next decade will likely eclipse the risk posed by traditional terrorist threats.
He told a Senate committee that this cyber risk is a multi-layered threat posed by thieves, hackers and others who are able to travel the world via the internet at the “speed of light.’ His stern warning continued with “there are no safe neighborhoods.”