Information technology has had the blame for many disasters laid at its door, but the area in which it fails most consistently is in the very lock on the door: the password. Poorly chosen key words, poorly protected user databases and the immensely powerful arsenal of the hacker have combined to make the password an absurdly vulnerable form of information protection.
Clearly, the password as a form of defense must die. Phones with fingerprint and facial recognition spell the beginning of the end, as they represents the device responding to who the user is rather than who the user claims to be. However, the PIN code is still at the heart of phone security.
Fingerprint recognition itself has proved dodgy, with numerous techniques developed to get around it. It’s possible to remain relatively secure if one follows a set of procedures that, in combination, make it seemingly impossible to be breached. However, the fatal flaw in this approach is that it depends on human reliability, an oxymoron on a par with military intelligence.
The answer is that we should not have to be trying hard at all, but merely go about our daily business, while our devices figure out who we really are. It sounds like science fiction, but that is exactly what a new trend, termed “passive security”, represents.
It is encapsulated in a new laptop, the Dell Latitude 7400, showcased at Dell Technologies World in Las Vegas this week. It is the first laptop to use chipmaker Intel’s Context Sensing Technology, in effect a proximity sensor that works with facial recognition and artificial intelligence (AI) to sense a user’s presence, wake up the device from sleep mode, validate the user, and log on to the appropriate account. When you step away from the machine and forget to lock the screen, the Latitude detects your absence and locks itself.
In a keynote address at the event, Dell Technologies founder Michael Dell put the broader issue succinctly when he suggested that, in future work would no longer be where we go, but what we do. Security should therefore be about behaviour and not about place.
Later, Dell senior vice president Anja Monrad said in an interview that technology had to “grow out of trying to fight human nature”, like leaving laptops on without locking the screen. The next step, she said, would be “recognising specific actions we perform in specific ways”.
“The thinking is similar to the technology now built into our storage systems, where we use AI to look at all patterns of data that move through the system, and the moment the pattern changes, we get a red alert that something has intruded, rather than anti-virus systems that try to identify breaches based on known threats.
“Future systems will recognize you by the angle at which you hold your smartphone, the strength with which you press keyboards, the speed at which you type. That will all be part of a profile that AI builds into a database. In milliseconds, it has to make a decision that it’s you at the end of a device. The expectations were there for a long time; now the technology is catching up.”
- Arthur Goldstuck is founder of World Wide Worx and editor-in-chief of Gadget.co.za. Follow him on Twitter and Instagram on @art2gee