·  Legal News, Analysis, & Commentary


The Red Queen and the Future of Hacking

— February 26, 2018

The future of connected devices hangs in the balance, as researchers and hackers are locked in a Red Queen race for your data – and your peace of mind.

The future is connected. As our world grows more complex and interwoven, opportunities will arise. Technology can make life more convenient for us, but also for those who would do us harm. The race is on, between the future of our connected devices, and the future of hacking. As long as there are devices to exploit, and profit (or entertainment) to be had from hacking them, someone, somewhere, will find a way. Just ask the Red Queen.

Illustration by John Tenniel of the Red Queen lecturing Alice for Lewis Carroll's "Through The Looking Glass,"
Illustration by John Tenniel of the Red Queen lecturing Alice for Lewis Carroll’s “Through The Looking Glass,” 1871. Public domain image in the United States, courtesy of Wikimedia Commons.

There’s an evolutionary hypothesis called the Red Queen’s Race. Proposed by Leigh Van Valen in 1973 and the subject of a 1993 book by Matt Ridley, this hypothesis takes its name from the Red Queen in Lewis Carroll’s “Through the Looking Glass.” As the Red Queen in the story says, “It takes all the running you can do, to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that.” The hypothesis concerns the relationship between two evolutionary partners, such as predator and prey, superpowers locked in an arms race, or hackers and the security measures taken to stop them. As one side advances, the other side must keep up, just to stay even – and then the other side must innovate again or lose.

The Red Queen race has been playing out in your pocket. As long as there have been credit cards, there have been people figuring out how to hack them. Once upon a time, the magnetic strip and your signature on the back were good enough. Not so much, anymore. Even as we adapt to inserting the cards in the chip reader, thieves have figured out how to hack it. In response, Visa is looking into biometric credit cards, which would use fingerprints or other data that is unique to the card holder. Unfortunately, biometric cards are far more expensive to produce than regular or even chip-based cards. Considering how expensive credit card fraud is, though, perhaps we’ll be willing to pay the Red Queen’s price to stay one step ahead of the hackers.

Connected homes and the “Internet of Things” are another major target. When your fish tank is connected to the internet and you can adjust your thermostat settings with your smartphone while on vacation, the sheer complexity of making it all fit together means that somewhere, sometime, there will be a back door left open. Even security-minded businesses like utilities or casinos are at risk. Being watched through your not-as-private-as-you-thought webcam isn’t the only potential threat. Many smart devices hold a surprising amount of data about their owners’ habits; after all, that’s why they’re smart. For example, your Roomba knows your home’s floor plan, and that information isn’t only useful to a CEO out to monetize your data. What’s the best defense? Keep your gadgets current with all security updates, check the connection settings for your smart machines, and keep a good eye on your router.

When even your pacemaker or defibrillator is potentially vulnerable, the future of hacking is like the Wild West. Technology that allows remote updates and wireless communication is the same tech that opens a gateway, however small.

As more devices come online, more research is needed to keep them all secure. “White hat” hackers and other researchers explore for vulnerabilities, then warn companies or publish information for the benefit of the security-minded. Unfortunately, recent lawsuits have had a chilling effect on these activities, as not all companies take kindly to having their digital underbellies probed for weaknesses, even by people who are using their power for good. Hopefully, device manufacturers, software companies, and security researchers can find a way to cooperate and keep our connections safe before the fraudsters complete another lap in the Red Queen race.

Related: GOP Data Breach is Scarily Irresponsible


Pacemakers, defibrillators are potentially hackable
Lawsuits threaten infosec research — just when we need it most
No more PINs: Visa testing biometric credit cards
Seen At 11: Savvy Fraudsters Are Staying A Step Ahead Of ‘Chip Card’ Technology
IoT Devices: Is the Convenience Worth the Hacking Risk? Most Consumers Say ‘Yes’
How to Build a Smart Home That’s Actually Secure
Hackers attacking US and European energy firms could sabotage power grids
Your Roomba already maps your home. Now the CEO plans to sell that map.
What Is the Red Queen Hypothesis?
The Red Queen Race Against Computer Viruses

Join the conversation!