Wearable computers and ubiquitous wireless environments will undermine independence and compromise security.

"1984 was a beta version of what's coming next."--Chris Esposito, Boeing

Today's threats to security and privacy will seem tame by comparison to those of the next millennium, when we are living and working in ubiquitous wireless networks, where home, office, transportation, clothing and even our bodies are seamlessly connected.

Digital "space" will consist of large, open, public places under constant surveillance; semi-private areas that are easily accessed; and personal and corporate nets that require deliberate behavior to maintain what remains of security and privacy.

Already, PDAs, cell phones and portable computers are merging to become "wearables," their functions blurring as the interface disappears into the infrastructure. The infrastructure itself is becoming a seamless network threaded with millions of nodes.

Today, researchers at MIT are building complete social environments contingent on real-time data exchange. For example, Bradley Rhodes' Remembrance Agent is a personal secretary/diary/interactive agent that will collect and filter relevant data. It will be able to notice a face or voice, and then whisper a name. Rhodes claims that keeping the data in real-time will maintain security.

Getting Personal

It's true that information that isn't collected can't be compromised, but obviously that's not the case with data we want to store and backup. The future will see centralized databases generated by streams of details broadcast from the minutia of our lives--itineraries, telephone calls and time of arrival at work, home or toll booth, All of this will make current data-mining practices look primitive.

The most valuable information is the most personal. A network that collects data from our behaviors will know more about us than we know about ourselves. Buried in the data of our lives, we're blind to our patterns and what they reveal. This, however, is just one of a number of possible risks.

Jim Cannady of the Georgia Tech Research Institute envisions a dystopian future. Competitive political, economic and military intelligence is making the data marketplace harder to define as nations and multinationals cooperate for mutual advantage. When digital identities and the need to be connected anywhere at anytime are fused through "wearables," terrorist attacks will take the form of "drive-by shootings," using high-energy RF pulses to disable systems.

But it's worse than that. We will become totally dependent on other human beings not only for the social construction of reality, but also to determine what's "real" to our senses. What we think is "real" could be the output of a constant digital flow.

And what will happen when data--often compromised in networks now--consists of simulated percepts coming directly to our brains? We will have to trust the intentions of data-providers with even greater faith. This is a daunting prospect in the face of recent stories of widespread illegal wiretaps by the Los Angeles police.

How can we protect ourselves? Solitude and isolation are still options. We can refuse to allow information to be collected by the system, but that will become increasingly antisocial or illegal. We can also avoid particular places, manage our itineraries like spies with the focused consciousness of a Jedi knight. That level of intention, however, is beyond the reach of most. As the social environment is transformed, definitions of mental illness will change as well. Insanity is contextual: Rebels who unplug from the network may be diagnosed as sociopathic.

The biggest problem, then and now, is that people are and will continue to be in denial about the risks of an insecure environment. Many simply operate out of an obsolete model of trust. The "appropriate paranoia" known to computer security professionals is not yet as widespread as the network.

For many, security is the last priority. CEOs want quick fixes--a firewall, an intrusion detection system--while administrators hope to keep up by applying patches, rather than making security intrinsic to system architecture. In the next millennium, the increased dependence on network connectivity will magnify current vulnerabilities by orders of magnitude. Real risk will increase and the consequences of a lack of vigilance will be absolute.

PREDICTIONS

Fully computerized homes will be as hackable as Web sites. With the network always "on," there will no way to unplug. Embedded systems, like spoken languages, will become filters for primary experience. Stealing tools that contain data will be easier than stealing data. If you don't want the data to get out, you won't collect it.

This article originally appeared in the November 1999 issue of Information Security magazine (www.infosecuritymag.com). Copyright 1999. All rights Reserved.

BACK