Stacks get hacked: The inevitable rise of data warfare by Alistair Croll.
A snippet from Alistair’s post:
First, technology is good. Then it gets bad. Then it gets stable.
…
Geeks often talk about “layer 8.” When an IT operator sighs resignedly that it’s a layer 8 problem, she means it’s a human’s fault. It’s where humanity’s rubber meets technology’s road. And big data is interesting precisely because it’s the layer 8 protocol. It’s got great power, demands great responsibility, and portends great risk unless we do it right. And just like the layers beneath it, it’s going to get good, then bad, then stable.
Other layers of the protocol stack have come under assault by spammers, hackers, and activists. There’s no reason to think layer 8 won’t as well. And just as hackers find a clever exploit to intercept and spike an SSL session, or trick an app server into running arbitrary code, so they’ll find an exploit for big data.
The term “data warfare” might seem a bit hyperbolic, so I’ll try to provide a few concrete examples. I’m hoping for plenty more in the Strata Online Conference we’re running next week, which has a stellar lineup of people who have spent time thinking about how to do naughty things with information at scale.
Alistair has interesting example cases but layer 8 warfare has been the norm for years.
Big data is just another battlefield.
Consider the lack of sharing within governmental agencies.
How else would you explain: U.S. Government’s Fiscal Years 2012 and 2011 Consolidated Financial Statements, a two hundred and seventy page report from the Government Accounting Office (GAO), detailing why it can’t audit the government due to problems at the Pentagon and elsewhere?
It isn’t like double entry accounting was invented last year and accounting software is all that buggy.
Forcing the Pentagon and others to disgorge accounting data would be a fire step.
The second step would be to map the data with its original identifiers. So it would be possible to return to that same location as last year and if the data is missing, to ask where is it now? With enough specifics to have teeth.
Let the Pentagon keep it self-licking ice cream cone accounting systems.
But attack it with mapping of data and semantics to create audit trails into that wasteland.
Data warfare is a given. The question is whether you intend to win or lose?