McALLEN — More than half of Americans, and 61 percent of internet users, utilize online banking, according to a 2013 Pew Research Center report. But University of Texas Rio Grande Valley information systems associate professor Jerald Hughes isn’t one of them.
“The risk of having that information attached to all of my money in my personal, paranoid calculation is too high,” said Hughes, adding his bank is easily accessible across the street from work. “I know how the bad guys get in, and I’m not doing it.”
Hughes spoke at CodeRGV Academy’s monthly InfoSec (information security) night Thursday at the Center for Education and Economic Development in Mission.
Parts of the Internet of Things — a description of the world’s growing network connecting devices, buildings, vehicles and everything else with Wifi or Bluetooth — are expanding without our consent, Hughes said. While electric meters with firmware or new vehicles equipped with GPS and networking capabilities are unavoidable, consumers should learn to weigh the benefits against the risks with all potential purchases adding to a user’s “surface of attack.”
“You can choose not to put yourself in that circumstance if you don’t buy those things,” said Hughes, who designed the security curriculum for the Robert C. Vackar College of Business and Entrepreneurship at the University of Texas Rio Grande Valley. “Of course, then you lose the benefit. They just need to decide which ones they need and which ones are simply reducing their privacy with little benefit.”
If an individual needs a fitness band to lose weight, Hughes said, then it is probably worth it to the wearer.
But Hughes said advancements in technology aren’t always fixing things that are broken, but rather relying on the market to find uses.
“The people who are making the innovations, they’ve gone long past the point of innovating to solve a problem and they have solutions that are looking for problems,” Hughes said.
He referenced how Facebook, Twitter and Ebay found success, not as they were initially intended, but by adapting and listening to their audiences.
“All these platforms that people have come up with were originally invented for other things, trusting that consumers will find a way to use them that turns out to be worth an awful lot of money to them,” Hughes said.
He likes to reference shoes with a Bluetooth chip as a questionable use of the tech.
“No body really needs chipped shoes,” Hughes said. “There’s no point to that. It’s an extra expense, and yet another attack surface.”
But each individual can make those determinations based on their unique circumstances, he said. Because of Hughes’ proximity to his bank, for example, online banking doesn’t make sense to him. If someone didn’t have such easy access, maybe that could change their calculus.
Hughes still questions the “threat versus benefit” of using a smartphone as an electronic wallet, though. People are typically much more careful with cash than with their phones, he said.
“To have all those eggs in one basket, that’s the problem with the phone … (because it introduces) a single point of failure,” Hughes said. “It’s great that they’re making all these things that work on the phone, but once you have your eggs in one basket, you have to really watch that basket.”
Connection to the Internet of Things requires buyers to weigh gains against sacrifices of privacy and purchase only what is needed. It’s a future we’re not ready for, Hughes said.
“Almost nobody thinks this way. You have to learn to start from a point of view of security and have that as part of your buying decision in the first place,” Hughes said. “Even I don’t have that habit yet.”
CodeRGV
Roel Barrera, UTRGV senior studying computer science, is part of a six-person, student-led division of CodeRGV.
“You’re exposing yourself to all these technologies that can be malicious to you without even knowing,” Barrera said.
To Barrera, this is a basic idea that not a lot of people think about yet. Utilizing skills and expertise of locals for the benefit of the community is what CodeRGV is all about, said co-founder Drew Lentz.
Lentz said information-security-themed sessions have always been popular. This partly prompted the collaboration with local students on the topic.
“One of the pillars of our organization is to be as community- and civilly-minded as possible, whether that means they’re a good steward of information technology or teaching people better ways to protect themselves online,” Lentz said. “We think it’s absolutely fundamental that people in this day and age have more than the basic knowledge of computer science.”
Information is everywhere, Lentz said, and the internet is only connecting more devices.
“If people don’t understand the way that machines and computers communicate, then they’re going to leave themselves open and it’s going to have terrible consequences,” Lentz said.
CodeRGV is a three-year-old nonprofit focusing on community education.
