Cybercrime, Cybersecurity, Hacking, Data Privacy, AI, Digital Abuse, Jackware
This page records some of the things Stephen Cobb has said about technology risks. These quotes may be useful for journalists, commentators, and reporters. They can be used freely "with attribution," preferably with notification to me about when and where they are used.
The quotes on this page cover information security (infosec), Internet security (cybersecurity), data privacy, hackers and hacking, and the risks of criminal technology abuse (cybercrime); with a focus on malicious code (malware), artificial intelligence (AI), the Internet of Things (IoT), industrial control systems (ICS), and digital infrastructure. Also, technology harms, zemiology, health impacts, and exposomics. Many quotes are in the context of emerging threats, threat vectors, threat actors, attackers, and attack surfaces.
Some of these technology risk quotes appear here for the first time, other quotes date back several decades; dates and original sources are provided as appropriate. For example:
"The need to promote ethical behavior in all aspects of business and personal life will remain a priority if we are not to cripple powerful new technology with ancient human weaknesses." — S. Cobb, Security Issues in Internet Commerce, 1996
“The best weapon with which to defend information is information.”
Some quotes are provided in audio file format. For example the one above is on SoundCloud.
Attribution: When attributing these quotes, please credit, at a minimum: Stephen Cobb, independent researcher. Preferred basic attribution is Stephen Cobb, an independent security researcher based in Coventry, England; but the following is also acceptable: Stephen Cobb, a UK-based independent security researcher.
A longer attribution and/or micro-biography would be some form of: "award-winning technologist and bestselling author Stephen Cobb, now working as an independent researcher based in Coventry, England." For more biographical details see Wikipedia, LinkedIn, and this web page (which also has links to current headshots).
Quotes on the harm caused by cybercrime
Quotes on Artificial Intelligence (AI)
A lot of what is is referred to as AI in products today is not, it is machine learning.
Governments and companies are pouring money into AI without a solid grasp of how it works or even what it's made of.
Debates about AI too often fail to mention the fact that AI is essentially a computer running code, the abuse of which is practically impossible to prevent.
The five ingredients with which every AI is made are chips, code, data, connections, and electricity; all five of these ingredients are vulnerable to damage or abuse for selfish ends.
Quotes on Technology Risks
The unanticipated consequences of new technologies may emerge after they are no longer new.
Detailed historical analysis of previous technology deployments strongly suggests that appropriate levels of protection will not be put in place until malicious abuse occurs at scale.
New technology is routinely used and abused for purposes other than those intended by its originators.
Until technology is liberated from patriarchal patterns of abuse, man-made-tech will continue to divide, disappoint, and damage us, while also destroying our planet.
Any technology deployed prior to both universal consensus as to its legitimate use and effective mechanisms to enforce that legitimacy, will be abused.
Such abuse will, if not somehow restrained by enforceable norms, eventually push the net benefit of that technology below zero.
Inventors cannot control what is done with their inventions, nor can they—regardless of how clever they may be—foresee all the consequences of their creation.
Combine rapid embrace of global connectivity and complex interdependence, at scale, absent universally agreed enforceable norms of behavior, and you have a recipe for disaster; one that works in both cyberspace and meatspace.
To say technology is a two-edged sword is not helpful. Sword technology has a single purpose: cutting human flesh. The number of edges doesn't change that purpose.
Quotes on Digital Technology Risks
All digital technology relies on code, the abuse if which is practically impossible to prevent.
The exploitation—for selfish ends—of vulnerabilities inherent in the digital infrastructure of our current reality has increased, in scale, scope, and impact, with the emergence and consolidation of that reality. Experts have warned for decades that we weren't doing enough to deter or constrain that exploitation.
Abuse of digital technology increases during times of global or national crisis.
The growth of malware-enabled, pandemic-themed misuse and abuse of information and communications technology—the Covid Effect—has been as phenomenal as it was predictable.
Humans need to realize that they are deploying technology faster than they can defend it from abuse, often because making and selling apps is way more appealing than fixing the messes they make.
Cybersecurity
The last thing our planet needs is more vendor-funded organizations peddling—even with the best of intentions—doomed narratives about how spending more money on cybersecurity products and services will solve cybercrime.
Until UK/US/EU/BRICS agree that a) unauthorized access and abuse of information systems is a criminal offense, regardless of who does it or why, and b) this norm is enforced throughout their respective countries, cybersecurity will remain a hot mess.
A lot more of the heavy lifting in cybersecurity must be done by governments; first by taking seriously the need to achieve global consensus that abuse of digital technology is wrong, morally reprehensible, and will be prosecuted; and second by funding efforts to enforce that consensus.
A fully international coalition to combat ransomware criminals is needed, and needs to be funded ASAP. If it is not, we could see reports five years from now about how the unbridled abuse of digital technology triggered global recession on an unprecedented scale.
Quotes on Driverless Cars, Autonomous Vehicles, and Jackware
I coined the term jackware to described malicious software that seeks to take control of a device, the primary purpose of which is not data processing or electronic communications, for example: your car.
Jackware is a term I coined for malicious code that seeks to abuse a digital device, the primary purpose of which is not to run code.
