The Times’s new cybersecurity reporter explains why the prospect of self-driving cars strikes fear in the hearts of security reearchers.
Each Saturday, Farhad Manjoo and Mike Isaac, technology reporters at The New York Times, review the week’s news, offering analysis and maybe a joke or two about the most important developments in the tech industry. Mike was away this week, so Sheera Frenkel, a cybersecurity reporter for T he Times, filled in.
Farhad: Hello, Sheera! How are you? Thanks so much for stepping in for Mike, who is visiting Harvard this week. It’s adorable, he still thinks he has a chance to get in. Anyway, this is your first week at The New York Times. Welcome! How do you like it so far?
Sheera: It’s great. I love watching the tit-for-tat between you and Mike on Slack. In case anyone was wondering, it’s exactly like Twitter.
Farhad: Yes, it’s awful, and I’ m sorry. O. K., so you’ ll be covering cybersecurity here. That’s cool because I have a million questions for you, especially about whether or not I should pay this ransomware request from a hacker named Ike Misaac.
But before we get to that, let’s run through some other tech news. Not that here’s a whole lot — we’ re in the spring doldrums. Everybody has one foot in vacation, so basically very little is happening in the industry we cover.
So, the top story: Mark Zuckerberg gave a commencement speech at Harvard. The Facebook C. E. O. didn’ t say much that was surprising — he seems to favor universal basic income and is interested in getting people to vote online, and he’s also for making the world better in all ways — but the Harvard kids still ate it up. Also, he’s not running for president. Probably.
Sheera: I thought it was pretty vanilla. The points he made about people voting online and making the world a better place were not very controversial. I don’ t see anyone listening in going, “No way, I want the world to be worse and I want it to be harder for everyone to vote.”
If he is running for office (maybe, probably, not) then we still have no idea what his platform would be. I saw some people tweeting (cough, Mike) that it seemed as though he wanted to say more. I think this seemed pretty standard for Zuckerberg, in that he limits his public comments to what will offend the least number of people. It would be fascinating to see him take a strong political stance.
At this point, Facebook arguably has the wealth and political sway of a medium-size country (in which Zuckerberg never has to worry about getting re-elected) . It’s standing at the center of a lot, and yet its users rarely get insight into what its managers are thinking about the world.
Farhad: Zuck’s in an odd place: He’s the C. E. O. of a very valuable public company that arguably benefits in some degree from some of the worst tendencies of civilized society. And he’s trying to make the world better. Not sure he has any choice other than to be vanilla.
Anyway, in tech-adjacent news, Ford replaced its C. E. O., Mark Fields, with Jim Hackett, who used to run the company’s self-driving car unit. I guess we’ re supposed to interpret this as yet another sign that legacy car companies are totally worried about the tech companies that are crashing into their industry — see Tesla, Uber, Waymo (Google’s self-driving sibling) and even possibly Apple. Ford and other carmakers seem to be having a tough time lately. American auto sales are slowing down, and culturally, people just don’ t seem to be as into cars as they are their phones.
But I wonder if the car companies are getting a little too paranoid about self-driving tech. I think the tech will come, but it is, at best, in the research stage now, and it’s anyone’s guess how many years it will take to go mainstream. I suspect we’ re at the top of the hype cycle right now, and soon we’ ll all begin to see the limits of self-driving — and the story will change to one of pessimism rather than optimism. What do you think?
Sheera: Since I cover cybersecurity, I can say that the story has already turned pessimistic. I can’ t count the number of emails I get from cybersecurity researchers who are predicting a spike in acts of terrorism carried out via self-driving cars. Picture everything from suicide-bombing cars (minus the actual suicide bombers) to triggering a 10-car pileup on a freeway by remotely taking over the controls of a car.
Farhad: Your world is very dark, Sheera.
Sheera: Yeah, I hear that a lot. Lots of heavy drinking happens at cybersecurity conferences.
All that being said, I think the technology is inevitable, at least here in the U. S. It’s going to be a long time until the developing world sees the widespread use of self-driving cars.
Last year, when I was in Indonesia, I spoke to Google engineers about how hard it is to get accurate maps in much of the rest of the world, where streets don’ t really have standard names, and directions are given through landmarks, rather than blocks and feet. Until they sort that out, I can’ t see self-driving cars realistically getting rolled out.
Farhad: O. K., finally, let’s talk security. And because I’ m clueless, maybe let’s start with an overview. What are some of the big issues in cybersecurity that we’ re not paying enough attention to? And how scared should we be?
Sheera: You should be superscared. I mean, you and Mike both. I’ m convinced that for the sake of a story, one of you is going to hack the other and it will get ugly.
Farhad: Yeah, probably not; Mike can barely use his microwave.
Sheera: There are hackers you can hire with a single email — not that I’ m trying to give either one of you any ideas. But in terms of everyone else, I think people should be low-level scared all the time, if it helps them prepare themselves for the inevitability of one day being hacked.
I like to go through life assuming that everything — from my Facebook messages to my emails and photos — will one day get hacked into. If I don’ t want it public, I don’ t write it down, photograph it, or otherwise save it to any system that is hooked up to the big bad world through the internet. I’ m willing to accept that I’ m paranoid, but the way that the rate and scale of hackings are exponentially increasing, I think it’s better to be safe than sorry.
There’s no one, no technology, that can ever give you 100 percent assurance that you won’ t get hacked into, so all you can do is make sure that if it happens, you’ ve limited your exposure to being embarrassed online.
