Why it’s unproductive to demand “unhackable” technology

Why it’s unproductive to demand “unhackable” technology

We’re on the verge of seeing dozens of new mouth-watering technologies. Drone technology is looking to disrupt local deliveries. Self-driving cars could change the way we commute. Biometric technology could make identity verification and personal security far more advanced and reliable. And of course, in a few years, our homes might be chock-full of smart devices meant to automate and simplify our lives.

But along the way, consumers, lawmakers, and even business leaders are obstructing the path toward progress by highlighting the fears they have of these technologies’ inherent vulnerabilities.

For example:

1. Self-driving cars could be taken over. Lawmakers and self-driving car opponents often claim that autonomous vehicles are inherently unsafe because they could be remotely taken over by a sufficiently motivated hacker, and potentially used as hostages or for malicious destruction of property.

2. Drones could be intercepted. In the last mile of delivery, drones could be intercepted by hackers (or by watchful pedestrians with big nets).

3. Biometrics could be forged. You don’t even need to be a hacker to forge someone’s fingerprints; with enough access to a person’s body or personal data, you could replicate almost any biometric signature.

4. Smart devices could reveal your personal data. IoT devices are always listening, which can be a privacy issue; if hackers, or malicious individuals within the “listening” organizations attain and review that data, it could be used against you.

These are all sound insights; these vulnerabilities do exist, and it’s important to acknowledge them, so we can find better ways to protect consumers.

However, it’s counterproductive to use these vulnerabilities as points of argument against the validity of the technology, or as grounding obstacles to prevent these technologies from becoming more developed or accessible to consumers.

Why unhackability is an unrealistic expectation

Let me start by explaining why it’s unrealistic to demand complete “unhackability” from new technologies:

1. Older technologies are hackable too. Though smartphones and computer code have only been accessible for the past few decades, older forms of technology were “hackable” in their own way. For example, if you’re worried that someone with malicious intentions will take control of your self-driving car, were you also worried about someone hotwiring your car in the mid-1990s, or hijacking your car on the street? Vulnerabilities will exist at every stage of technology, new and old alike.

2. There’s no such thing as “unhackability.” It’s impossible to make a technology that’s completely unhackable. Every new advancement we make in the realm of digital security is going to be met with an equal step forward in the cybercriminal circuit. As engineers come up with more and more clever ways to guard their sensitive information, hackers will come up with more inventive ways to penetrate it. To demand perfection from our security standards is fruitless.

3. All technologies will require frequent updating and improvement. There’s a reason your phone and desktop are constantly asking you to apply updates; it’s because developers are constantly on the lookout for new threats, and understand that they’ll need to regularly commit patches to guard against those threats. No matter what kind of new technology is introduced, it’s going to take several years of exploration and live testing to discover new bugs to be ironed out. After that, it’s going to require constant monitoring to guard against new bugs, vulnerabilities, and attacks. Technology can’t reach its peak security in the prototype stage.

4. Hacks are a minority of cases. Even with a glaring security vulnerability, hacks aren’t going to be the norm; they’re going to apply in a tiny minority of cases. Focusing on that minority will blind you to the other benefits of a new technology. For example, if hacks of self-driving cars result in 1,000 deaths, that’s troubling—but if they can all but eliminate the 40,000 annual motor vehicle deaths attributable to human error, the new vulnerabilities pale in comparison to the benefits.

Why it’s unproductive to demand perfection

But is it really that bad to demand hack-proof technology? After all, voicing a concern shouldn’t be discouraged if it means producing a better technology.

There are, however, a few problems with making these demands:

1. Limiting interest in innovation. Pushing for higher standards makes it less appealing to invest in new technology. It takes more time and money to invest in a product before you can start selling it, and there’s no guarantee you’ll get to a point that will satisfy consumers and policymakers. Granted, companies like Amazon will likely continue to pursue new technology no matter what kind of opposition they face, but we should still be creating an atmosphere that encourages experimentation for the sake of innovation.

2. Putting the burden of security on others. This mentality also puts the burden of security on other entities; if you’re unwilling to “trust” biometrics until the system is unforgeable, you’re ignoring your own responsibility for security. For example, it’s not a company’s responsibility to make sure you choose a strong password and change it regularly; it also shouldn’t be their responsibility to ensure you’re protecting your own personal information.

3. Moving the goalposts. Moving the goalposts is an informal fallacy in which a progressively more intense series of evidence is demanded before a claim is accepted. Demanding increasingly high standards of security is an example of this. Every time a new technology achieves some milestone for consumer protection or privacy, it’s not going to be good enough for a percentage of the population. This creates and endless cycle that can never be broken, since even meeting impossibly high standards would result in even higher standards being set.

What we should do

Does this mean we should stop asking questions or criticizing new technologies, merely to drive further innovation? Of course not. It’s important that everyone, including experts and non-experts, be critical and judicious when evaluating new technologies.

But we must understand that all technologies are inherently limited and inherently vulnerable, and that every step forward is going to unlock new possibilities, both good and bad. It’s good to hold our top engineers and entrepreneurs to high standards, but not unrealistically so.

This post is part of our contributor series. The views expressed are the author's own and not necessarily shared by TNW.

Read next: Facebook accidentally flagged the Declaration of Independence