They're following us. They (the government, the security authorities, the employer - pick whoever ticks you off) do it because we're easy to spot. The credit card, the work punch card, the unique Internet address (IP) - all these and more are digital fingerprints we leave behind every time we carry out some action. But the field of identification technology now has some equally powerful competition: the field of technology for faking.
The first to cotton on to this were the virus writers. We can disparage them, but at one thing they're the champs: human engineering. They know how to get us to trigger the file attached to an e-mail message. How, when we are constantly admonished not to open files from an unrecognized source? Easy: they make the addressee think that the message is from someone familiar. A simple technique that was developed for the purpose counterfeits an e-mail address which it has encountered. A person receives a message. Inside it reads, "You've got to open the attachment, it's amazing." The message sender is Danny. From the Golani Brigade! Yeah, he always sends cool stuff. Boom! No Danny, no Golani. Instead of a "cool" file you've received a virus that wipes out all your files.
That trick has also reached instant messaging programs such as ICQ. Today, with the help of programs circulating freely on the Internet, it's possible to send a message while counterfeiting the unique number that identifies every service subscriber. The result is that a man is talking to his wife on the ICQ, but she thinks she's talking to her best girl friend. From here the distance is short to the dinner table blowout.
And what of Kaaza, the popular file exchange program? Record companies have long since labeled it a Public Enemy. But people like to download files. No problem, let's see what they get when they're finished downloading. Someone wants to download Robert De Niro's latest film. Here's the file, bearing the same name as the film title. Right, let's download it. The file is large, the download time drags on, but here we go, it's done and we can begin viewing. Boom! No Robert and no De Niro. We see five seconds of film and the rest is the snows of yesteryear. The disappointed downloader fell for a dummy file planted by record and film companies. They're convinced that after a few dud attempts to download the film, surfers will opt for buying a ticket.
Last month it was reported that customers of the British bank HSBC received an e-mail message telling them they have to access their bank account online because the bank is updating its software program and wants them to reconfirm their identity. The message arrived emblazoned with the official bank logo. The link they were asked to click on was supposed to take them to the bank's British Web site (hsbc.co.uk), but the link was a fake. Surfers were actually sent to another site that was made to look like the bank site. The con artists waited patiently for the surfers to enter their passwords and then used those to access their accounts.
The latest place the faking technology has reached is caller ID. That's the height of ironic reverses. With the invention of the telephone, the initiator of the call became powerful; he decides when and whom to call, he forces the call's recipient to cease all activity just to find out who's behind the ring. Caller ID was intended to put the power back in the hands of the call recipient. From here on in, he knows even before he has lifted the receiver (or pressed the Send button) who wants to speak with him.
However, in recent years, technology buffs found a way to take control of the information that appears on the telephone display screen, and there is now even a company, American of course, that offers paid faking services. The company contends that it's a service that can help many debt-collection firms. What, after all, is the collector's biggest problem? The debtor identifies his calls a mile away. With the new service, the debtor's phone will display his mother's phone number. What do you think, he's not going to answer?
Now the question remaining is what to do about the identifying ringtone? With cellular phones and some landline phones it's possible to attach a particular ringtone to a given number. Will displaying the counterfeit caller ID cause the phone to ring in the corresponding manner, or is this merely a pixilated mirage that has no effect on the ringtone? After they've overcome the fake ringtone, maybe a counter-technology will be developed that will require the caller to provide a DNA sample.
