Protected from Day OneAug 31, 2021
Protected from Day One: Thoughts on Data Security and Mojo Lens
Michael Grace leads product security for Mojo Vision, where he works to ensure that the smart contact lens of the future is trustworthy. Previously, he led the Knox Security Team at Samsung, which defined the security architecture for Samsung Mobile. His academic work and patents have helped shape government, financial, and consumer-protection standards and regulations. He holds a Ph.D. in Computer Science from North Carolina State University. We sat down with Michael to learn more about his role at Mojo and the impact of data security on the future of wearable devices.
When I joined Mojo Vision as the Director of Security in 2020, I was excited about the opportunity to work on a new kind of device, to anticipate and solve new threats—and to do so early enough in the device’s development to make bold decisions to protect users. For those of us that have spent their careers in system architecture security, it’s vastly easier to design for and build security into a device from day one. In a previous role where I developed Samsung’s Knox solution for enhanced Android OS security, the device was already out in the world, and we had to make it secure while the proverbial train was already moving, without anybody noticing.
The part of Samsung Knox I'm most proud of is that a lot of the stuff that we pioneered is now considered “standard equipment” in the security world, not just on Android but on many other devices. With a similar mindset looking forward, I imagine the work we do for Mojo Lens will inspire other wearables makers over the course of this decade as well. On a personal level, it’s a great feeling to be exploring beyond the boundaries of the map, solving new problems—and that describes a lot of the work Mojo is doing, on so many levels.
In making a wearable device like a fitness band, AR glasses, or Mojo Lens, one thing we have to ask ourselves is, “what will hackers want to steal?” There probably won’t be a lot of sensitive data like passwords or bank account information stored inside the wearable, the way it would be on a smartphone. However, the Mojo Lens potentially has access to even more sensitive biometric data as well as the potential to overlay misleading, inaccurate information over your vision. As a company, we are trying to produce a computing platform that the user doesn't need to think about using, let alone worry about how it functions. This means that there is an extremely strong mandate to provide the strongest possible security to protect every user.
We're now getting to the point where most people in enterprise are realizing data security is a serious concern. In my mind, the two biggest security threats right now are ransomware attacks and supply-chain security.
Like it or not, data security is becoming a sort of a profit vehicle for bad actors. Recently an East Coast gas pipeline was shut down via a single compromised password and had to pay $4 million to hackers to get up and running. A Colorado meat plant was ransomed for $11 million—it seems strange not to be able to process beef for a couple of days because of some computer system, but that’s the world we live in now. We've been having these problems for quite a long time, as there's been enough data and enough connectivity for the “big fish” criminals to get involved. Then there are the unique conditions that allow certain areas of the world to attract cyber-crime gangs that do it in the private sector.
In my mind, though, by the time Mojo Lens is introduced to the public, a bigger threat than ransomware attacks will be supply-chain security. This is when an enterprise outsources trust to a third-party vendor, and that vendor is somehow compromised. The SolarWinds attack where hackers breached US federal agencies is a recent example. SolarWinds was just one of three outside vendors whose security was breached. Many consumers use best practices and trust a company to keep its code base secure, but if that system is hacked, their data is potentially compromised. You have to ask, if I'm getting something from a company that I want to trust, how can I make sure I’m actually getting what I paid for… and nothing more?
The good news? Defenses are evolving alongside threats. For example, the practical methods of handling encryption are getting much better, even though we're using the same principles from a long time ago and now you can even download an encrypted messenger platform that isn’t terrible .
Out-Thinking The Enemy
In terms of security, we’re trying to figure out: how will the bad guys attempt to gain access they shouldn’t have? From a security perspective, our lens is pretty basic. It displays information and it retrieves information. And it’s got some sensors and communication protocols to help it do that. But it doesn’t have a huge storage cache, USB port, or exhaustive list of comm protocols it supports. That's a good thing, because it limits the avenues an attacker can exploit. It talks a very basic protocol, and if we get that right then we're most of the way there. If you try to take it apart to alter how it works, good luck—it’s not the easiest thing to reassemble!
Based on scale, the smaller your solution is (literally and computationally), the easier it is to understand where vulnerabilities exist . There are some tools at your disposal that just shut down loopholes. As a system grows, the bigger you are, the more likely it is that an attacker can gain a foothold: the defender has to anticipate every avenue of attack, while the attacker only has to find a single unguarded path that gets them to their goal. Launching a product is basically matching wits with the most powerful attackers that care to challenge its security. To me, the best way to do that is to strive for simplicity – and then erect as many lines of defenses as practical.