The future of technology is 'hacked'

But there are friendly hackers and not-so-friendly ones

Pretty much everything in the world of tech these days is being hacked, either unofficially - in the case of iPhones - or with the manufacturers' blessing, as in the case of Intel and AMD.

Intel's 'Bad Axe' motherboards, for example, make it easy to overclock your CPU, and AMD-owned ATI provides an overclocking tool called OverDrive with its Radeon graphics cards.

Meanwhile Apple admits that 1.45 million of its iPhones are 'missing in action', which means they've almost certainly been hacked to run on other phone networks or to run unapproved applications.

The company has tried to fight the trend by 'bricking' iPhones - issuing software updates that disable hacked phones altogether - but it can't hold back the hacking tide. As soon as Apple has disabled a hack on the iPhone, the race is on to hack the firmware again.

It seems that if you can't beat 'em, you need to join 'em. Apple has already demoed its iPhone/iPod Software Development Kit (SDK), which will enable developers to supplement or replace the iPhone's standard applications. The hacking community has already unlocked it.

Meanwhile Google and Intel are offering eminently customisable, Linux-based platforms for phones and PCs in the form of Google's Android OS for phones and Intel's Mobile Internet Device (MID) platform for small portable PCs. Things are getting interesting.

Personal computing gets more personal

The open source Google Android platform brings the DIY/customisation ethic to mobile phones, a platform previously famed for the networks' strict rules on what applications handsets could run. Personal technology, it seems, is about to get even more personal.

Don't like your PC's performance? Hack the CPU. Wish your phone was a better games machine? Hack it and install an emulator. Don't like the way the web works? Install Firefox's Greasemonkey add-on and bend the entire Internet to your will. Reckon Half-Life 2 would be better if it featured a virtual Eamonn Holmes doing handstands? Build your own mod.

In many cases hacking can make an existing product even more attractive and boost sales. Some products have even been improved. TiVo devotees, for example, added Wi-Fi to the company's first-gen DVRs; while coders added applications such as My Movies and MCE Customiser to Microsoft's early Media Center software builds.

On a very basic level, how many of you hacked your DVD players to unlock its region coding? Sites like DVDexploder exist for precisely this reason.

Hardware firms now know that if they don't support the very lucrative modding market, their rivals will. Software developers know that community-created add-ons and extensions can make their programs more compelling.

And websites and services know that the more goodies they can offer, the more people will use their services - which is why Google and Yahoo! encourage developers to build 'mashups' from their various online services, Facebook offers an application development platform to annoy users more efficiently and publishing platforms such as Wordpress use 'widgets' to integrate popular services such as Flickr or Google AdSense.

There goes your data

When you install a widget built by Google or Microsoft you can be confident that it's not up to anything dodgy, but can you say the same for a third-party website add-on from a developer you've never heard of?

The risk from malicious online applications is fairly small - the very nature of the Internet means any dodgy deeds would be quickly exposed and widely publicised - but there are real concerns over data privacy and security.

For example, if you install a third-party Facebook application you'll be warned that Facebook doesn't screen or approve application developers and cannot control what they do with your data. As application developers are global, it's safe to assume that they neither know nor care about the Data Protection Act or other UK-specific legislation.

Website mashups - such as combining mapping services with other sources of data - are a particular concern, because by aggregating multiple data sources they can create worrying new applications.

As Tom Owad describes on AppleFritter, it's relatively easy to combine mapping data with Amazon wish lists. As he demonstrates, once you've done that you can see where, say, people who want to read 1984 live - and zoom right in to have a look at their house.

Add in someone's Flickr photos, the classified ads they've posted online, their Facebook news feed and the electoral roll data used by sites such as 192.com and you've got an extremely comprehensive picture of someone's life.

Middling security

Another concern about mashups and third-party applications is what's known as a man-in-the-middle attack. As IBM Research's Paul Karger told the 2007 IEEE Web 2.0 Security and Privacy Workshop, "With mashups, the presence of a man-in-the-middle is totally legitimised. The operator of the mashup might be trustworthy, or the operator might be an evil attacker, and the end user has no way of knowing the difference."

Even if the middleman is legitimate, that doesn't mean your data is secure. No matter how well various websites and services protect your data, if the site that combines them doesn't take security equally seriously then it's a very weak link in the chain - and a potential goldmine for the various villains that infest the Internet.

For most of us, though, the risks of open platforms and online data are massively outweighed by the benefits. After all, if it weren't for openness the Internet as we know it wouldn't exist. Would you trade today's Internet for the walled garden days of CompuServe and AOL? No, neither would we.

Related news