Paper is a near-perfect barrier to hackers, ransomware and other exploits

by Michael Smith (Veshengro)

The most “futuristic” data security is a pen and pad, and also the old-fashioned typewriter.

America's most secure federal agencies were hacked by a 16-year old who obtained their internal files; a Medical Center in Los Angeles that was hit by an infection of "ransomware" which locked up all its data in encrypted form until a ransom (hence the name) was paid to the software deployers to decrypt the data again; and those are but two incidents of many.

A much more secure technology, that would serve as a near-perfect barrier to hackers, ransomware and other exploits, is a rather old-fashioned one, namely, put all important records back on paper and put them into lockable filing cabinets and safes.

Worried about your mail communications – your emails – being (able to be )read by those who maybe should not? The we must return to the humble snail mail and use the letter carrier once again. All electronic encryption can, eventually, be broken because it is electronically generated and has a weak point somewhere. The mail service, theoretically, cannot simply be intercepted and thus is far more secure than email, alas a great deal slower.

Because of the problems that have been encountered by intelligence and security services in other countries the Russian services, including the FSB, have gone, for sensitive material back to paper records, circulars, etc., written on typewriters. All such circulars have a limited circulation list and any leak can therefore, theoretically, only come from members on that list.

Handwritten records also have serious anti-fraud characteristics. Such notes capture information in terms of handwriting, ink color, etc., that make it harder to make wholesale changes without it showing. Electronic records, on the other hand, tend to look the same. Also, to make changes, within a written handwritten text your would have to erase, in some way, the original words. It shows. Not so in electronic material. Even the original of an email can, under Forward, be altered to appear to say something other than what original was written. Altering, however, handwritten or typewritten material, afterward, requires a very good forger generally.

If I were running an intelligence agency, I would have all my important stuff done in handwriting or on mechanical typewriters (the old kind that type over the same fabric ribbon multiple times) and distributed in sealed envelopes. If I were setting up a voting system, I would use paper ballots instead of electronic voting machines. And if I were running a hospital, I would seriously consider doing everything on paper.

There is a place for computers and computer records, of course. But for things that really matter and that need to be genuinely secure, maybe we should try a more advanced technology: Paper and ink. Take that, hackers.

Data on computers can and will never be perfectly safe. Thus, I propose a more secure technology that would serve as a near-perfect barrier to hackers, ransomware and other exploits: Put important records back on paper. And then lock the stuff up in lockable filing cabinets, safes, or vaults.

Writing by hand, as far as note-taking is concerned and such, is also a great deal faster than using a keyboard, and, as far as medical staff are concerned the contact with patient/client and the person taking the notes is closer.

The truth is, paper records are inherently more secure. To steal 10 million electronic user records from a government agency, all you might need is a cracked password and a thumb drive. To steal that many records on paper, you would need a fleet of trucks and an uninterrupted month.

And ransomware would not work on paper records. What would you do? Put a padlock on the filing cabinets and demand ransom for the key? Not very likely to succeed. There are things called bolt cutters and angle grinders, if you get my meaning.

And often, putting things on computers is a crock anyway. Electronic medical records, touted as saving money and streamlining care, are a major cause of physician burnout. It has gotten so bad that some hospitals actually advertise the lack of electronic medical record systems as a selling point in recruiting doctors. Nor have electronic systems paid off as promised.

A recent study of more than 1 million medication errors reported to a national database between 2003 and 2010 found that 6% were related to the computerized prescribing system. Those problems, and considerable expense, could have been prevented by sticking with pen and paper.

So, if you really want data security stick with pen, typewriter and paper. OK, or use the computer to print out the material and file it in the old-fashioned manner, in a filing cabinet.

You address book is also much better served being in a real book or on index cards and filing box for same. You can get to it be it the power is down or your computer or other device has crashed, or whatever. Yes, it is a little more on the bulky side but short of a fire your data will always be recoverable.

© 2019