Posts by :

Information Security and Threats

The myriad measures we have taken for the security of our personal data may be making our daily life a bit more difficult. However, it should not be forgotten that everyday a new information stealing and intelligence method is being developed against every measure taken.

While we are spending so much time and effort in the simplest terms on our personal data, what can be the level  for institutions, communities and moreover for countries to ensure information security?

Protecting the information and against it, the intelligence activities carried out in order to acquire information bring to mind military and political issues firstly. When we have a look to NATO’s security structure for the sake of generalization, Information Security is at the top level under Basic Security heading, along with Physical Security, Personnel Security, Procedure Security and Document Security. In a subdivision, Information Security (InfoSec) contains Computer Security (CompuSec) and Communication Security (ComSec) components. Afterwards, the different security sub-units created for different threats, branching out as we go over the details …

So what are the threats that require so much precautions?

It is impossible to tell all the threats so long here, but I can clearly say that as we are discussing these issues now, some new intelligence methods are being developped somewhere… But in general, we can summarize the issue as seizing the information from involuntary emanations (passive intelligence) and attacting to information secured against unauthorized access (active intelligence).

Today, while corporations and organizations are struggling to prevent unauthorized access to data in computers primarily, thinking that they are safe by using firewalls and antiviruses, in fact, information is spreading around as emanations. For the unauthorized persons who are in passive listening mode, they only accumulate the information free in the environment with their technical capabilities. An old technology, “listenning to what is spoken in the environment by remote laser signals, by means of transducing the vibration generated on the glass into significant voice and texts (optical intelligence)” can still be utopian for somebody today. In the same way, using TEMPEST technology (obtaining information from electromagnetic emanations) to get the information from IT devices such as computer screens, hard drives, printers, scanners, etc., remotely from a distance of tens of meters, is still attractive, however it is first used in the 1960s.

“Emotional” analysis with wireless data signals: EQ-Radio …

You must have read the news that a group of scientists at MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) have conducted studies on analyzing emotions by sending wireless data signals and have 87% successful results. With the wireless signals sent, they can detect the excited, sad or irritated moods of the people. There is no doubt that this technology, called EQ-Radio, will be actively used to get more detailed information in the close future. The fact that wireless modems are widespread in every environment we are entering, will force you to embrace “what information can be gathered with the signals sent from the modems”. While we continue to feel safe with the antiviruses and firewalls we set, honestly, we live in an era when we can not guarantee that the information in our mind is not captured.

This article was published in periodical “Science and Technology to Everybody (Herkese Bilim Teknoloji)”, November 18, 2016

Bilgi Güvenliği ve Tehditler

Information Security and Turkey

I have shared in my previous article that the dizzying development in Information Technology has led to a number of complications that make our life more difficult for “Information Security”. Personal, sectoral, commercial, national and, in fact, a global sense of information security requirements renew themselves every day.

What is happening in Turkey while something new is being done every minute for information security all over the world?

In fact, the answer to this question is rather complicated not only for our country, but for all countries and even for communities like the EU and NATO. First of all, it is worth mentioning that we can see Cyber Security as the flagship of information security. In particular, the precautions to be taken in communication security are the first ring of the chain. The ministry responsible for this issue in Turkey is the Ministry of Transport, Maritime Affairs and Communications. With the amendment made in 2008 also received the new name the chief actor of the process is Information Technologies and Communications Authority (BTK). It is working on information technologies at regional, national and international level. Monitoring the communication made up of all the communication channels including internet until the 15th of July was carried out by the Telecommunication Communication Presidency (TİB), a sub-unit of the Institution (BTK), after which the authorities of the abandoned unit were gathered in the BTK.

Have a central Information Security structure been established with BTK?

Clearly no! In fact, the idea and work of establishing a National Information Security Organization, which has a comprehensive and authoritarian nature, has existed for many years in different periods. The team, which I had been working for on behalf of TUBITAK-UEKAE and which is hosted by the General Secretariat of the National Security Council, consist of Prime Ministry, the Ministry of National Defense and other relevant ministries, the Undersecretariat of National Intelligence Agency, the General Staff and the General Directorate of Power Commands worked for long days of shift for the establishment of this organization and the related laws. The current state of the draft of the proposed law, which is being developed every year, is a partly became reality as the decision of Council of Ministers’ on the “Implementation, Management and Coordination of the Workshops on National Cyber Security. As a concrete organization, we can give the National Cybercrime Intervention Center (USOM) as the example, which has undertaken the task of detecting and threatening the cyber threats that our country might be exposed to, conducting activities and informing relevant places.

Despite a central restructuring effort on National Information Security, our country has a balance formed by the support from the ministries, the General Staff and the Force Commands, the General Directorate of Security, TUBITAK and some other Public Institutions and even the banks.

Electronic signature and electronic certificate usage is spreading rapidly in our country as it is in developed countries in order to use internet in the public works more securely, which is the most important instrument of the age.

It is very clear that measures to take, planned measures, laws, drafts of laws, agencies, committees will be in an ever-changing regeneration process every passing day. However, the fact that personal information of nearly 50 million citizens has been stolen and published on the internet in the very recent past is the most concrete indication that we should take more serious steps in this dynamic process …

This article was published in periodical “Science and Technology to Everybody (Herkese Bilim Teknoloji)”, October 7, 2016

Türkiye bilgi güvenliği

Living with Information Security

Inspite we live in the era of information technology, it provides unlimited facilities to access information. It is not so far the days that we had to search the right library and then find the right source among thousands of books for obtaining the information we were looking for, but today, with a popular expression, information is just as close as hitting a key.

It is very natural that keeping confidential information is very hard in such an environment as it is so easy to access every information.

Information security, in general terms, is the whole of the work carried out against acquiring the information required to be protected, harm, the use, modification and recording of this information by unauthorized persons.

Although the concept of information security today is almost synonymous with cyber security, the work done to protect information is very old. We know that special messages from Julius Caesar, the great leader of the Roman Empire who lived in the 1st century BC, were tried to be kept safe with the technique we call Caesar Encryption today. The example of a more recent past is the struggle of intelligence and intelligence counterattack in the Second World War. Germany’s legendary crypto device Enigma, today when it is called cryptology, is the first thing that comes to mind even for people who are not interested in this science.

Is information security important just to ensure the confidential information and communication security of states?

Without any doubt, No..!

Information security is an essential aspect of commercial secrecy and even personal privacy. The steps that commercial companies take before their competitors, the policies and strategies they pursue, the R & D work they do, the financial actions and many other issues have a very delicate balance based on the provision of information security. We are using our mobile phones by dialing the pin code, personal privacy has a priority of everything…

The most interesting statistic on this subject comes up when judicial cases related to cyber security are examined. The new trend of information security violation is seizing digital game accounts… Yes, even though every day we hear an internet fraud news, the case of unloading the bank account, the digital game account theft is surprisingly the same size illegal revenue gate.

While talking about communication security, computer security, cryptographic security, RF security, optical security etc. coming across with information security in a much simpler phase of our life leads us to watch a thief-police struggle that develops with technology … And as a part of this struggle, we have to learn living by keeping in mind dozens of passwords to be used at every step we take in the virtual world today. How satisfied or dissatisfied we are in this situation, no commment…

This article was published in periodical “Science and Technology to Everybody (Herkese Bilim Teknoloji)”, September 16, 2016



Why Do We Have To Turn Off Our Mobile Phones in Aircrafts?


At these days of feeling as if naked at a deserted island when we don’t have our mobile phones with, it is for sure the most hated announcement of aircrafts hearing “Please turn your mobile phones off”. Like it or not we abide the  rule,but why is this measure necessary? Well, the answer to this question is right in it, this is a measure as most rough form..!

As I had shared in my previous articles, affecting other electronic devices with intentional or unintentional emissions from electronic devices is known as Electromagnetic Interference” (EMI), where operating without causing or being affected from interference is known as Electromagnetic Compatibility” (EMC). It is not difficult to find out that the main reason of the measure is this matter of fact..So, do the  mobile phones really cause harmful EMI? This question does not have clear and universally valid answer, it can be, or it is likely to be, because the matter depends on many factors; frequency of source, amplitude, environmental conditions, realization of the coupling requirements etc. All electronic devices of their nature, have electromagnetic emissions, more or less… It is unquestionably a fact that in case of this emissions build interference on the sensitive aircraft systems, it poses a vital risk!


Although the flight permissions are given after the aircraft passed the EMC tests and is certified to be in compliance with the standards, both as a system an also as equipment base, there is no guarantee that the test scenerio will exactly suit to the conditions of the real daily life! Think of it, notification of even a one percent margin of error is adequate for us to give up the use of the aircraft, taking the risk of this interference does not look very rational…

So, how big is the risk???

When using the mobile phone apart from its communication functions (as taking photo, playing music etc.) I can briefly state that the unintentional emissions are very small in amplitude. So the risk is “bigger than zero”, but clearly much too small. However, if the the subject is messaging or having a call, that requires wireless communication, we surely know that the intentional emissions of the device while trying to connect to the base station reach to high power levels, and also we know that those levels may be high enough to create risk to disturb the sensitive navigation systems of the aircraft. Although in today’s technology this risk is minimized with EMC precautions, it is still important  and can not be ignored…

Result; Stay away from mobile phones during flights! This will reduce the risk of danger, besides it also will lead to create an opportunity to socialize by contacting other passengers, face to face…



Is Mobile Phone The Only Criminal??

We are quite pleased for the introduction of technology into every stage of our lives, because of the comfort it brings. But surely all of comforts pleasing us somehow have damage also.. 15 years ago mobile phones usage was quite limited while today we are carrying two phones and buying a seperate one to our children. The subject how much harm does the  mobile phones have on human health is not only the work of the academic community, but also is a popular topic of environments where soccer, dinner recipes and even fashion is spoken 🙂

There are thousands of studies done on this subject and numerous articles and books are published. In the period I served for TUBITAK this issue was more popular… we did academic work on the subject, we may consider it later, but questions from our daily lives posed a serious e-mail and telephone traffic …

There are two basic curiosity about mobile phones; first concerns people resting at an office or house close to a base station, anxiety about radiation…the second is more general; how much we give harm to our health when using a mobile phone…

The Base Stations..!

You should first note that mobile phones do not communicate between each other, but with the base stations. So we use the phones by transmitting and receiving signals to the base station. The service can only be possible if the power of that base station is enough and the number of the mobile phones benefiting from the same base at the same time is below a certain limit. Each base station broadcasts GSM signals using antennas on them. This signal emission, depending on the direction of the antenna, radiates at a certain angle. To make it easier to imagine, you can think of a lighthouse in the darkness, usually like the ones in cartoons. Like the one on that scene, starting from the base stations antenna, electromagnetic radiation goes ahead getting wider by the distance, such as the light of the lighthouse. Is it possible to be affected by the light while sitting at the foot of the lighthouse..?? taking also into account the proverb “candle does not illuminate its bottom”.. It is the same case for base stations, the base on the top of our building does not have any harm, but also any benefit. Although no widely accepted standard,  there are limits of  World Health Organization and ICNIRP for electromagnetic emissions. Turkey’s accepted limit values ​​are well below these limits…

What about the phone itself ..??

Coming up to the mobiles we use…We can send  our voice, messages, photos, even videos from place to place wireless, so it is certain that an electromagnetic radiation exists. As time goes on, less environmental health  damaging technologies are being developed and products are tested more strictly. Very basic rule of electromagnetics may benefit us pretty good:  “electromagnetic field decreases with distance..!”. There is a  serious difference between talking with a mobile phone while leaning it on our ears and keeping the phone at 2 inch distance from our ears..! Using headphones and keeping the phone away from our body is the ideal solution.

I made dozens of emission measurements on base stations, I’m not saying this to justify this system but in areas where people are present,  I’ve never seen a value in remotely approaching the limit. What about mobile phone usage?? More or less it is certain that there is an affect to human body, especially the metabolism..but isn’t it a conflict not getting our minds busy with the electromagnetic radiation of household appliances like vacuum cleaner, blender, hair dryer, air conditioner, computer etc. that we use in our daily lives..make a search for the amount of radiation of those equipment..! 🙂

Consequently, without a shadow of a doubt, exposure a long duration to a high amplitude electromagnetic energy have a serious damage on health. Because the limits are given with derived values but not the realistic results gained after series of long lasting experiments on human health, nobody can claim that limits are reliable. Is it the cause of the increase in cancer cases, the becoming spread of amount of electromagnetic emissions from technological devices..??? Probably… In today’s technology, mobile phone is just one of the hundreds of devices around us, radiating electromagnetic  energy as the source…do they give damage too much??? Greater than zero… 🙂