It’s that time of the year again! Time to dust off the magic ball to try and see what will happen in the next year. I know for a fact I will write more and this blog will keep growing. What about other trends? Let’s explore some things I think will come next year. It’s always fun to record those and then go back to see how it turned out.
More SSL/TLS on the Internet
We already saw big increase last year, 90% of all chrome traffic is now HTTPS. By now, the certificate authority, let’s encrypt and others using the ACME protocol are going full speed ahead. They are helped by the big browsers so it should increase even more. Chrome, which now includes the new Edge, and Firefox are now changing their interface based on certificate mass adoption. Now the default state will be HTTPS and insecure sign for HTTP. Which is a move from HTTP as the default and secure for HTTPS.
I don’t think we will ever reach 100% of the Internet being TLS. Some sites are just not maintained or “lost”. Even then we probably should reach as high into 90% as we can. We might even reach into 95% if the website owner react. Since there’s no more reason really not to have HTTPS for your site. ACME makes it easy and painless which and is perfectly fine as a base. Then if you want something more professional, you can go with a certificate authority.
Encryption War (especially in the US)
As I talked about before in the future part there, the encryption war is coming. There’s some weird pressure from some US politicians to make robust end-to-end encryption illegal. Robust end-to-end encryption means, only the parties involved can see the content of the file/communication. The hosting company cannot, the servers don’t have it, the developer can’t give the information away. The politician arguing against this is very close to crying wolf with terrorism and child abuse. Both those things are really awful and should be stopped, no question asked. The problem here is, those awful things don’t come from encryption.
Sure, it might allow those people to hide. But what’s being asked is a backdoor allowing the authority to see into everything with a warrant. Worst, if the companies don’t comply, make all encryption illegal. Doing so won’t make those awful people stop or even arresting them easy.
They’ll just move to a different service from outside the US. What then? We now have a backdoor that can be abused by hackers. Those hackers won’t wait around and, they will try everything to enter. Especially knowing there’s a way in because it’s required. This whole thing is going to be a mess. It might last longer than all of next year too. Hopefully though people will stop crying wolf and actually try to find ways to solve the problem.
Mid-range Phone Next
They will be the next big things in cellphones. This prediction is related to 5G availability too. With 5G high-end phone will easily start in the $1000 instead of $800–900. That will make mid-range phones way more attractive for everyone. Another thing is, most of the high-end features and specs trickle down after a while. That means next year’s mid-range will have specs like high-end phones from two to three years ago.
We’ve been pretty much in a plateau for some years now with phone technology. No big increase in power every year means two years ago high-end parts are still fine today. That in turns makes high-end phones less attractive unless you have specific needs (stylus, batteries, cameras). The final push for them will come from places like Africa, India, China. Those markets will or have exploded and will keep going, but they won’t be led by $1000 phone. The financial reality in those markets make mid-range phones the best if not only option.
5G Millimeter Wave
It will finally be there! The true 5G with millimeter waves will be available, at least in big cities. There are a lot of things that need to happen for it to get real, though. To reach the same sort of coverage as LTE or 3G a lot more towers need to be installed. That means the carrier will most likely starts with the big cities.
Another of the challenges is the signal itself. Millimeter waves require special antennas on both ends as things like trees can block the signal. You need to be able to make the signal bounce around to reach the other end. Otherwise you would lose the signal every other minutes just walking outside. That’s one of the reasons the carriers will have to deploy lots of small cell towers.
Finally, we also require phones that can handle 5G correctly. They will require the special 5G antenna and most likely a lot more battery. Without those and some optimization, you would end up with a dead phone by mid day. To finish it off, like stated above, those antennas will make phone price increase a lot.
Sadly, ransomware will still be around next year. It will also most likely be worse than this year if last summer is anything to go by. We’re entering the ransomware-as-a-service (RAAS) and commodification era. Those two things will keep the ransomware going for a long time to come. RAAS makes smaller players in the space have access to higher-end tools which are more effective. On top of that it will make the ransomware spread faster to more targets. That means smaller organizations will start to be targeted if they can pay up.
The other factor in this is cryptocurrency. Cryptocurrency by itself is not bad, but it is by its nature anonymous. That anonymity makes it a lot easier to request payment for ransomware. If people had to pay with money that would leave trace. That increases the difficulty of asking for payment and also make it hard to scale. But now the crypto market is established and you can fairly easily get money to and from cryptocurrency. That means payments are not a problem anymore and as long as it works those RAAS will keep spreading.
More CPU Design Flaws
Yep, we’re most likely not done with those either. All of 2019 researchers went hard on Intel and AMD CPU starting with Specter and Meltdown. One of the main problems was the compromise made to gain performance vs. security. Most likely those researchers will just keep going next year. When Specter and Meltdown were originally released, it was a bit out of left field. A lot of researchers then realized the CPU security field was not much looked over. No one apparently took the time before to reverse engineer and look at what Intel was doing. Especially things like branch prediction and multithreading which are the most flawed part of their design.
Thankfully, we still haven’t seen a real “in the wild” exploit of them. This is probably in part because the industry was on the ball patching them as they were found. But as time pass it’s not out of the questions it will happen. Especially given that some of those flaws are not easily if not impossible to patch. That means we will need to wait years until Intel new corrected design replace the current one. The good thing out of those investigations is pressure on Intel to look out more in the future. Now that there’s researchers looking out that should make everything more secure.