Internet of Things | Paul Wallbank - Communications Professional

Breaking the APIs

Access to APIs is going to be critical in the connected world, but what if a service closes down?

One of the truisms of modern business is we live in an API economy where open Application Programming Interfaces allow software companies to connect their platforms that builds an ecosystem of developers and extends the functionality of their products.

But what happens when an API shuts down or a company starts applying the web2.0 principles of draconian legal terms and conditions to its data feeds? Pinboard, “the social bookmarking application for introverts” is illustrating how serious legalese can be for developers.

Maciej Cegowski, Pinboard’s founder, decided the terms and conditions imposed by popular automation site If That Then This (IFTTT) were too demanding and pulled his service from the platform.

In a blog post he lays out exactly why, citing IFTTT’s demands for rights over his service along with the option of the plaftorm being able to assign those rights to third parties.

For developers, IFTTT’s terms are almost impossible as the platform strips them of their intellectual property rights and restrains their trade. It’s a classic case of legal over-reach which is all too common in the control obsessed tech industry.

As we’re seeing software vendors releasing platforms to manage IoT devices through APIs and cloud services making their plethora of APIs a selling point, access to these becomes a serious matter for the software industry.

There is a worrying aspect for users in this as well, as those relying on Pinboard services driven through IFTTT are now effectively stranded and have to look for another site that provides similar functions.

While Pinboard is quite small, a larger service shutting down its APSs could have dramatic effects. This is even truer with Internet of Things devices that could use a service like IFTTT to run key functions.

Designing devices and services to cater for the possibility an API or web service may become unavailable needs to be priority for IoT vendors while for developers and users, the risk a service may stop is something that should never be far from their minds and factored into the business and purchasing decisions they make.

Trade offs in the smart city

Smart cities are a trade off between privacy and utility, what is the balance residents are prepared to accept?

What are the trade offs in the connected city? Last week we had an opportunity to talk with Esmeralda Swartz, Ericsson’s Vice President of Marketing Enterprise and Cloud last week about what policy makers and citizens need to consider.

One of the important issues is security in both the data being collected, “what are the benefits and what is not acceptable?” Esmeralda asks.

In all the conversations this site has had with smart city advocates the topic of open data has been essential, but this raises the issue of security. Something lacking in the Internet of Things.

“Security has to be built into every level,” says Esmeralda who flags that the IoT adds a whole range of new risks.

Along with security, a critical part of a successful connected city is having open data, Esmeralda believes.

“if you start looking at the all the layers that need to be connected then they have to be open,” she says.

Open data is a critical point for smart cities and connected communities, if information isn’t open then it’s hard for an ecosystem to develop or for residents to have confidence their data is being used for their benefit.

For companies like Ericsson, who are trying to establish themselves outside of the traditional telco model, gaining the confidence of communities and their leaders is essential to their smart city strategies.

Much of the smart city movement is based upon solutions looking for problems – a common trait of the IT industry – for vendors like Ericsson to succeed in selling their products it’s essential to prove value to their customers and gain the confidence of communities as they trade off utility for privacy.

Warning against the connected car

The FBI and US Department of Transport warn of risks in the connected car.

A year after hackers demonstrated the risks of connected cars, the FBI and the US Department of Transportation have warned consumers of the risks in internet connected vehicles.

This warning comes as automobile manufacturers are pushing their new breed of motor cars as being software platforms rather than vehicles and calls into question how well security and safety are being designed into their products.

One of the recurrent features of these sort of warnings is how regulators, manufacturers and software designers try to push the risks back onto consumers rather than the companies designing these systems.

Officials said that while not all car hacking incidents result in safety risks, consumers should take the appropriate steps to minimize their own risks.

It’s hard to see what consumers can really do, as most of these systems are ‘black boxes’ protected by strict terms preventing users from seeing, let alone understanding, the software running the vehicles. Customers have to trust the manufacturers to do the right thing.

For the Internet of Things, and connected cars, to be successful they have to deliver value to consumers and have the confidence of the market. Right now many of these features seem to do neither.

Bringing cybersecurity into the mainstream

The corporate world is taking security seriously says Cisco’s Chief Security and Trust Officer, John Stewart

“Cybersecurity is out of the dungeon and now selling itself as a business service,” says Cisco’s Chief Security and Trust Officer, John Stewart.

Stewart was discussing his company’s security challenges at a Cisco Live briefing at their Melbourne conference yesterday.

The shift to security as a business service follows the pattern of computerisation in business believes Stewart, “at first businesses said you can’t keep important documents on computers, then they said you could only keep important data on computers”

For Stewart, the fact c-level execs recognise the importance of cybersecurity is a positive sign that indicates organisations are taking IT and communications security seriously.

When asked what keeps him up at night, Stewart said it was worries about infrastructure security, the Ukrainian power network’s experience after an attack from a seriously motivated group of hackers indicates just how serious this is.

Interestingly Stewart remains focused on the risks of security breaches, as the Internet of Things rolls out it may well be the integrity of data streams becomes a far greater focus for system administrators and security officers.

Paul travelled to Cisco Live in Melbourne as a guest of Cisco

Australia’s missing technology leadership

Australia’s political and business leaders go missing as the nation tries to refocus its economy

This morning Cisco announced its latest global innovation centre in Sydney focusing on what it describes as Australia’s strengths in agriculture, resources and smartcities.

Along with with Cisco’s commitment to support the Sydney centre to the tune of 15 million Australian dollars and invest in local IoT businesses the project promises to bring together the data resources and skills of the University of New South Wales’ Engineering faculty, the Data 61 research agency and various state government departments.

Cisco’s launch though comes at a difficult time for the Australian scientific and research communities as just last week the national research agency, the CSIRO, launched another wave 0f job cuts immediately after restructuring the sector and even the location of the announcement is being sold off to property developers as the state government sees real estate ventures trumping technology investments.

Governments go missing

Even more telling during Cisco’s announcement was the poor presence by governments and corporate partners, the New South Wales state government at least sent along a minister and his Departmental head but the Federal government, despite its much heralded Innovation Agenda, was nowhere to be seen.

That lack of Federal government support is telling, particularly given regional and rural development is supposedly a priority of the current administration. An informed observer may be forgiven for thinking 21st Century technology investment would assist even the 1950s inspired project to develop Australia’s sparsely populated north but one supposes that grand vision extends to dams and highways.

The missing corporate links

Probably the most troubling omission is that of telecoms providers, agricultural and resources businesses utilising the Internet of Things or M2M technologies need connectivity and the absence of either Telstra or the flailing government owned National Broadband Network means an important piece is missing from the push to connect these industries.

Once again both Optus and Vodafone – the latter probably having the best global M2M capacity of any provider – miss an opportunity to position themselves as an alternative provider to Telstra which proves whingeing about competition in the Australian market is a damn sight easier than putting some money down.

Notably missing as well is support from Australia’s corporate sector. While resources giant Woodside is a partner of the Perth centre, there’s little engagement from any other major company. The reply to a question by this writer to the panel about accessing the data held by the large pastoral companies illustrated what little engagement there is from key private sector stakeholders.

Fighting the innovation bureaucracy

To be fair to Cisco, these missing links are not the company’s fault and the delay in launching their Sydney centre was due to various shenanigans within Australia’s innovation bureaucracy beyond their control.

Hopefully Cisco’s Sydney centre will be successful – despite the fine words of Prime Ministers and other politicians Australian industry desperately needs some genuine leadership as the nation realises the safe certainties of the 1990s have passed.

For the moment though the lack of engagement in the technology industries by political and business leaders is striking. It’s hard not to think the country has regressed back to a smug 1950s view of the view, something not helped by all these events being almost overwhelmingly dominated by white, middle class middle aged men.

It’s time for Australia to start thinking differently. The nation’s business and political leaders can’t expect multinational corporations to drag the nation into the 21st Century.

Coming to the end of Moore’s law

Moore’s law may be reaching its limits, but that only means things could be getting more interesting for the chip industry.

One constant in the modern computer industry is Moore’s law, the rule described by Intel co-founder Gordon Moore that the number of transistors on a microprocessor will double every two years.

Nature magazine reports chip makers are now about to abandon Moore’s law as they reach the physical limits of etching an ever increasing number of transistors onto silicon.

This doesn’t mean the microprocessor industry is about to stagnate however as the demand for more mobile and energy efficient chips is expected to boom as the Internet of Things evolves and wearable technologies become commonplace.

Hacking the power grid through air conditioners

Air conditioners are the latest internet connected devices to raise security concerns

Another example of the unintended consequences of poor security in the Internet of Things is Wired’s story about the possibility of hacking the power grid by accessing smart air conditioners.

In the US, electricity companies offer deals where consumers get reduced bills in return for the utility being able to throttle the usage of air conditioners during peak power periods.

Those devices turn out not to be well secured which opens the possibility of malicious actors causing brownouts or service interruptions in a targeted areas.

Sadly this story isn’t isolated, too many connected devices have poor security that opens up the a range of risks to homeowners, businesses and the community at large.

BlackBerry’s last smartphone

The BlackBerry Priv is probably the company’s last smartphone as it pivots to being a security provider

Having written about BlackBerry’s ambitions in the marketplace for The Australian last week, it wasn’t surprising to be invited to the company’s Down Under launch of their Priv handset earlier today.

The event illustrated some brutal realities about mobile phone market and BlackBerry’s efforts to build on its strengths in the enterprise security space.

With 2.7 billion dollars of cash reserves, the company has seven years of breathing space at its current loss rates although it’s notable the stock market values the company at $3.5bn, implying investors value the business’ operations at a measly $800 million.

Given the collapse in BlackBerry’s handset business from twenty percent of the market at the beginning of the decade to an asterix today, that pessimism from investors isn’t surprising and underscores why the company is recasting itself as an enterprise security provider.

Five major acquisitions in the last 18 months have demonstrated how BlackBerry is attempting to recast its business; security services like Good Technology and Secusmart through to warning software like At Hoc have seen the company bolster its range of offerings.

Coupled with the recent acquisitions are its own longstanding messaging and secure communications services combined with the QNX software arm that promises a far more reliable Internet of Things than many of the current operating systems being embedded into smart devices.

The Android smartphone system itself is bedevilled with dangerous apps running on outdated software and where BlackBerry hopes their PRIV handset can attract enterprise users conscious of the need to secure their employees’ devices.

For BlackBerry though, the PRIV being shipped with the Android operating system is a capitulation to the smartphone market’s stark reality where there is only demand for two products and outside players like BlackBerry or Windows are destined to wither away.

While the PRIV is a nice, albeit expensive, phone and the slide out physical keyboard is nice to use, the device seems to be a desperate attempt by the company to stay in the smartphone market.

As an outside observer it’s hard to see the justification for BlackBerry continuing as a phone manufacturer, there may be some intellectual property value from the development of the devices – although it should be noted the company only valued its IP assets at $906 million in November 2015.

While the PRIV is a perfectly good Android phone it will probably be the last smartphone BlackBerry makes, the challenge for the company’s management now is to tie together the software assets it has into a compelling suite of products for the enterprise sector.

In an age where devices of all types are going to be connected, the market for ensuring their security should be huge. Catering to that market should be BlackBerry’s greatest hope of survival.

Taking responsibility for algorithms

In a smart connected world awry algorithms pose a number of risks. What should regulators do?

Who is responsible for the effect of renegade computer programs is going to become a serious legal topic as an increasing number of things become ‘intelligent” and connected to the internet.

Britain’s Financial Conduct Authority (FCA) is one of the first regulators to start looking at how companies’ algorithms. In their just released rules for wholesale traders, the FCA sets out the responsibilities for companies and their managers.

“We are determined to embed a culture of personal responsibility within the banking sector,” says the FCA’s Acting Chief Executive Tracey McDermott. “Clear individual accountability should focus minds, drive up standards, and make firms easier to run and to supervise. And if things go wrong, it will allow senior managers to be held to account for misconduct that falls within their area of responsibility.”

The definition of ‘misconduct’ when an algorithm goes awry will undoubtedly prove contentious, as will the idea of ‘personal responsibility’ in the banking sector.

While it’s too tempting to be dismissive of such move in the financial services industry, the FCA’s regulations are a pointer of what most industries are going to face over the next ten years as the more devices make decisions for themselves or communicate with other equipment over the Internet of Things.

In many areas the question of who is responsible for a rogue computer program will be left to the uncertainties of the legal system with no doubt many surprises, injustices, inconsistencies and unintended consequences so the earlier regulators develop a framework for dealing with mishaps the better.

Should the IoT start delivering on its promise of a connected world a poorly designed algorithm in even what should be relatively trivial devices or services may have the potential to cause massive disruption and damage. It’s hard not to imagine many other regulators in other industries are looking at how to attribute responsibilities, if not minimise risk, in a smart connected world.

Knowing what we don’t know

Cisco’s 2016 security report show businesses are more uncertain than ever about their network defenses. This is a good thing.

The 2016 Cisco Security report is in many ways an encouraging document, while it describes a litany of threats facing the modern business the fact managers are less confident about their defenses is a good thing.

Of the 2432 security executives surveyed 59% claimed their security infrastructure was up to date against 64 percent said the same. Acknowledging this is motivating them to improve their defenses.

For industry, the real concern is the small business sector where there’s a clear decline in the use of IT security tools. As the Target breach showed, trusted contractors and suppliers provide a weakness in an organisation’s systems that malicious actors are keen to exploit.

In Cisco’s analysis, the main reasons for SMBs lack of concern is their belief they are too small to be valuable to hackers and most of their IT management is outsourced.

A shift to the cloud shouldn’t be understated, particularly given many SMBs are shifting their IT functions onto cloud services. While this doesn’t fully protect businesses, the cloud providers certainly offer a far higher level of protection that the local plumbing contractor relying on a mom and pop computer support service.

The bad guys however are responding to that shift with Cisco reporting increased browser based and DNS attacks, both of these are useful in compromising cloud computing services which means both service providers and end users have to be vigilant about security.

At all levels of business though the lack of confidence in security has major ramifications as the Internet of Things is rolled out and common devices start being connected to fragile and often compromised networks.

The good news for vendors like Cisco is this lack of confidence could spur a new wave of business investment as companies improve their network security.

Another important aspect of CIOs and business owners not being confident about their network security is they are far less likely to assume their systems are safe or to passively accept vendor assurances about their safety.

For all of us a customers and users of these technologies, a greater focus on security by the organisations we deal with should be welcomed as well.

Keeping the IoT simple and safe

Making the IoT simple and safe is the most important tasks facing Internet of Things vendors

Ten years ago a joke going around was “what if Microsoft built cars?” The answer summed up the frustrations users had with personal computers and the differences in engineering standards between traditional industries and that of the IT sector.

As we enter the Internet of Things era, that tension between consumer devices and good engineering continues as shown by a software bug that rendered Nest thermostats useless.

That poor software would drain the battery without warning the user, illustrates how poorly designed many of these devices are.

Ironically Nest’s owners, Google, held a conference earlier this week where the company’s leaders flagged the importance of standards, security and privacy.

In a call to action for the IoT industry, Google’s lead advocate Vint Cerf, also known as one of the “fathers of the Internet,” warned that compatibility, security, and privacy could be obstacles to the IoT’s success.

Reliability is also important, particularly when talking about safety and security – Nest also make carbon monoxide detectors – where a device crashing or failing can have terrible consequences.

At present most of the Internet of Things is about the gimmick of connecting devices to the cloud and controlling them from your mobile phone. Consumers are not going to embrace IoT products if they add cost, complexity and risk to their lives.

Keeping it simple and safe are probably the most important things designers of IoT devices can do.

Revitalising the telco smartcity party

Can AT&T spark life back into the telecommunication industry’s smartcity party?

AT&T is expected to announce a new smartcity strategy at next week’s Consumer Electronics Show in Las Vegas.

Three years ago we interviewed Barcelona’s deputy mayor Antoni Vives about the possibilities of the smart city. What was notable about his views was the emphasis on the social and ecological benefits of these technologies.

“Barcelona has to become a city of culture, creativity, knowledge but mainly fairness and well being,” Vives said. “I would love to see my city as a place where people live near where they work, I would love to see the city self sufficient in energy and it should be zero emission city.”

Vives’ point is essential in the smart cities discussion. While the gadgets and data analytics aspects are important, it’s the benefits to government and the city’s inhabitants that are essential.

Which is a problem for telecommunication providers and tech vendors looking to find new, high margin, markets as most of the products they are touting are the classic ‘solution looking for a problem’ that has been a future of the computer industry for decades.

Telcos are in a more difficult position as many of the smart cities are deploying their own wireless networks which compete with their own often expensive solutions, particularly M2M services that rely on devices having costly SIM cards fitted.

It’s hard not to think AT&T’s move is one of a desperate late comer to a party that’s already not living up to expectations, it will be interesting to see if their CES announcement sparks some life back into the smartcity discussion.