Paul Wallbank – Brilliant Communications

Tag: privacy

  • Calculating the threat score

    Calculating the threat score

    Forget credit scores, police are now running Threat Scores reports the Washington Post.

    This isn’t surprising given the risks involved for officers attending an incident or detaining a suspect and now with treasure troves of data available, police forces and public safety agencies are able to evaluate what threats are present.

    However there are real concerns about these databases and tools, particularly in how the algorithm determines what a ‘threat’ is. As the Washington Post explains one package will give a military veteran a greater risk rating as they are more likely than the general population to be suffering post traumatic stress disorder.

    In promotional materials, Intrado writes that Beware could reveal that the resident of a particular address was a war veteran suffering from post-traumatic stress disorder, had criminal convictions for assault and had posted worrisome messages about his battle experiences on social media. The “big data” that has transformed marketing and other industries has now come to law enforcement.

    The marketing industry’s use of Big Data has, and continues to be, problematic from a privacy and security point of view, that public agencies are using the same tools raises bigger concern.

    Over time, we’re going to need rigorous supervision of how these tools are used. The stakes for individual citizens are high.

    Similar posts:

    • No Related Posts
  • Designing a secure IoT ecosystem

    Designing a secure IoT ecosystem

    Ensuring the next generation of IoT devices is secure and a good citizen of the wider ecosystem will be one of the challenges facing the next generations of designers.

    Diego Tamburini, Manufacturing Industry Strategist of design software company Autodesk, spoke to Decoding The New Economy about how the IoT will change the design industry. “We’ve been designing equipment to connect to the internet for a generation,” he said. “What’s changing is that now the addition of software, electronics, networking and communication is breeding into objects that were purely mechanical.”

    Melding the physical and software worlds doesn’t come without risks however, something that worries Internet pioneer Vint Cerf who foresees headlines like ‘100,000 fridges hack the Bank of America’ in an interview with Matthew Braga of Motherboard Canada.

    Apart from the fact it could be a hundred million, Cerf has good reason to be worried. Most consumer IoT devices are hopelessly insecure and the recent stories of hacked cars only emphasises the weaknesses with connected household items.

    Cerf and Braga make the point the ‘I Love You’ worm of the year 2000 became a crisis because the world had reached the point where personal computers were ubiquitous. A similar piece of malware in a world where everything from kettles to wristwatches are vulnerable would be exponentially worse.

    These risks put a great onus on product designers, even more so given much of the functionality is based upon those devices communicating with others across the internet and cloud services, something that Tamburini emphasised.

    “One important thing that is happening with thing being connected is we are not just designing things that function in a vacuum, we’re increasingly designing members of a larger ecosystem.” Tamburini states, “now we have to think of how the product will have to connect to other products and how they will collectively perform a function.”

    Part of that risk is that should those devices malfunction, either deliberately as part of a botnet or malware attack, or accidentally as we saw with the connected home being disabled due to a defective smart lightbulb flooding the network with error messages, then the wider community may be affected in ways we may not expect.

    Cerf believes it’s going to take a big, catastrophic hack on a grand, connected scale before a shift in security begins to happen, and before people begin to even consider that such a vulnerabilities even exist.

    If that’s the case, it will be that society has ignored the clear warning signs we’ve seen from events like the Jeep hack and the Stuxnet worm, not to mention the massive privacy breaches at Target and Sony. For designers of these systems hardening them is going to be an essential part of making them fit for today and the future.

    Similar posts:

    • No Related Posts
  • Apple CEO Tim Cook on Privacy and Profits

    Apple CEO Tim Cook on Privacy and Profits

    “Privacy is a fundamental human right”. A short, but sweet and fascinating, NPR interview with Apple CEO Tim Cook.

    Cook goes onto to avoid discussing the likelihood of Apple Cars and expounds the advantages of repatriating corporate profits back to the US, something we can expect cash rich companies like Apple to start agitating for after the next Presidential election.

    The interview, which is only eight minutes long, is well worth a listen as Apple positions itself against competing internet giants Google and Facebook over the topic of privacy.

     

    Similar posts:

    • No Related Posts
  • Experian, T-Mobile and third party security risk

    Experian, T-Mobile and third party security risk

    Another day, another corporate security breach (or six). This time telco T-Mobile has revealed up to 15 million customers’ data has been compromised.

    Notable in this story is that T-Mobile are firmly putting the blame on credit monitoring company Experian.

    For both companies this is extremely embarrassing with T-Mobile stating, “our vendors are contractually obligated to abide by stringent privacy and security practices, and we are extremely disappointed that hackers could access the Experian network.”

    T-Mobile, like most telcos, sees a major opportunity in being a trusted provider of security services and this setback hurts them in a key market.

    Experian on the other hand have shown their slack attitude to user data previously, having been caught selling consumer details to identity thieves.

    That a company in such a privileged position as Experian can be constantly caught this way will almost certainly increase the push to see penalties for corporate data breaches start to get real teeth and the United States’ cavalier attitude to public privacy and online security will take another dent.

    For T-Mobile and most other companies, the lesson is start and clear. Trust starts with your own contractors and business partners, it cannot be outsourced.

    Similar posts:

    • No Related Posts
  • The need for an IoT manifesto

    The need for an IoT manifesto

    Last May at the ThingsCon conference in Berlin a group of European designers came together to form the IoT Manifesto.

    Now vendors have the ability to put a chip into almost anything companies and designers are tempted to add connectivity simply for the sake of doing so.

    In many cases this is opens up a range of security risks ranging from the screaming baby monitor to the hackable jeep.

    Coupled with the security risks of your intimate devices being hacked there’s the related privacy risks as millions of devices collect data ranging from how hard you press your car’s brake pedal through to last time you burned your breakfast toast.

    In an era where governments and businesses are seeking to amass even more information about us, there are genuine concerns about what that data is going to be used for and why it is being collected in the first place.

    The IoT manifesto looks to manage these problems facing the sector through ten guiding design principles;

    1. Don’t believe the hype around the IoT
    2. Only design useful things
    3. Deliver benefits to all stakeholders
    4. Keep everything secure
    5. Promote a culture of privacy
    6. Gather only a minimal amount of data
    7. Be transparent about who that data will be shared with
    8. Give users control over their data
    9. Design durable products
    10. Use the IoT and its design to help people

    All of the principles are laudable and it’s not hard to think that meeting the guidelines would make devices and services that aren’t just useful and safe but also simpler, cheaper and more effective.

    There’s many ethical, business and safety issues facing the Internet of Things as connected devices rollout across almost every industry. The IoT Manifesto may well be a good framework in which to design them and the cloud services they’ll depend upon.

    Similar posts:

    • No Related Posts