Paul Wallbank – Brilliant Communications

Tag: safety

  • Keeping the IoT simple and safe

    Keeping the IoT simple and safe

    Ten years ago a joke going around was “what if Microsoft built cars?” The answer summed up the frustrations users had with personal computers and the differences in engineering standards between traditional industries and that of the IT sector.

    As we enter the Internet of Things era, that tension between consumer devices and good engineering continues as shown by a software bug that rendered Nest thermostats useless.

    That poor software would drain the battery without warning the user, illustrates how poorly designed many of these devices are.

    Ironically Nest’s owners, Google, held a conference earlier this week where the company’s leaders flagged the importance of standards, security and privacy.

    In a call to action for the IoT industry, Google’s lead advocate Vint Cerf, also known as one of the “fathers of the Internet,” warned that compatibility, security, and privacy could be obstacles to the IoT’s success.

    Reliability is also important, particularly when talking about safety and security – Nest also make carbon monoxide detectors – where a device crashing or failing can have terrible consequences.

    At present most of the Internet of Things is about the gimmick of connecting devices to the cloud and controlling them from your mobile phone. Consumers are not going to embrace IoT products if they add cost, complexity and risk to their lives.

    Keeping it simple and safe are probably the most important things designers of IoT devices can do.

    Similar posts:

    • No Related Posts
  • Designing a secure IoT ecosystem

    Designing a secure IoT ecosystem

    Ensuring the next generation of IoT devices is secure and a good citizen of the wider ecosystem will be one of the challenges facing the next generations of designers.

    Diego Tamburini, Manufacturing Industry Strategist of design software company Autodesk, spoke to Decoding The New Economy about how the IoT will change the design industry. “We’ve been designing equipment to connect to the internet for a generation,” he said. “What’s changing is that now the addition of software, electronics, networking and communication is breeding into objects that were purely mechanical.”

    Melding the physical and software worlds doesn’t come without risks however, something that worries Internet pioneer Vint Cerf who foresees headlines like ‘100,000 fridges hack the Bank of America’ in an interview with Matthew Braga of Motherboard Canada.

    Apart from the fact it could be a hundred million, Cerf has good reason to be worried. Most consumer IoT devices are hopelessly insecure and the recent stories of hacked cars only emphasises the weaknesses with connected household items.

    Cerf and Braga make the point the ‘I Love You’ worm of the year 2000 became a crisis because the world had reached the point where personal computers were ubiquitous. A similar piece of malware in a world where everything from kettles to wristwatches are vulnerable would be exponentially worse.

    These risks put a great onus on product designers, even more so given much of the functionality is based upon those devices communicating with others across the internet and cloud services, something that Tamburini emphasised.

    “One important thing that is happening with thing being connected is we are not just designing things that function in a vacuum, we’re increasingly designing members of a larger ecosystem.” Tamburini states, “now we have to think of how the product will have to connect to other products and how they will collectively perform a function.”

    Part of that risk is that should those devices malfunction, either deliberately as part of a botnet or malware attack, or accidentally as we saw with the connected home being disabled due to a defective smart lightbulb flooding the network with error messages, then the wider community may be affected in ways we may not expect.

    Cerf believes it’s going to take a big, catastrophic hack on a grand, connected scale before a shift in security begins to happen, and before people begin to even consider that such a vulnerabilities even exist.

    If that’s the case, it will be that society has ignored the clear warning signs we’ve seen from events like the Jeep hack and the Stuxnet worm, not to mention the massive privacy breaches at Target and Sony. For designers of these systems hardening them is going to be an essential part of making them fit for today and the future.

    Similar posts:

    • No Related Posts
  • What happens when software is wrong

    What happens when software is wrong

    The Las Vegas Review Journal yesterday told the story of Wayne Dobson, a retiree living to the north of the city whose home is being fingered as harbouring lost cellphones thanks to a software bug at US telco Sprint which is giving out the wrong location of customer’s mobile devices.

    While it appears funny at first the situation is quite serious for Mr Dobson as angry phone owners are showing up at his home to claim their lost mobiles back.

    Making the situation even more serious is that 911 calls are being flagged at coming from his home and already he has had to deal with one police raid.

    While the local cops have flagged this problem, it’s likely other agencies won’t know about this bug which exposes the home owner to some serious nastiness.

    That a simple software bug can cause such risk to an innocent man illustrates why we need to be careful with what technology tells us – the computer is not always right.

    Another aspect is our rush to judgement,  we assume because a smartphone app indicates a lost mobile is in a house that everyone inside is a thief. That the app could be wrong, or we don’t understand the data to properly interpret it, doesn’t enter our minds. This is more a function of our tabloid way of thinking rather than any flaws in technology.

    The whole Find My Phone phenomenon is an interesting experiment in our lack of understanding risk; not only is there a possibility of going to the wrong place but there’s also a strong chance that an angry middle class boy is going to find himself quickly out of his depth when confronted by a genuine armed thief.

    For Wayne Dobson, we should pray that Sprint fixes this problem before he encounters a stupid, violent person. For the rest of us we should remember that the computer is not always right.

    Similar posts:

  • Ending the era of the computer password

    Ending the era of the computer password

    Earlier this year, Wired Magazine writer Mat Honan had his entire digital identity stolen from him when hackers cracked his email password and then systemically took over all of his cloud and social media accounts.

    Matt writes of his experience on Wired and proposes it’s time to kill the password.

    The problem with Mat’s proposal is that he doesn’t suggest an alternative.

    The age of the password has come to an end; we just haven’t realized it yet. And no one has figured out what will take its place.

    Every alternative authentication method to passwords has flaws just as serious, if not worse. Many are plainly impractical.

    All of them, including passwords, have the common weakness that those holding the information can’t be trusted either – one of the greatest ways for passwords to get into the wild is when incompetents like Sony give them away.

    Security is evolving, in the meantime we need to keep in mind some basic rules.

    • Use different passwords for different accounts
    • Only access accounts from trusted and up-to-date computers
    • Create strong passwords for accounts that matter, like online banking and email
    • Strong passwords are multiword phrases
    • Use two-factor authentication if its available
    • Don’t link unnecessary social media and cloud accounts together
    • Be very careful

    We should also remember that a skilled, motivated hacker will probably break into your account regardless of your computer security. In this respect it’s no different to the physical world where a determined criminal will get you regardless of the locks and alarms on your house.

    It’s also important to remember that security is more than just evil hackers; data can be damaged or given away by a whole range of means and people breaking into systems is only one risk of many.

    Computer security is an evolving field and while it might be premature to declare the password dead, we’re going to see big changes as we try to lock down our valuable digital assets.

    Similar posts:

  • Facebook and Families

    Facebook and Families

    As the Internet has become a normal part of our family lives, social media services like Facebook are becoming important in the way people, particularly our kids, socialise and communicate.

    Most of this web use is positive however there are risks with these online tools so we do need to know how to manage social media services and reduce any problems we may have in our families and businesses.

    Understand the risks

    Facebook is an online service and all web based platforms share the same risks such as stranger danger, bullying, fraud and offensive behaviour – both kids and adults need to understand the risks.

    A good start is sitting down with younger kids and using some of the online resources available, the US Virginia Department of Education has a good interactive presentation on online safety.

    For Australian specific content, the Federal government’s Cyber Smart website offers advice to families at all ages; from grandparents to kids.

    Respect the rules

    All online services have rules that govern behaviour, one of the most common is a restriction on under 13s. This is partly because of the US COPPA law that restricts websites and social media services from advertising to children.

    Of the other rules that can cause problems Facebook has bans on hate speech and an almost pathological obsession with nudity. It pay to read the terms and conditions so you know what is acceptable.

    Under 13s should not use Facebook

    While for many kids Facebook is the way to talk to their friends online, parents should resist the pressure to sign their kids up until they are of the legal age.

    Regardless of what you think of the rules, many kids don’t have the maturity of to understand or deal with the issues of using social media sites. For that matter, neither do many adults.

    Should Facebook find out that an account is owned by a child under 13, they will shut it down immediately.

    Choose your friends carefully

    Everybody – kids and adults – should be cautious about friends they make online. Just accepting friend requests from anybody, or from those who look cute or cool, can lead to problems later.

    Set your privacy

    In Facebook you should set your default privacy settings to “Friends”. You can do this by clicking the arrow pointing down in the top right hand corner of the Facebook screen and selecting privacy.

    Having set your default privacy settings to Friends, you may want to further improve your privacy by continuing down the privacy screen and selecting functions like not allowing friends to post to your Facebook wall.

    Be careful what you like

    Liking products and pages can have consequences, at the very least others know what causes you’ve joined.

    Joining hate or bullying campaigns or pages is not a good look, so don’t do it if you think you may upset people around you.

    You are what you post

    Anything you put online is in writing against your name. If it’s going to upset people or cause trouble then don’t do it.

    In the United States one teenager found this out the hard way when her father discovered a Facebook post criticising him and her mother. He shot her laptop and then posted the video onto her Facebook page.

    Practice Safe Computing

    Services do get hijacked, so have strong passwords, up to date virus checkers and make sure the computer is fully up to date with security patches.

    Never share passwords with friends or siblings and use different passwords on each service so if Minecraft gets compromised, Facebook or email doesnt’ as well.

    Put computers in common areas

    Kids’ computers should be in common areas and use of any Internet enabled devices like iPods and mobile phones in places like bedrooms should be strongly discouraged.

    Be open to talking

    If anyone in your family seems to have a problem with computer use such as getting upset, socially withdrawal or acting unusually then talk to them. This happens with adults as well.

    One thing to remember is that punishing people, particularly kids, rarely works well with these technologies so it’s best to make it clear they won’t be in trouble if they come to you with a problem they are having on the net.

    It’s not just kids

    We have to remember its not just kids who get into trouble online, there’s no shortage of adults who have created problems for themselves and their families through irresponsible online behaviour. So parents need to watch their own social media usage as well.

    Should someone in your family be having a problem, then don’t hesitate to talk to the school, employer or Internet provider if there’s issues that need to be addressed.

    There’s lot of online services services and resources such as Cybersafe listed above. Also don’t hesitate to call any support lines such as Lifeline or Beyond Blue if you are seriously concerned about a family member’s wellbeing.

    On balance, the web and social media are positive influences on most people’s lives so by using commonsense and playing safely, the majority of families will avoid the really terrible stories we hear about online problems.

    Similar posts: