Tag: internet of things

Locking down the firmware of the internet of things

As the smart devices become common in our homes, cars and workplaces suppliers will have to do more to secure their software.

There’s a fundamental problem with smart devices warns Kim Zetter and Andy Greenberg in Wired magazine.

In Why Firmware Is So Vulnerable to Hacking, and What Can Be Done About It, Zetter and Green look at the problem with the embedded software that is shipped with every computerised device from Personal Computers to smart sensors.

The problem with firmware is that it’s difficult to check it’s not been changed, awkward to upgrade and complex to find, the Wired piece mentions how even the batteries in Apple laptops have vulnerable software embedded into their chips.

As the smart devices become common in our homes, cars and workplaces suppliers will have to do more to secure their software.

The IoT’s shaky security

Analysis of the Samsung smart TVs data shows the Internet of Things has a long way to go.

Samsung’s spying TV sets attracted headlines that worried many people but until yesterday no-one had looked at exactly what data was being sent by the devices to Samsung.

Pen Test Partners looked at the data flowing too and from Samsung smart TVs and found that yes, the devices are listening and transmitted data back to their – and other company’s – servers.

That is pretty well what is expected, the real concern though is the quality of what’s being transmitted with Pen Test describing it as a mishmash of code with not even a gesture towards security, “what we see here is not SSL encrypted data. It’s not even HTTP data, it’s a mix of XML and some custom binary data packet.”

One of the concerns about the Internet of Things has been the quality and security of the data being transmitted, the Samsung TV shows both are lacking.

For the IoT to deliver the benefits it promises, connections need to be secure and data reliable. Right now it appears the vendors of consumer products aren’t delivering the basics necessary to make the technologies dependable.

Building the next Internet of Things network

Investment in French networking startup Sigfox shows the need for the IoT to develop new networks.

Earlier this week we looked at Cisco’s claim that Low Power Wide Area (LPWA) networks will handle much of the world’s mobile data traffic by the end of the decade.

French company SIGFOX showed how investors are looking at the opportunity in these systems with a $115 million funding round two days ago.

What’s particularly notable about SIGFOX’s investors is how many of them are telcos themselves with Spain’s Telefonica, Japan’s NTT DoCoMo and South Korean SK Telecom being key shareholders.

Along with the telcos, who SIGFOX hopes will help them expand their footprint outside Spain, France, the UK and the Netherlands, there’s also a collection of industrial companies including Air Liquide and infrastructure giant SDF Suez.

That a diverse range of companies are moving into the LPWA market shows how important the stakes are for providers in securing a position in the the technologies that will define the Internet of Things as industries brace themselves for the massive rollout of connected devices.

Connecting motor bikes to the IoT

Intel and BMW’s connected bike helmet show what’s possible with smart vehicles

One of the obvious applications for smart devices is in motorbike helmets; an article in Intel’s Free Press website describes how they may work in a prototype setup on a BMW BMW R1200GS bike.

The smart helmet, which uses an Intel Edison system, is different from current add on systems in that it directly communicates with the bike’s internal electronics giving a rider a deeper level of control.

“If you need directions, say ‘take me home’ and it’ll queue up directions and give them over audio. But if there isn’t enough gas, then it will redirect you to a gas station first because it can read the bike’s remaining fuel range,” explains Moyerman. “It will also do smart navigation, so if a blind turn is approaching, it’ll give you warning to slow down.”

Creating the prototype isn’t simple as each manufacturer has its own control language, a common problem in retrofitting Internet of Things functions onto devices not designed to connect to a network.

“Putting together a system like that is much more complicated than plug and play. Every vehicle maker has its own data language, which means that there’s no universal standard to interpret the data. The team at Intel worked with BMW’s Bay Area group to translate a R1200GS adventure motorcycle’s own language from the CAN bus (controller area network) to Edison, which then sends it to the smartphone via Bluetooth.”

The same challenge faces car manufacturers as well which increases the risks of vehicle owners being locked into a certain manufacturer’s ecosystem – for instance, buy a BMW and be locked into the Apple HomeKit system.

Regardless of the compatibility problems, we’re increasingly going to see these technologies included with common household items. That many of them are voice activated should give those concerned about the privacy of Samsung smart TVs some pause for thought.

Dispelling the internet of snoops

For the Internet of Things industry the task now is to convince the public their devices are trustworthy, stories like the Samsung TV snooping on people isn’t going to help their efforts.

Last October New York lawyer Michael Price bought a new TV and what he read in the accompanying paperwork disturbed him.

In “I’m terrified of my new TV: Why I’m scared to turn this thing on” Price described how Samsung’s privacy policy worried him, particularly the way the voice recognition data was handled, “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.”

Disgraced former CIA director David Petraeus told a venture capital conference in 2012 that security agencies will track people through their dishwashers and Price pointed out a smart TV listening to a room’s conversations fits Petraeus’ vision nicely.

At the time of its publication at the end of October Price’s story received some coverage among the information security, privacy and internet of things community then sank until last weekend when a tech site picked it up.

At that stage, the story took on a new life with media outlets around the world running stories on how Samsung TVs are spying on customers.

For Samsung the story is was major embarrassment and they were quick to point out they don’t actually collect data.

To be fair to Samsung, they aren’t alone in having products that can listen to their users; almost every voice activated device has this capability and we can expect everything from smartphones to TVs and connected cars to be able to record voice and, through cameras, our movements.

The marketing and social media industries, like General Petraeus, are enthusiastic about the surveillance opportunities of these devices; Facebook’s  Share and Discover feature for instance opens the microphone when a user starts typing an update to determine what music is being played.

In the internet of things, it’s not just a smart TVs microphone that’s a potential problem as pretty much every connected device is generating information that can be used by government agencies, insurance companies and plaintiffs to track hapless users.

Collecting this data also presents a range of risks beyond subpoenas from government agencies and angry litigants, for the vendors of smart devices there is also the problem of complying with various privacy rules, securely storing customers data and ensuring their business partners also respect user information.

Samsung tried to manage this risk by adding a ‘don’t say stuff near our TV’ clause in the term and conditions, something that backfired dramatically and illustrates the impossibility of managing risk out of your business.

While companies will struggle with the legalities of capturing massive amounts of customer data, the public in general have to face the risks of allowing everything from their kettles to their cars collecting information on them.

The predicament for users is that turning off the ‘smart’ functions – assuming that is possible – remove much of the device’s functionality so the trade off between convenience, security will be a difficult compromise for many people.

For the Internet of Things industry the task now is to convince the public their devices are trustworthy, stories like the Samsung TV snooping on people isn’t going to help their efforts.

Links of the day: Connected cars and fast trains

CES, Connected cars, fast trains and copyright laws are today’s links

The Consumer Electronics Show in Las Vegas kicks off today with thousands of product announcements at what is by far the biggest technology convention in the world. No doubt news from the show is going to dominate the tech media for the rest of the week.

One of the biggest fields for tech vendors at CES will be Internet of Things with connected cars being in the spotlight with both BMW and General Motors leading the way.

GM unveil their connected car of the future

For some years GM have offered a connected car service with their OneStar system. At this year’s CES they’re showing how they intend to extend the service with more integrated social and navigation services.

Driving the crashless car

While we fixate on the driverless car of the future, the next few years are going to see the technologies be incrementally introduced into our motor vehicles. A good example of this is BMW’s Active Assist that CNET writer Wayne Cunningham claims he could not crash.

The story points out Active Assist isn’t affordable in today’s cars but undoubtedly much of this technology will be standard in many automobiles by the end of the decade.

California starts work on its high speed railway

Cars aren’t the only thing in the news with California turning the first soil in its Los Angeles to San Francisco high speed railway.

This troubled project has been years in the making and it’s not expected to be completed until the end of the next decade at a cost of over 60 billion dollars. An interesting aspect in the story is how communities in California’s Central Valley region are pinning their hopes of an economic resurgence from the project.

 

Google takedown notices explode

While cars and trains are being reinvented, the entertainment industry is still struggling with its disruption. Torrent freak reports Google is being overwhelmed with movie industry take downs notices.

As the story suggests, this campaign is hurting Google’s relationship with the movie industry.

Building safer roads and cars

While driverless cars are a way off, technology is making the roads safer

Yesterday’s blog post considered how we might design a driverless car without the legacies of today’s vehicles.

In the meantime we have to deal with our own human failings on the road and already tomorrow’s technologies are helping us drive better today.

The day when driverless cars are the norm on our roads may be a generation, possibly further, away but many of the technologies that make autonomous vehicles possible are available today and are appearing in many new models.

Last year the MIT Technology Review looked at BMW’s driverless car project and made the point that the technologies are still some years away from being adopted, the features being incorporated in today’s vehicles are already reducing accidents.

Thanks to autonomous driving, the road ahead seems likely to have fewer traffic accidents and less congestion and pollution. Data published last year by the Insurance Institute for Highway Safety, a U.S. nonprofit funded by the auto industry, suggests that partly autonomous features are already helping to reduce crashes. Its figures, collected from U.S. auto insurers, show that cars with forward collision warning systems, which either warn the driver about an impending crash or apply the brakes automatically, are involved in far fewer crashes than cars without them.

This fits in with the vision described last year by Transport For New South Wales engineer John Wall who described how Australian roads can be made safer through the use of smarter cars, roadside sensors and machine to machine technology.

As the MIT story illustrated, many of the technologies Wall discussed are being incorporated into modern cars with most of the features needed for largely autonomous driving being common by 2020.

Comparing smart car technologies

Like many of the things we take for granted in low end cars today most of the advanced features will be appearing in top of the line vehicles initially, we can also expect the trucking and logistic industries to be early adopters where there’s quantifiable workplace safety improvements or efficiency gains. Eventually many of these features will be standard in even the cheapest car.

One thing is certain, while the driverless car is some way off we’re going to see the roads become safer as new technologies are incorporated into cars.

Designing the self driving car

Does a driverless car need to look like the vehicles we’re used to?

“It certainly looks like an engineer designed it,” was one of the first reactions to Google’s announcement of its first full prototype self driving car.

Certainly Google’s driverless vehicle looks odd, sort of like an overgrown carnival dodgem or an cartoon character police car.

One of the interesting aspects of the driverless car is that many features into today’s automobiles aren’t necessary if you don’t have a driver – the obvious aspects being that a steering wheel, handbrakes and dashboard displays become unnecessary.

Google have a video from earlier in the year showing the design and unveiling of the prototype. One of the fascinating aspects of the new device is how Google propose it can empower the sight impaired and disabled.

The prototypes are stripped down vehicles with only a top speed of 25mph, with only two seats and little, if any luggage space. As the Oatmeal reports, riding in them is a little boring after the first few minutes.

Looking at the Google vehicles it’s difficult not to think we could design something radically different if we moved away from our own prejudices of what a car should look like.

At the beginning of last century, motor cars looked similar to the horse carts that were the standard transportation of the day; it was only in the 1930s the automobile fully took the form we recognise today.

So it’s worth considering how we can optimise these vehicles to meet our needs and comfort rather than build them around the requirements of Twentieth Century technologies and usage.

Tomorrow’s driverless cars will probably look very different to today’s vehicles and similarly our communities will adapt to a very different way of travelling. We will almost certainly find our cities will be very different when the driverless car becomes the norm.

We need to think how to design them for that future, however far away it may be.

At the mercy of machines

Automation and algorithms are changing business but they are not without risks

Automation is the greatest change we’re going to see in business over the next decade as companies increasingly rely upon computers to make day to day decisions.

Giving control to algorithms however comes with a set of risks which managers and business owners have to prepare for.

Earlier this week the risks in relying on algorithms were shown when car service Uber’s management was slow to react to a situation where its formulas risked a PR disaster.

Uber’s misstep in Sydney shows the weaknesses in the automated business model as its algorithm detected people clamouring for rides out of the city and applied ‘surge pricing’.

Surge pricing is applied when Uber’s system sees high demand – typically around events like New Year’s Eve – although the company has previously been criticised for alleged profiteering during emergencies like Hurricane Sandy in New York.

In the light of previous criticism, it’s surprising that Uber stumbled in Sydney during the hostage crisis. Shortly after criticism of the surge pricing arose on the internet, the company’s Sydney social media manager sent out a standard defence of surge pricing.

That message was consistent with both Uber’s business model and how the algorithm that determines the company’s fares works; however it was a potential disaster for the business’ already battered reputation.

An hour later the company’s management had realised their mistake and announced that rides out of Sydney’s Central Business District would be free.

User’s mistake is a classic example of the dangers of relying solely on an algorithm to determine business decisions; while things will work fine during the normal course of business, there will always be edge cases that create perverse results.

While machines are efficient; they lack context, judgement and compassion which exposes those who rely solely upon them to unforeseen risks.

As the Internet of Things rolls out, systems will be deployed where responses will be based upon the rules of predetermined formulas.

Businesses with overly strict rules and no provision for management intervention in extreme circumstances will find themselves, like Uber, at the mercy of their machines. Staking everything on those machines could turn out to be the riskiest strategy of all.

Towards the future mobile network

The 5G mobile communications standard is as much a vision for the society of the future as that of technology standards

What will the next generation of smartphones look like? Earlier this week the GSM Association released their roadmap for the future 5G network standard, the next generation of mobile communications that will start appearing towards the end of this decade.

The GSMA is the peak global telco industry body which includes amongst its membership most of the world’s telephone companies and the vendors who manufacture the network equipment, so the organisation’s view is a good representation of the industry’s long term vision.

Much of the future standard is actually an amalgam of existing technology and concepts such as heterogeneous networks where phones and mobile internet of things devices can switch from the phone network to private WiFi systems without users noticing the handover.

The GSMA sees eight main areas for the 5G standards;

  • data rates of 1Gbps down
  • latency of less than one millisecond
  • network densification in determining base station locations
  • improving coverage
  • making networks more availabile
  • reducing operating costs
  • increasing the field life of devices.

That latter point is particularly pertinent as battery life remains a major concern for smartphone users and getting power to internet of things devices is one of the greatest barriers to adoption.

With the 5G standard not expected before the end of the decade, it’s hard to imagine how much technology may have changed in that time, something the GSMA acknowledges; “Because 5G is at an early stage there may be many use cases that will emerge over the coming years that we cannot anticipate today.”

The report though does try to anticipate some of the applications we may see the 5G standard driving such as autonomous vehicles, cloud based offices and augmented reality technologies. All of these though are advancing rapidly under the existing fixed line, 3G and 4G telco networks.

For the moment rolling out the 4G standard remains the industry’s main game with the existing technology only making up five percent of the world’s mobile connections at present. This is the area the GSMA sees as being the big opportunity over the rest of the decade.

In another report the GSMA claims the 4G rollout in Europe, currently at less than 10% of connections but expected to be over half by 2020, will drive economic growth on the continent.

The mobile industry is playing a central role in supporting economic activity and recovery in the region, contributing 3.1 per cent to Europe’s gross domestic product (GDP) in 2013, equivalent to EUR433 billion4, including EUR105 billion generated directly by mobile operators. By 2020, it is estimated that the industry will generate a total economic value of EUR492 billion.

There’s no doubt telecommunications networks are to the 21st Century what the highways were to the Twentieth and the railways to the nineteenth. As with the construction of previous century’s networks one of the big challenges will be raising the capital to build the systems and making wise investment choices.

For the developing world raising the capital required for those networks might be the hardest task of all, however for those countries and regions not making the investments may leave them further behind the western nations than they are today.

Ultimately what eventually is included in the 5G standard will reflect many of the political and economic realities of the next five years; no international standard is free from political or commercial influences during its drafting. The job for the standards bodies is not to get left too far behind market or technological advances.

In describing a vision for the sector’s future the GSMA 5G report lays out many of the opportunities and challenges facing the telecommunications industry over the rest of the decade. With these technologies becoming the centre of our working and home lives, what happens won’t just determine what smartphone we own in 2020 but the shape of our societies.

 

Rigging the Internet of Things

The Internet of Things offers many new opportunities for hackers

Hackers are infiltrating public companies to gain an edge on Wall Street warns a story on financial website Finextra.

This is not news, companies’ networks have been the target of insider traders since the early days of corporate computing. What is different today though are the nature of the risks as Chinese and even North Korean hackers are probing networks containing vast amounts of information to find weaknesses and confidential information.

For insider traders, it may be the internet of things turns out to be a boon. By hijacking delivery or supply data, traders may have an advantage over the market.

Things could get very nasty if those hackers subtly alter the data, say over reporting production yields, so a company gives the wrong income guidance based on faulty information.

Security is one of the big issues facing the internet of things sector and the consequences of poorly protected sensors or systems could be immense when governments, businesses and communities come to rely on a stream of data they can trust.

The bad guys are only just starting to explore the possibilities of the connected world.

Where will the jobs come from? ABC Nightlife radio

The future of work in an age of robots and algorithms is this month’s Nightlife technology radio spot

If you missed the program it’s available from the Soundcloud site.

Paul Wallbank joins Tony Delroy on ABC Nightlife across Australia from 10pm Australian Eastern time on Thursday, November 27 to discuss how technology affects your business and life.

Last week a US company showed off its robotic security guard, with the boast it costs less than half the wages of a human officer. It isn’t just security guards, baristas or taxi drivers, many knowledge based jobs — from call centre workers to lawyers — can be done by computer programs, or algorithms.

Even the building industry isn’t immune from the robots as 3D printing moves into making houses by squeezing concrete out of computer controlled nozzles.

In almost every occupation technology is changing the way we work and reducing the number of workers needed to do a job. So where next for employment in the Twenty-first Century?

Meet the K-5 robot security guard

For this month’s Nightlife we’ll be discussing how the robots and algorithms are taking over the workplace and what this means for our communities and businesses.

Join us

Tune in on your local ABC radio station from 10pm Australian Eastern Summer time or listen online at www.abc.net.au/nightlife.

We’d love to hear your views so join the conversation with your on-air questions, ideas or comments; phone in on 1300 800 222 within Australia or +61 2 8333 1000 from outside Australia.

You can SMS Nightlife’s talkback on 19922702, or through twitter to @paulwallbank using the #abcnightlife hashtag or visit the Nightlife Facebook page.