Success, Safety of IoT Relies on People, Not Companies

Success, Safety of IoT Relies on People, Not Companies

 "Happens all the time, man. They're falling out of the skies like flies. Government knows all about it,." – Palmer, "The Thing," Universal Pictures, 1982

You're thoughtful, cautious and savvy when it comes to picking a mate, choosing a new job/career and picking the restaurant where you're going to have dinner this evening.

Then someone offers you free email and 10TB of storage or a discount on your car insurance, or a reasonably priced band that will help you lose weight/regain your health or a thermostat that will slash your heating bill and you say "That's cool, I'm in."

Welcome to the wide, wonderful world of IoT (Internet of Things).

It's huge and getting huger!

According to IDC, there are about 14.5B devices/things connected to the Internet and each other. By 2025 there will be 27B––roughly eight for every person on the planet.

By then, every product manager worth his/her salt won't even think about introducing something unless it has a sensor in it so it will be part of the nearly $487 billion market.

 

 

Insert alt text here

 

 Money Everywhere – By connecting everything with intelligent sensors, there is a huge promise of making life easier/better for people. Best of all, it will be big business for people who sell connected things. 

Whether it's a toothbrush, bottle of bourbon, washer/dryer, mobile device, workout gear, cereal box, bed, walker, skateboard, personal pleasure device, light bulbs, dolls/toys, traffic signals, whatever; if it doesn't have a sensor and isn't collecting useful information for you, it isn't worth having.

Manufacturers and service providers agree, hawking IoT with stellar examples:

  • Assisted living for the aged and infirm
  • Energy conservation, convenience at home
  • Driving fuel efficiency, few/zero highway deaths
  • Quick turnaround manufacturing, lower production costs
  • More satisfied customers

Who can argue with those benefits?

One thing is for certain, intelligent devices will be an integral part of your life!

Insert alt text hereSource - CBS

 Added Intelligence – Whether it's an intelligent toothbrush, washer or car, engineers are working aggressively to add connectivity to their products/services to simplify and enrich people's lives.

You're no longer simply monitored/followed as you surf the web.

Google, Facebook, Snap(chat), LinkedIn, TikTok, and oh hell, every company rubbed their hands together when they heard there will be at least 30 devices for each and every social network user ... in the world.

Using a wide range of software, marketers track consumers to better understand when they open a mobile app, watch content, stand near a digital sign, shop, drive and work out. Then, they compare online/offline data to ultimately link back to the individual consumer.

In the language of firms that track consumers, they use anonymous identifiers and hashed PPI (personally identifiable information).

And if you think the IoT market is huge (Gartner projects a $480B market by 2025), it's difficult to even wrap your head around the volume of data that is gathered. Big data and storage folks talk in terms of zettabytes, yottabytes, brontobytes, even geophytes.

Trust me, it's big.

At a recent workshop, FTC Chairwoman Lina Kahn noted that tracking isn't new, but the way data is collected, compiled, stored and analyzed is.

It's such a task that firms like Nugit are being funded to use AI to make sense of the big data.

McKinsey & Company noted that the data is in most demand for real–time marketing:

  • 95 percent –– Customer insights, including customer behavior, needs and preferred modes of interaction
  • 93 percent –– Customer support
  • 92 percent –– Efficiencies
  • 91 percent –– Product performance
  • 88 percent –– Customer relationships
  • 87 percent –– Revenue

 

Insert alt text here

 Getting Ready – Marketing is busy pushing engineers to add intelligence to their products/services to gather information about what consumers want and need to increase sales.

It's no wonder every company is rushing to develop an IoT product, service, app.

But there's a little problem in the development of most of the software used in the IoT device.

Folks don't really write the software – the 1s and 0s. They use modular, reusable code blocks that have been passed down through the ages.

 

Insert alt text here

 Software Bugs – To speed the development of apps, program developers don't write original code but use building blocks that have been passed down from earlier programmers. Long dormant software bugs provide tempting opportunities for hackers to exploit.

Somewhere back in ancient history, when the building block(s) were first developed, there was an error (bug) that didn't cause any real problem, so no one fixed it. They just reused the building block ... again, and again, and again.

The source code for Mirai, the malware was used to carry out the largest DDoS (Distributed Denial of Service) against Brian Krebs' KrebsOnSecurity website.

Mirai used Telnet that has been around like forever and is used in one form or another by nearly every software builder.

Mirai took the Krebs on Security site dark for days, until Brian got to the root of the problem and solved it.

Another IoT launch issue is that engineering and product development are under pressure to get the product out yesterday.

That means getting it together quickly, do a quick test, release it to the world and fix problems when folks discover them.

 

Insert alt text here

 Fix it Later – The pressure to release products quickly often means product review and testing gives way to deadlines. When/if problems are found by the customer, patches can be developed and applied.

In other words, write a patch for that specific problem. When someone – customer/bug finder –discovers another problem ... patch it!

Of course, to do that they can:

  • Send you a note and say, "hey this is important, download it and install it!" People hardly ever do it. Trust me!
  • Plan ahead and install a backdoor that they can use to enter the system and install the fix automatically for you. Cool! Except "others" also find the key and come in as well. Okay, not cool.

Since the IoT market is so hot and everyone is rushing to be the first, different, best in the marketplace, marketing keeps the pressure on product development and functionality takes top priority.

Time to market is tight so security measures are pushed to the bottom of the development cycle. Often it's dropped because face it, security isn't a super cool feature and we're talking sex and sizzle here!

In other words, security has taken a back seat to turning out products.

 

Insert alt text here

 Connected World – Intelligent devices can be connected to gather and share information on processes and activities to speed services, reduce costs and improve profits. 

But it doesn't really matter because while former CIA director Davit Petraeus predicted that IoT would transform surveillance techniques, we're talking about trying to put all the pieces together so they all work ... flawlessly.

You know – big data, cloud, billions of devices (IoT and M2M), the network fabric, communications standards, storage/analytics and ... oh cripes, everything!

Then you add AI capabilities to everything to solve the problem but it's pretty busy doing its thing.

And someone has to ensure privacy, secure communications and ease of use.

It might be possible as long as the user isn't involved in any way, shape or form because once that happens ... BAM!

 

Insert alt text here

 Personal Cloud – Increasingly, people live in the cloud; posting information, activities and photos on an ongoing basis to share with others. Unfortunately, that information can also be shared with people who want to leverage personal data for private gains.

Thanks to AI, IoT devices and services, it won't be long, and every aspect of your life will be digitally observed––and stored.

Guess who's interested.

Yep. hackers, whackers, cybercriminals and unauthorized users.

As Abdullahi Arabo, of the UK's University of Oxford wrote, your devices are a great place to get information and not be interrupted, "In reality, our smart devices hold more information than our brains, making them very attractive targets."

Hackers can access health–monitoring devices, spy on kids who have connected dolls, gather info with chip–embedded hot water kettles and listen in on conversations in front of your connected TVs. Malware can be downloaded to your device from infected websites.

Sure, people are concerned.

 

Insert alt text here

 Privacy – While folks feel private information should remain private, many will willingly share bits and pieces of information for added services, expecting that information to remain safe and secure. 

But still, folks can't help themselves.

They've gotta' have the latest connected device(s):

  • Smart TV
  • Internet connected camera
  • Smart mobile device(s)
  • Connected car
  • Wireless fitness band
  • Connected stereo
  • Sensor enabled employee ID
  • Connected home alarm
  • Smart meter
  • Connected toys
  • Smart watch
  • Smart scale
  • Connected garage system
  • Connected health monitors
  • Connected door locks
  • Connected baby monitors
  • Connected kitchen devices
  • Connected connected

And folks' lives are online:

  • Birth date
  • Photos
  • Email address
  • Home address
  • Running dialogue of activities
  • Groups they belong to
  • Cell, home phone
  • Personal videos
  • Religious, political affiliation

Lina Kahn, FTC (Federal Trade Commission) chair noted, "That data trove will contain a wealth of revealing information that, when patched together, will present a deeply personal and startlingly complete picture of each of us."

Symantec's recent research bulletin said, "Poor security on many IoT devices makes them soft targets, and often victims may not even know they have been infected. Attackers are now highly aware of lax IoT security and many pre–program their malware with commonly used and default passwords."

While we may not be able to defeat hackers and cybercrime, the former director of the FBI's crime and cybercrime response unit said recently that we owe it to future generations to avoid completely mismanaging the issue to make it worse to deal with in years to come. Brian Russell, CSA's (Cloud Security Alliance) IoT chair added that "The IoT will never be truly secure."

It doesn't mean we have to be stupid. We can do better.

Insert alt text here

 

Source - "The Thing," Universal Pictures

As MacReady said, "I know what you mean. Trust's a tough thing to come by these days."

Don't worry. We'll get right on it ... later.


Andy Marken – andy@markencom.com – is an author of more than 800 articles on management, marketing, communications, industry trends in media & entertainment, consumer electronics, software, and applications. An internationally recognized marketing/communications consultant with a broad range of technical and industry expertise especially in storage, storage management and film/video production fields; he has an extended range of relationships with business, industry trade press, online media, and industry analysts/consultants.

Imagine Products Integrates ShotPut Pro and TrueCheck With Frame.ioMedia Collaboration Hubread more

16-Dec-19

Result Is Orders-of-Magnitude Improvement to Workflows for Offloading, Transcoding, and Uploading of Media Files

Anevia Drives Expansion of Argentinian OTT TV Serviceread more

16-Dec-19

One of Argentina’s leading telecommunication service providers has renewed its trust in Anevia, a leading provider of OTT and IPTV software solutions, for the expansion of its multiscreen TV service.

TVkey Cloud, developed by NAGRA and Samsung, wins Pay-TV Service Innovation of the Year at the VideoTech Innovation Awardsread more

16-Dec-19

• TVkey Cloud, recognized by industry leaders as “a much better way to watch television”, brings secure premium pay-TV services directly to Internet-connected smart TVs quickly and efficiently – no external device needed • For consumers, TVkey Cloud enables instant activation out-of-the box and direct access to pay-TV services and their favorite OTT apps • For operators, TVkey Cloud enables lower acquisition costs, extended reach to a new consumer segment and an operator-branded aggregated viewing experience on smart TVs