class: center, middle ## The "Internet of Things": Opportunities and Dangers Felix C. Stegerman `<flx@obfusk.net>` T-DOSE 2014 .small[2014-10-25] ??? * me + fsfe + booth + pc^3 * my own opinions --- class: center, middle  ??? * according to someone who can draw better than I can * image from wikipedia --- class: center, middle  ??? * what I want to talk about today * the IoT is around the corner * computers seem to be everywhere (pocket, desk, cloud) * will really be everywhere (environment, bodies) * what does this mean? * for us as software developers? * what are the dangers and opportunities when it comes to freedom, privacy, and security? --- ## IoT components .large[ * Sensors & Actuators * "Smart Things" * Smartphones & other Hubs * the Cloud * Robots & Drones ] ??? * sensors: A/V, molecular, ... * things: TVs, appliances, watches, pacemakers, ... * smartphones connect everything --- ## IoT applications .large[ * Building and Home Automation * Wearables * Medical and Healthcare Systems * Transportation * Infrastructure Management * Energy Management * Environmental Monitoring * Industrial Applications .lite[ (and Agriculture, Retail, Supply Chain) ] * "Smart Cities" <!-- --> * Extended Senses * Mixed Reality * Lifelogging Benefits for societies, businesses, and individuals. ] ??? * home: - lighting, heating, ventilation, air conditioning, appliances, - communication systems, entertainment and home security * med: - remote health monitoring, emergency notification systems - google glass + accelerometer -> heartbeat * transp: - infrastructure, vehicle, user; - cars, trains, planes; - smart traffic control * env: - water quality, atmospheric or soil conditions --- class: center, middle  ??? * smartphones & cloud at the center --- ### IoT Criticism and Controversies .large[ * Privacy, autonomy and control * Security (too often an afterthought) ] ### Trust, Control & Freedom .large[ * Who controls the computers? * Free Software! ] ### Important Issues .large[ * Public Safety / Human Life / Democracy * Accountability / Transparency / Reviewability * Incompetence vs Malice * The Human Factor * "Hacking Memories" * "Invisible" machine networks (M2M) ] ??? * priv: - spaces: public / privatized / private - where we are, what we do - invasive (not just "online") - behaviour & emotions - google glass: toilet (app) / hack to see * sec: - pacemakers, insulin pumps, traffic lights * "hacker mentality" - not guy w/ ski mask in dark -> NSA - but excellence, playfulness, cleverness and exploration - control, tinker, own * cars: - recently in the news: security afterthought (for simplicity/reliability) But security is too often an afterthought (if that). Now that the IoT is around the corner, security is not just something that impacts those beige boxes on our desks -- or the smartphones we carry around -- but also the **medical devices** that **monitor our health and keep us alive**, the **automobiles we drive**, the **electronics that monitor our homes**, and the **public infrastructure we depend on**. It now impacts **public safety, human life, privacy, freedom and democracy**. --- ## According to the ACLU: .large[ > "There's simply no way to forecast how these immense powers -- **disproportionately** accumulating in the hands of corporations seeking financial advantage and governments craving ever more control -- will be used. Chances are Big Data and the Internet of Things will make it harder for us to **control our** own **lives**, as we grow increasingly transparent to powerful corporations and government institutions that are becoming more opaque to us." ] --- ### We are the ones building the IoT .large[ Who is **responsible** for making sure the systems and devices that make up the IoT are under the **control of their users**? Whether we like it or not, the **responsibility** for ensuring freedom, privacy, security, and (digital) civil rights **rest on our shoulders**. So instead of asking ourselves (as we usually do) **"can we do this?"**, we should ask ourselves **"should we do this"**? ] --- class: center, middle  --- ## Big Data (& the Cloud) .large[ * Monitoring * Prediction * Healthcare * Efficiency <!-- --> * Science / Business / Government * Track / Predict / Control ] ## Privacy & Security .large[ * Who controls the data? * Who has access to the data? * What is the data used for? * Don't put everything in one place. <!-- --> * Welcome to the Panopticon ] ??? * loss of practical obscurity * permanent vs fleeting * smart cities * NSA++ --- class: center, middle # What can we do? --- ### What can we do about security? .large[ We need: * **development practices** that take **security** into account; * to build systems that are **secure from the ground up**; * **Free Software** to make sure that the answer to **"who controls our computers?"** -- including the IoT -- is **"the users"**. ] ??? * updates / obsolescence * tolerance for misuse, failure * human in the loop -> how to be sure the system does what the user expects (model his preferences) * { people, resources, incentives } -> does the system work? --- ### What can we do about privacy? .large[ * Put the **users in control**. * Don't share **raw data**; share **relevant data**, with **explicit consent**. <!-- --> * **Privacy is hard** for people and computers. * **Laws and policies** are not enough: we need **technologies** to enforce privacy and security. <!-- --> * Encryption * Federation * Decentralisation ] ??? * data hunger / malice / incompetence * meta-meta-data / trust network * openPDS --- ## "New Deal" on Big Data .large[ * Personal data treated as asset * Individuals own the data about them: - Right to: Possess; Control use; Dispose of or Distribute ] ## User Data Manifesto 2.0 .large[ * **Control** over user data access * **Knowledge** of how the data is stored * **Freedom** to choose a platform ] ## Open Data .large[ * Who controls the processing power? ] --- ## More than technology alone .large[ * (Public) Awareness * Mindset * Policies & Laws * Mandatory Privacy & Security * Find the right (individual) balance ] ## Trust, Control & Freedom .large[ * Free Software * Open Standards ] ??? * digital difference: people lock their doors and close their curtains * laziness / indifference * tangible benefits / intangible costs --- class: center, middle .large[ The IoT is on its way. It's up to us to build it right. And to have lots of fun along the way. ] --- class: center, middle # Q & A --- ### Sources Include: * New Scientist * Scientific American * The Spy in the Coffee Machine by Kieron O'Hara & Nigel Shadbolt * Wikipedia --- ### License: [](https://creativecommons.org/licenses/by-sa/4.0/) ### Images from Wikipedia: .small[ * https://commons.wikimedia.org/wiki/File:BigData_2267x1146_white.png * https://commons.wikimedia.org/wiki/File:Blausen_0696_PacemakerPlacement.png * https://commons.wikimedia.org/wiki/File:Cloud_computing_icon.svg * https://commons.wikimedia.org/wiki/File:Fairphone_back_inside_sim_slots_03.jpg * https://commons.wikimedia.org/wiki/File:Hands-free_Driving.jpg * https://commons.wikimedia.org/wiki/File:Pebble_watch_email_1.png * https://en.wikipedia.org/wiki/File:Google_Glass_photo.JPG * https://en.wikipedia.org/wiki/File:Internet_of_Things.jpg * https://en.wikipedia.org/wiki/File:Walkera_QR_X350_Quadcopter_Hovering.jpg ]