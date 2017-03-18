Bruce Schneier Calls for IoT Legislation, Argues The Internet Is Becoming One Giant Robot (linux.com) 21
"We're building a world-size robot, and we don't even realize it," security expert Bruce Schneier warned the Open Source Leadership Summit. As mobile computing and always-on devices combine with the various network-connected sensors, actuators, and cloud-based AI processing, "We are building an internet that senses, thinks, and acts." An anonymous reader quotes Linux.com: You can think of it, he says, as an Internet that affects the world in a direct physical manner. This means Internet security becomes everything security. And, as the Internet physically affects our world, the threats become greater. "It's the same computers, it could be the same operating systems, the same apps, the same vulnerability, but there's a fundamental difference between when your spreadsheet crashes, and you lose your data, and when your car crashes and you lose your life," Schneier said...
"I have 20 IoT-security best-practices documents from various organizations. But the primary barriers here are economic; these low-cost devices just don't have the dedicated security teams and patching/upgrade paths that our phones and computers do. This is why we also need regulation to force IoT companies to take security seriously from the beginning. I know regulation is a dirty word in our industry, but when people start dying, governments will take action. I see it as a choice not between government regulation and no government regulation, but between smart government regulation and stupid government regulation."
Yep. He needs to remember the old adage: be careful what you wish for; you might get it. He says see it as a choice not between government regulation and no government regulation, but between smart government regulation and stupid government regulation.
Stupid is what he's going to get.
those engineering activities are/will be moved to India. You need to hold upper management accountable.
Don't buy IoT devices. Problem solved.
Everybody knows they offer marginally beneficial services to the user, and massive surveillance and privacy invasion opportunities for big data, unconstitutional government agencies and other sumbitches.
I don't think that 'everybody' knows this. Most people will buy whatever they see that is attractively packaged on the front page of Amazon or on the shelves at Home Depot, Target, Best Buy, Office Max or the like.
That can be done now. Give it a few years, you won't be able to buy anything that is not made to be connected. Peer pressure, obsolescence and convenient buyback programs will take care of the reticent. It's a done deal.
Half of the water heaters at Home Depot have electronic control panels, and a good chunk of those have WiFi capability.
Do you trust Rheem or AO Smith to have enough IT security people available to know how to set the default state of these controls so that they're not exploitable?
TFA immediately made me think of the Arthur C Clarke story in which the "first cries" of the unintentionally created artificial intelligence that arose from the hook up of a world-wide telephone exchange was that every phone around the world rang at the same time.
What will it be for us? All the refrigerator doors on the planet opening at the same time?
Security cameras simultaneously turn off. The UK is particularly affected.
James Hogan imagined the next step of the world wide network in "The Two Faces of Tomorrow". Including how it could affect the outside world -- the mass driver was great.
I see it as a choice not between government regulation and no government regulation, but between smart government regulation and stupid government regulation.
SPOILER: stupid government regulation wins. There's no money to be made in "smart." If it just works, everybody forgets. if it's always breaking, the recriminations and money trail goes on for years and years.
(GOD I'm getting cynical in my old age.)