The Internet Of Things

Roosta writes "BBC News has an article by Bradley Horowitz, responsible for novel technology development at search giant Yahoo, looking ahead to the 'internet of things'. He discusses the importance of the 'W4' problem, the four 'W's' being who, when, what and where, and how to bring together metadata to make the world a more searchable place. 'All entities - everything from the particular chair I am sitting on to objects like the Lincoln Memorial monument should have a unique digital identifier. As an example - let's start with people. I don't know if darren@yahoo.com is the same as darren@gmail.com. There is a problem of managing identity across the internet, so when I say Darren Waters I mean this person and all of the manifestations and representations and personas of that person. The ability to knit those together is a huge challenge and opportunity for us as an industry. That's what I mean by resolving people - I mean this person and not the likely thousands of other people who share your name.'"

you forgot the 5th "w"

[griffjon]

...Why?

I'm all for spimes/blogjects/fountains that respond to stock prices, but for crissakes why does my inanimate chair need an IPv6 address?

Evil as this is... can it be prevented?

[SwordsmanLuke]

Technology has been progressing in this direction inexorably for some time now. It seems like every new advance we make is somehow capable of eating away at our privacy. So... even though the ability to tie all of a person's personal data together really seems like a Bad Thing, can it be prevented? Or just defended against on an individual basis, like people now who choose only to use cash so they don't leave a digital paper trail?

There's this thing called privacy

[0123456]

"I don't know if darren@yahoo.com is the same as darren@gmail.com."

Um, yes. I have many different email addresses precisely so people know know that 0123456@hotmail.com is the same person as 0123456@gmail.com.

What a strange world he must live in if he thinks we actually _WANT_ everyone to know everything we do and to search all information that's available. Still, if he's that trusting, maybe he'll buy the bridge I have for sale.

Revelation 13:16-17

[riskeetee]

16) And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand or in their foreheads,

17) that no man might buy or sell, save he that had the mark or the name of the beast or the number of his name.

Who knew it would be an IPv6 address?

Which "Darren Waters": two problems

[G4from128k]

One key problem with identity is non-uniqueness of names -- there can be several people named Darren Waters. Disambiguating these is nontrivial because it requires other identifiers (e.g., age, hometown, address). Often times the searcher doesn't know anything else about the target. Add spelling errors and things become even more confusing.

A second "which 'Darren Waters'" problem is role-segmentation. I, and am sure many, have multiple online persona reflect different interests, roles, and communities. Depending on the context, I'm a geek, engineer, photographer, stock trader, businessman, etc. Any meaningful search for me would need to specify which version of me they were looking for.

Searching for a person implies both uniquely defining the person and defining which aspect of the person one is looking for because "which 'Darren Waters'" is a problem with two dimensions of ambiguity.

Umm, No.

[Irvu]

All entities - everything from the particular chair I am sitting on to objects like the Lincoln Memorial monument should have a unique digital identifier.

Why? Seriously, why should my chair have some unique identifier, and why should you need to search it? It is a physical entity that I sit on. If it is physically present then I can sit there, if not then I'll hunt for it myself. I don't need google to find it.

As an example - let's start with people. I don't know if darren@yahoo.com is the same as darren@gmail.com. There is a problem of managing identity across the internet, so when I say Darren Waters I mean this person and all of the manifestations and representations and personas of that person.

Good!

Central management of internet identities and central linking also means no anonymity. No ability to create an identity on a per user group basis. Why should the people I discuss 40wheeling with be able to link to my identity as a campaigner for gay rights? The two are separate worlds and I like them that way. They don't need to interact and I see no reason that you should force them to interact.

The ability to knit those together is a huge challenge and opportunity for us as an industry.

Tough, go join another industry.

When last I checked Yahoo was in the business of searching out information not mapping all things including my chair. I don't want Yahoo to know about my chair, that is why I didn't make a webpage for it.

That's what I mean by resolving people - I mean this person and not the likely thousands of other people who share your name.

Yes well again I'm not wooed by your crocodile tears. Yes when looking up things there is the possibility of confusion but some global numbering system won't change that really. Even if such a system was implemented it would reduce privacy, probably by outing many a closet homosexual, but the people who really wanted to game it still would and even though you matched the serial number for Bob Henderson at 2213 Mockingbird Lane, and found that he likes Monster trucks, and old Judy Garland Movies you still wouldn't be able to believe it. Because someone who wanted to hide their love of Monster trucks may just have been posting under his name.

Even if you put the force of law and economics behind it, say the way that credit card fraud is banned it will still happen. The net result of an internet of things would be 1) My chair having its own fan club 2) Yahoo getting into the ChoicePoint voter-roll purging busines, and 3) people too weak to protect themselves being outed for no good reason.

Lest we forget there is a reason for anonymity in this world. Many people, esp those coping with personally difficult things, want to broach them under different identities for fear of persecution. Others, like me, just value our privacy as a matter of course and feel that more information only benefits others, not us. Finally dangerous or unpopular ideas (say phamplets advocating for the American Revolution, democracy, and the rights of man) cannot be published except anonymously for fear of violent reprisal. That's why Benjamin Franklin used the name 'Mrs. Silence Dogood'.

Re:I like my privacy, so please, no email ID

[Anonymous+Brave+Guy]

Today, only your IP address is associated with downloading a copy of Shrek 3. IPv6 is going to make sure that your cable modem, your computer, your RAM and your hard disk are all associated with downloading a copy of Shrek 4.

One way or another, no it's not.

I am becoming increasingly conscious of my on-line footprint, the sheer scale of collection of data about me in real life, and the ways it is being used to my disadvantage. Some of those are sinister, but most are simply businesses or government departments using their greater resources to screw me out of things. Either way, I am personally damaged as a result.

I have always challenged things like asking for all my contact details in a shop when they have no need of them, and I'm sure a lot of people simply lie on various sign-up web pages that ask for information that isn't necessary to provide whatever feature or service is being requested. Now I've got to the point of actively disconnecting from social networking sites that are harvesting information about me, and I'm considering filing formal complaints with my representatives about certain well-known organisations who are obviously storing my credit card details in their databases beyond the end of our transactions.

I care enough about this issue — and more to the point, I suspect enough other people do as well — that if the pressure keeps ramping up, and damaging incidents like losing a whole database of credit card numbers keep happening, I think pretty draconian pro-privacy laws will gain political will long before universal tracking is a reality. All the lobbying and campaign funding in the world won't buy the law back once enough voters have personally been hurt by someone screwing this up.

Well... sorta

[hey!]

Well, let's start with the idea that this is an exaggeration.

Everything doesn't need an unique ID. You don't need an ID for every cashew nut in the can.

However, there's probably a reasonable reason to have an unique ID for your chair -- at least at some point in its lifetime. Maybe for inventory control in the store; or as part of the nasty divorce settlement you will go through with your wife several years from now.

So to restate the problem, it is useful to be able to identify things uniquely at various points in their lifetime. The question is -- what is the best way?

I've been a relational database designer for ... let's say about twenty to twenty five years. The problem with identification systems is that they embody invalid assumptions. This is the most common flaw in relational designs: keys that embody invalid assumptions. Over time, simple, meaningless scalar keys tend to entail the fewest nasty surprises, but even serial numbers embody an assumption: that we never need to compare record identities between systems that might assign the same number. In that case, we fall back on our (flawed) ideas of key candidacy.

I've come to the conclusion that keys should either be scalar strings representing abstractions or classes, or they should be UUIDs (or similar values that can be generated uniquely and autonomously). So "Monday, tuesday, wednesday..." are fine as keys identifying days of the week. Or maybe not.

One problem I come across in my job is identifying species. Well, sometimes species are renamed (not a problem), but sometimes they are split by new taxonomical criteria. So it's worse than starting with genus A and species X and ending up with A x and A y; really a taxonomic identification of A x prior to the recognition of the existence of A y is a different thing than afterwards. Really, we should have A x (prior) and A x (after) and A y (necessarily after), and the relationship between all three designations need to be clarified at a different level of design.

In these kinds of problems, we are immeasurably helped by meaninglessly unique designations. When in doubt, a designer should split things, because it is usually more practical to combine that which was split without need than that which was combined in ignorance of need.

Now with respect to the problems particularly around privacy, that giving things identifiers raises. The post-facto-lumping principle I posited above takes care of that. That is to say multiple identifiers in different contexts presents no problem. When there is a legitimate need to cross reference identities across policy domains, the uniform an guaranteed unique nature of an universal ID makes this much easier. So you can have pseudonomy as a gay rights activist -- you have an unique identifier which with some crypto -- can verify messages from you. If in the future you choose to associate your gay rights persona with your political party volunteer persona, you can provide any (or no) party with information proving the equivalence of your identity in each sphere.

Re:Evil as this is... can it be prevented?

"Evil as this is... can it be prevented?

Yes. Systems like this work well against a low level of random noise, but have a high vulnerability to deliberate poinsoning."

The larger question is not whether the system itself can be poisoned, the question is how and who will trust the system and will they understand it can be poisoned?

Will you be hauled into court and have this metadata presented in the same manner, as say, fingerprints are?

The problem is not the system itself, but how much TRUST people will put into it.