Bruce Schneier Calls for IoT Legislation, Argues The Internet Is Becoming One Giant Robot (linux.com)

← Back to Stories (view on slashdot.org)

Bruce Schneier Calls for IoT Legislation, Argues The Internet Is Becoming One Giant Robot (linux.com)

Posted by EditorDavid on Saturday March 18, 2017 @07:34AM from the Congress-vs-connected-devices dept.

"We're building a world-size robot, and we don't even realize it," security expert Bruce Schneier warned the Open Source Leadership Summit. As mobile computing and always-on devices combine with the various network-connected sensors, actuators, and cloud-based AI processing, "We are building an internet that senses, thinks, and acts." An anonymous reader quotes Linux.com: You can think of it, he says, as an Internet that affects the world in a direct physical manner. This means Internet security becomes everything security. And, as the Internet physically affects our world, the threats become greater. "It's the same computers, it could be the same operating systems, the same apps, the same vulnerability, but there's a fundamental difference between when your spreadsheet crashes, and you lose your data, and when your car crashes and you lose your life," Schneier said...

"I have 20 IoT-security best-practices documents from various organizations. But the primary barriers here are economic; these low-cost devices just don't have the dedicated security teams and patching/upgrade paths that our phones and computers do. This is why we also need regulation to force IoT companies to take security seriously from the beginning. I know regulation is a dirty word in our industry, but when people start dying, governments will take action. I see it as a choice not between government regulation and no government regulation, but between smart government regulation and stupid government regulation."

56 of 85 comments (clear)

Min score:

Reason:

Sort:

Yep, that's the entire point by Anonymous Coward · 2017-03-18 07:40 · Score: 1

Once again, everyone's threats, concerns, and "dire warnings" mean absolutely zero. It will happen and there is nothing anyone can do about it.
1. Re:Yep, that's the entire point by Ol+Olsoc · 2017-03-19 01:37 · Score: 1
  
  Grandpa - you finally got email!
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
2. Re:Yep, that's the entire point by coastwalker · 2017-03-29 09:41 · Score: 1
  
  I had email in 1986 punk :-)
  
  --
  Facts are history now plebs have politics for religion on social media.
Bruce Schneier ... by Anonymous Coward · 2017-03-18 07:41 · Score: 1, Insightful

... is an idiot in this instance when it comes to calling for legislation for IoT. The whole problem is humanity did not evolve to make rational decisions in a high tech free market society, no amount of legislation is going to overcome human's old meaty brain. Just like banks got bailouts because they own the government, any legislative body in america will quickly succumb to regulatory capture making the whole thing worthless. Not only that the internet is planet wide, you need co-operation with foreign governments and human beings have problems enough dealing with global warming. The whole regulatory system in america is a clusterfuck especially with trump, is he really expecting trump and his administration to make sound policy? I wouldn't trust trump with my toaster.
Let's just admit, humanity generally at this point in history has accelerated its development before its old monkey brain is able to catch up. Human beings are not evolving as fast as they are developing technology which is the fundamental issue. Human's lack of intelligence, maturity and foresight can't be overcome by adding more burdensome rules especially given the political "don't tread on me" culture of the american people.
1. Re: Bruce Schneier ... by bradley13 · 2017-03-18 08:09 · Score: 2
  
  Yep. He needs to remember the old adage: be careful what you wish for; you might get it. He says see it as a choice not between government regulation and no government regulation, but between smart government regulation and stupid government regulation.
  Stupid is what he's going to get.
  
  --
  Enjoy life! This is not a dress rehearsal.
2. Re:Bruce Schneier ... by CyclistOne · 2017-03-18 09:08 · Score: 4, Informative
  
  I don't think Bruce Schneier is an idiot, but otherwise, I tend to agree with this. Read Jacques Ellul ("The Technological Society", "The Technological System") to better understand this.
3. Re: Bruce Schneier ... by gtall · 2017-03-18 10:53 · Score: 2
  
  Car and truck regulations, plane regulations, food and drug regulations, OHSA regulations, financial regulations, etc.
  Without them, you'd be dead.
4. Re:Bruce Schneier ... by Anonymous Coward · 2017-03-18 11:15 · Score: 1
  
  It's not Scheier's (or Hawking's, Musks', Gates', Berners-Lee's etc) job to figure out how to convince Trump and other government leaders to act responsibly. These people aren't politicians, although you could argue that Musk and Gates have developed some political skills.
  Nobody can see the future with clarity, but these gentlemen clearly deserve to be heard, based on their track record, exposure to cutting edge research and researchers and innovating scientists and engineers. Maybe they're way off; but maybe they're onto something important.
5. Re:Bruce Schneier ... by Cmdln+Daco · 2017-03-19 08:32 · Score: 1
  
  Bruce Schneier is a 'cryptography journalist.' He has no credentials beyond writing a controversial book over a decade ago about Cryptography and leveraging it into a career as a 'cryptography expert.' He is not a cryptographer, and thus not a 'peer' in the peer review process.
  Well, maybe he's an 'expert' in journalistic/writer terms. Just like a blogger about Geology is a blogger about Geology.
6. Re: Bruce Schneier ... by Anonymous Coward · 2017-03-19 15:11 · Score: 1
  
  He invented the Blowfish cipher. How is he not a cryptographer?
7. Re:Bruce Schneier ... by Elric55 · 2017-03-20 10:12 · Score: 1
  
  I read your entire post AC. I'm still waiting for your solution to this problem. Is it to let it all crash and burn? Seems better than a suggestion by Bruce Schneier.
Economics by Anonymous Coward · 2017-03-18 07:41 · Score: 3, Insightful

>But the primary barriers here are economic; these low-cost devices just don't have the dedicated security teams and patching/upgrade paths that our phones and computers do. This is why we also need regulation to force IoT companies to take security seriously from the beginning.
I highly doubt regulation will cause many iot companies to take security seriously, unless it has some teeth. And then regulation becomes a barrier to entry for smaller companies, so there would be fewer IoT sellers, and maybe that's a good thing according to Schneier.
1. Re:Economics by mentil · 2017-03-18 15:27 · Score: 2
  
  In practice we're going to get 'best-practices' checklists that they check off (self-certified), which are so overspecific (and quickly out of date) that huge classes of vulnerabilities will be completely unaddressed, and others will be 'addressed' inadequately. What we NEED is a provision that if anyone manages to find a vulnerability that grants unauthorized entry, all units must be recalled and installed units shall be refunded (oh and the consumer gets to keep the installed unit). That'll guarantee a bare-minimum of hackable features, and thorough testing of everything put in, rather than "Bluetooth and a full wifi stack on my front door lock" BS.
  The way I see things eventually going is there being a central 'house computer' that controls all of the IoT devices in the home, utilizing some industry-standard protocol for interacting with the IoT devices so that the computer's OS doesn't matter (networkable lightbulbs have had this for decades). There's one central point of failure, but also only one device that needs security updates, and these things will be sold on their quality/length of updates.
  
  --
  Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
Professionalize computer science by VikingNation · 2017-03-18 07:42 · Score: 5, Insightful

Many engineers who design bridges, roads, buildings, power systems, etc. are required to get a proefessional engineering certificate. There is no equivalent for computer scientist in the United States. Until there is liability for poor designs and implementation there will be changes to improve quality and security.
1. Re:Professionalize computer science by El_Muerte_TDS · 2017-03-18 07:58 · Score: 1
  
  those engineering activities are/will be moved to India. You need to hold upper management accountable.
2. Re:Professionalize computer science by Sperbels · 2017-03-18 08:24 · Score: 1, Funny
  
  Does that mean we can hold Dennis Ritchie responsible for all of the buffer overflow related crashes and security exploits?
3. Re:Professionalize computer science by fisted · 2017-03-18 08:52 · Score: 4, Funny
  
  No, but maybe John von Neumann.
  
  --
  CLI paste? paste.pr0.tips!
4. Re:Professionalize computer science by gtall · 2017-03-18 10:56 · Score: 2
  
  The scale of new bridges, road, buildings, power systems, etc. are dwarfed by computer science applications (those that do not involve new bridges, etc.) To expect the same level of standards is silly. That said, I wouldn't mind better legal ramifications for building something flawed.
5. Re:Professionalize computer science by bill_mcgonigle · 2017-03-18 11:49 · Score: 2, Insightful
  
  Until there is liability for poor designs and implementation there will be changes to improve quality and security.
  Show me the equations that show if a bridge will hold up. Fine, those are well-known.
  Now show me the equations that prove that a computer system is secure, for a non-trivial algorithm, so that a Computer Science "Engineer" can place his professional stamp on one. And remember, nobody will buy Windows that takes thirty years to get out the door at six-thousand bucks a copy.
  Really, though, do you even CS, bro? Besides the software-provability problem, a bridge engineer is not responsible for any shoddy work that is hidden from him by a lackluster construction crew (and no, inspections are not fool-proof if there is professional malpractice occurring).
  You can't simply make a comparison between a static and a dynamic system and declare equivalene. That's as silly as Schnier thinking that regulators will save us from ourselves. He should look into real insurance, strict liability, and/or marketable torts if he wants a system that can actually provide better results.
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
6. Re:Professionalize computer science by drinkypoo · 2017-03-18 22:58 · Score: 3
  
  Show me the equations that show if a bridge will hold up. Fine, those are well-known.
  Now show me the equations that prove that a computer system is secure, for a non-trivial algorithm,
  There is a reasonable interim step where the programmer proves that they utilized best practices. In some fields there are actually published standards, like say for people making PCMs for automobiles. Toyota got nailed on the unintended acceleration issue largely because they made no attempt to follow industry best practices or even their own internal practices, and their code had numerous bugs which should have been considered show-stoppers as a result. The code was so bad that it would regularly crash and fall back into an internal failsafe mode, and if they had followed best practices, it would have at minimum recovered itself to a sane state, which was not what happened.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
7. Re:Professionalize computer science by JaredOfEuropa · 2017-03-19 00:01 · Score: 2
  
  This. Also see my sig.
  
  With that said, not having a way to guarantee that your software is secure is no excuse for not exercising established security practices. They may not provide a 100% guarantee but it's better than nothing. A lot of the hacks of IoT equipment that we've been hearing so much about were possible because of inexcusable negligence on the part of the manufacturer.
  
  --
  If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
8. Re:Professionalize computer science by Ol+Olsoc · 2017-03-19 01:46 · Score: 1
  
  There is no IoT .
  There is only Zuul.
  
  A separate "net" should be required for devices, a real IoT. Non-upgradeable net-connected devices is a bad idea. Have we not seen enough of this already?
  That still doesn't protect the IoT from being taken down by it's own.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
9. Re:Professionalize computer science by luis_a_espinal · 2017-03-19 05:02 · Score: 1
  
  those engineering activities are/will be moved to India. You need to hold upper management accountable.
  People keep repeating this shit over and over. Some of it goes offshore. Some does not. And new stuff certainly doesn't, at least not until it gets mainstream.
  It will change once China and India become more entrepreneurial and innovative (it's not a matter of IF but WHEN). But for the time being, and for a good while, roll with the punches and stay ahead of the curve. If you do the same job after 5-10 years, expect your work to go to wherever.
Do I have to register my arduino? by thinkwaitfast · 2017-03-18 07:45 · Score: 1

That would be swell.
1. Re:Do I have to register my arduino? by thinkwaitfast · 2017-03-18 08:31 · Score: 1
  
  Of course I have servos connected to the arduino (and also to my rpi through an ssc-32). I also have random sensors, depending on what I'm playing with at the time. My ip is public enough to have been crawled by google.
  I figure they make it a requirement to be a registered device to connect to the internet and hack some IP payload space to hold the registration number (I've done this before and is very easy).
Together, allegiance or death by rsilvergun · 2017-03-18 07:49 · Score: 1

Big Fire! Of course, nobody knows this but the Internet is Nuclear Powered....

--
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Easy fix by Rosco+P.+Coltrane · 2017-03-18 07:49 · Score: 3, Insightful

Don't buy IoT devices. Problem solved.
Everybody knows they offer marginally beneficial services to the user, and massive surveillance and privacy invasion opportunities for big data, unconstitutional government agencies and other sumbitches.

--
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
1. Re:Easy fix by Anonymous Coward · 2017-03-18 08:02 · Score: 4, Insightful
  
  I don't think that 'everybody' knows this. Most people will buy whatever they see that is attractively packaged on the front page of Amazon or on the shelves at Home Depot, Target, Best Buy, Office Max or the like.
2. Re: Easy fix by Anonymous Coward · 2017-03-18 08:06 · Score: 5, Insightful
  
  That can be done now. Give it a few years, you won't be able to buy anything that is not made to be connected. Peer pressure, obsolescence and convenient buyback programs will take care of the reticent. It's a done deal.
3. Re: Easy fix by TWX · 2017-03-18 08:17 · Score: 5, Interesting
  
  Half of the water heaters at Home Depot have electronic control panels, and a good chunk of those have WiFi capability.
  Do you trust Rheem or AO Smith to have enough IT security people available to know how to set the default state of these controls so that they're not exploitable?
  
  --
  Do not look into laser with remaining eye.
4. Re: Easy fix by Rosco+P.+Coltrane · 2017-03-18 09:01 · Score: 4, Informative
  
  The thing is, as long as people pay for their own internet themselves, they're in complete control of what gets to connect to their wifi. So, even if all the water heaters on the market had IoT features, it's trivial to keep them offline and harmless. And should they ever come with their own connectivity solution that bypasses the users' router completely, well... it's always possible to encase it in a Faraday cage of some sort.
  As for trusting manufacturer with IT security, that's not the only problem: even if they're serious about it and actually qualified to secure your device properly, personally I'm more concerned about what they do with my data - how they snoop on my habits, how they intend to misuse that data, or whom they intend to sell it to.
  If there's a buck to be made, company won't even consider moral or ethical use of the data they collect. That's the only thing you can bet on with big data.
  
  --
  "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
5. Re:Easy fix by mea2214 · 2017-03-18 10:40 · Score: 1
  
  Don't buy IoT devices. Problem solved.
  Stick your IoT devices behind a firewall and heavily restrict or even deny Internet access but allow LAN access. Problem solved.
  You want to consult what's inside your wifi enabled refrigerator while bored at a movie? You can't. Deal with it.
6. Re: Easy fix by Hognoxious · 2017-03-18 10:45 · Score: 1
  
  So, even if all the water heaters on the market had IoT features, it's trivial to keep them offline and harmless.
  
  I wouldn't touch any IoT thing that could get hot or explode with a borrowed bargepole, but my understanding is that a lot of them can only be operated via the manufacturers' sites.
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
7. Re:Easy fix by gtall · 2017-03-18 10:58 · Score: 1
  
  Unless you are in your dotage and your health monitor phoning home regularly is your lifeline to continued existence.
8. Re:Easy fix by ChatHuant · 2017-03-18 12:58 · Score: 1
  
  Most people will buy whatever they see that is attractively packaged on the front page of Amazon or on the shelves at Home Depot, Target, Best Buy, Office Max or the like.
  Heck, even on Slashdot, where you'd expect people to be better informed and more concerned about privacy, lots of posters still have gmail addresses, Android phones (with location services enabled, no less) and use Google search and docs.
9. Re: Easy fix by mentil · 2017-03-18 15:33 · Score: 2
  
  Unfortunately my water heater uses my house's pipes as an antenna. I tried putting up Faraday cage wallpaper (even on the ceiling!), but am unsure what to do about the windows. Oh well, no windows means more privacy, right? Now I'm just worried that I didn't layer enough aluminum foil on the basement floor to stop the mole-drones from snooping on me. Stop trying to hack into my precious, life-giving water! I paid for that, mole-drones, not you! Well, my mom did, but still.
  
  --
  Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
10. Re:Easy fix by Ol+Olsoc · 2017-03-19 01:52 · Score: 1
  
  Most people will buy whatever they see that is attractively packaged on the front page of Amazon or on the shelves at Home Depot, Target, Best Buy, Office Max or the like.
  Heck, even on Slashdot, where you'd expect people to be better informed and more concerned about privacy, lots of posters still have gmail addresses, Android phones (with location services enabled, no less) and use Google search and docs.
  Because IoT botnets != a gmail account or even an Android phone. IoT can be a privacy issue if you don't want the three letter people knowing the temperature in your basement. If you are actually concerned about privacy of the sort of things you do on the internetz, you wouldn't be on the internetz. Peace out.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
11. Re: Easy fix by Ol+Olsoc · 2017-03-19 01:57 · Score: 1
  
  Unfortunately my water heater uses my house's pipes as an antenna. I tried putting up Faraday cage wallpaper (even on the ceiling!), but am unsure what to do about the windows.
  Aluminum screens, compatriot! As long as the mesh is small enough, you can block the insidious radio frequencies of those who would steal your vital bodily fluids.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
12. Re: Easy fix by TWX · 2017-03-19 03:38 · Score: 1
  
  Did you try using PVC on the cold side and CPVC on the hot side to act as short couplers to isolate the water heater from the copper plumbing?
  Also don't forget to put a PVC fitting on the emergency valve.
  
  --
  Do not look into laser with remaining eye.
13. Re: Easy fix by TWX · 2017-03-19 14:59 · Score: 1
  
  Meraki water heaters from Cisco!
  
  --
  Do not look into laser with remaining eye.
Dial "F" for Frankenstein by mykepredko · 2017-03-18 07:49 · Score: 1

TFA immediately made me think of the Arthur C Clarke story in which the "first cries" of the unintentionally created artificial intelligence that arose from the hook up of a world-wide telephone exchange was that every phone around the world rang at the same time.
What will it be for us? All the refrigerator doors on the planet opening at the same time?

--
Mimetics Inc. Twitter
1. Re:Dial "F" for Frankenstein by TWX · 2017-03-18 08:18 · Score: 2
  
  Security cameras simultaneously turn off. The UK is particularly affected.
  
  --
  Do not look into laser with remaining eye.
Thomas Hobbes' Leviathan by hackwrench · 2017-03-18 07:55 · Score: 1

https://www.bing.com/search?q=...
Two Faces of Tomorrow by kmahan · 2017-03-18 07:55 · Score: 1

James Hogan imagined the next step of the world wide network in "The Two Faces of Tomorrow". Including how it could affect the outside world -- the mass driver was great.

--
Invalid Checksum. Retrying.
I see it as a choice ... by grep+-v+'.*'+* · 2017-03-18 08:08 · Score: 1

I see it as a choice not between government regulation and no government regulation, but between smart government regulation and stupid government regulation.
SPOILER: stupid government regulation wins. There's no money to be made in "smart." If it just works, everybody forgets. if it's always breaking, the recriminations and money trail goes on for years and years.

(GOD I'm getting cynical in my old age.)

--
If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
Re:Stretching hard for another robot thead by thinkwaitfast · 2017-03-18 08:38 · Score: 1

It's mating season
It is not one giant robot! by Entrope · 2017-03-18 09:18 · Score: 4, Insightful

Schneier gives kind of a "shouting at clouds" vibe. The Internet is not like a truck you load things into or off of, it's not a series of tubes, it's not one giant robot that will turn into Skynet once it achieves sentience.
Internet Green is people! Wait, still the wrong movie, but closer.
The Internet is made up of billions of devices, each with different capabilities, each with their own purpose and "goals", influenced by others in its social network. Some of these influencers are nearby, some are far away; some are humans, some are machines. Some of these machines are robust against malicious interference, but most have weak points.
The Internet does not look or act like a single robot. It looks and acts like a network or society, not a monolithic entity, and talking about it as a monolithic thing encourages unwise reactions.
1. Re:It is not one giant robot! by matbury6017 · 2017-03-18 10:19 · Score: 2
  
  The Internet does not look or act like a single robot.
  Ever heard of the Mirai botnet? Seems to act pretty much like a single robot and it's pretty effective at taking stuff down. And according to Schneier, we ain't seen nothin' yet.
2. Re: It is not one giant robot! by Entrope · 2017-03-18 10:23 · Score: 2
  
  What fraction of a percent of the Internet did that consist of?
  The diversity of IoT devices means that you'll need different attack vectors and payloads to compromise then and then exploit that access. We must not be complacent, but pretending there will soon be a Skynet is unwarranted and counterproductive.
More proof Schneier has been turned. by Anonymous Coward · 2017-03-18 09:40 · Score: 1

Just in case anyone was suspicious after he came on the Tor Project board after the big executive shakeup there.
The call for more regulation won't help with security problems, it will exclude even more people with the knowledge but not the degrees, and it doesn't solve the fundamental issues, most of which are based in design errors or assumptions in the hardware or software which should be fixed and formally proven, as was done in the secure L4 kernel concept. Short of that software will still be at the mercy of defects cause by both the hardware and the programmer to ensure security is as close to 'airtight' as is mathematically possible.
Having said that, the things needed to ensure it at this point are: Open documentation of the device cores, or original vhdl/verilog with manufacturing process errata. Compilers which thoroughly vet code for unusual accesses and document when such a series of accesses create a violation. Since most of these accesses are either races or boundary violations it shouldn't take *THAT* much time to test an entire codebase for them, both in source code, and final binary code checked against the oiiginal source code.
Additionally, we need to stop allowing compilers to become a moving target. Just following gcc and clang for the past 10-20 years will show that lots of cornercases develop from allowing 'future standard features' in 'official release compilers' as does mixing standards in a codebase. Pedantic standard rules and strict (and DOCUMENTED!) ABI compliance would help reduce many violations, even when interfacing new object code with legacy API/ABI code, where sufficient metadata documentation exists. Neither GCC nor CLANG and their related linker tools do this. This is also part of why there are so many MSVC runtime sets needed for some applications, but at least in that case they no longer clobber each other.
As a separate aside: If suddenly all this stuff DOES start getting secured, won't that simply result in more hardware level exploits enacted by agents of the international intelligence community to circumvent software-level restrictions? Most of the current security issues are as much due to a lack of 'firewall boundaries' for devices as they are the insecurity of the devices themselves. None of these devices should be connected to the internet directly. If you need access to them while away from home, it should be via a secure VPN to your private network which should not be routable from the internet other than VPN, properly configured outgoing subnet, or SOCKS/HTTP proxy. Direct network access was fine back in the old days of the internet where the network was heavily heterogenous. But nowadays the internet has homologized around Cisco, Juniper, Huawei, ZTE (for high end routing, plus probably a few others.), and x86/x86_64, ARM, MIPS for almost everything else consumer-level. The people making these attacks usually target one or the other of those groups, and both of those groups are easy to exploit due to the popularity of only one or two operating systems and software ecosystems (Windows, Linux, *BSD/Unix, or Cisco IOS or its successors.) When you factor those altogether the reason for the internets sickness is much easier to discover: It is almost a monoculture of systems. And if there is one thing people should have learned from Biology, monocultures only require one major event to kill them off.
Food for thought.
IOT's Creators Are Clueless - Totally Clueless by dryriver · 2017-03-18 09:42 · Score: 5, Insightful

I had a 2 hour conversation last year with an IOT devices engineer who works for a multi-billion dollar Japanese Corporation. They guy didn't think Privacy was important or at risk at all through IOT devices. "Every home will have many of them soon" he said. He thought that realtime 3D face recognition - CCTV networks being able to identify you ANYWHERE IN PUBLIC with great accuracy even if you are not facing the camera, have grown a beard or are wearing a baseball cap - was a great step forward in human technological development. They guy kept talking about "new markets, new profits, a great future for our company". He literally DID NOT CARE what these technologies mean for people's Privacy. Every time I voiced even mild concerns about what these surveillance capable technologies might do to people's privacy, he acted terribly *shocked*. Apparently the corporation he works sees great profits in building IOT, face recog tech & other surveillance capable tech, and my bringing up concerns about them was something he was - wait for it - "uncomfortable with". =) This is what IOT is - faceless, nameless engineers crapping all over other people's lives because the companies that employ them expect a new XX Billion Dollar a year market from them.

--
Why did the chicken cross the road? Because Elon Musk put an AI chip in its head.
1. Re:IOT's Creators Are Clueless - Totally Clueless by rtb61 · 2017-03-18 10:57 · Score: 1
  
  I'll bet the idiots at the top of the engineers company are thinking corporations as government and how great that will be, for them (psychopaths creating a world where their insanity is the norm).
  
  --
  Chaos - everything, everywhere, everywhen
2. Re:IOT's Creators Are Clueless - Totally Clueless by Nethead · 2017-03-18 11:53 · Score: 2
  
  I hope that after your conversation you removed said engineer from the gene pool.
  
  --
  -- I have a private email server in my basement.
3. Re:IOT's Creators Are Clueless - Totally Clueless by Anonymous Coward · 2017-03-18 15:07 · Score: 1
  
  "It is difficult to get a man to understand something when his salary depends on his not understanding it" - Upton Sinclair circa 1935
4. Re:IOT's Creators Are Clueless - Totally Clueless by Anonymous Coward · 2017-03-18 15:25 · Score: 1
  
  I had a 2 hour conversation last year with an IOT devices engineer who works for a multi-billion dollar Japanese Corporation. They guy didn't think Privacy was important or at risk at all through IOT devices. "Every home will have many of them soon" he said. He thought that realtime 3D face recognition - CCTV networks being able to identify you ANYWHERE IN PUBLIC with great accuracy even if you are not facing the camera, have grown a beard or are wearing a baseball cap - was a great step forward in human technological development.
  
  It was you who were unable to understand another culture, much the same way that engineer is unable to understand what you are worrying about.
  (Disclaimer: I am not Japanese, but I am living in East Asia and have quite a bit of contact with Japan culture)
  Firstly, Japanese mostly believed their government to be mainly benevolent, i.e. their country was not built upon overthrowing/separating from a larger empire. It might be somewhat corrupt (as money-grabbing), but that is very far from having any intend to harm the people in general. Secondly, Japanese regards their police as benevolent. Police abusing their power is NOT a thing in Japan. Most Japanese would happy cooperate with Japanese police, who would only ask for reasonable cooperation. Crime rate in Japan is extremely low.
  The concept of being afraid/against the government and the police force is somewhat unique in the US (only somewhat, as there are abusive police forces elsewhere), that does not apply to Japan.
  That's why to most Japanese, having CCTV networks everywhere being about to identify anyone, is a GOOD thing. They would believe it would help their police catch criminals.
  You should express your concern as "If not properly secured, criminals could take the control of all these cameras out from the hands of the proper authorities!". That would get through to him more easily.
Re:IoT: The only way to win is not to play by geekmux · 2017-03-18 22:38 · Score: 2

...If you think any legislative solution won't be perverted by mega corps to fuck people over even more your a delusional tool.
Even more delusional is you thinking you still have a chance at winning.
When 99% of the population is being tracked and you choose "not to play", you will be playing by default as the anomaly. You will be easily tracked because you will stick out and it will be rather obvious.
Many people have already accepted this fact, which is why attempting to regulate some constraint around it is the next logical step. If you must live with a monster, then you'll at least try and put it on a leash.