There are a number of tools that give non-root users root access. It might be "just" sudo, or it might be some GUI tool to allow graphical administration. All it takes is a program that can hijack one of those, or just passively wait until the user issued a sudo command (so their password and access is cached), then it could jump in, grab root, stuff a module in the kernel, and all bets are off from there.
Long term, what Linux really should have is the ability to have either signed executables or a manifest list that can whitelist or blacklist. This could be something like Solaris's elfsign or AIX's trustchk, where an admin can make a self-signed key and sign all executables. With this in place, on a production system, if an executable, script, or library isn't signed, it doesn't run. Virtually every other OS has this functionality in place. This doesn't have to rely on an "official" signing key either, and could just be a manifest list generated after install, similar to tripwire's database, and if some executable's signature is different, it doesn't get to run until an admin updates the signature DB.
Protecting commands (data goes without saying as well) is handled by a MAC/MIC system like AppArmor or SELinux.
What I don't get is how this Trojan could sit around for so long and not be caught by a competent admin. Between process accounting, Tripwire/Aide, mounting home directories with noexec, and finally a sane IDS/IPS [1] that does active protection, this should have been caught by someone and reported. Even a Linux based antivirus product like McAfee that uses the latest 2.6 kernel hooks to do realtime scans likely would catch something like this with heuristics.
[1]: Never ceases to amaze me how few companies actually have a working IDS/IPS in place. So many breaches would be caught and stopped in their tracks, especially on secure networks where traffic is known and limited.
My computer is online, similar with my Wi-Fi network...
But, my Internet connected devices are behind a solid firewall that puts the kibosh on unauthorized connections in, and out (for example, nothing, and I mean -nothing- needs to ever send traffic to the Internet on port 25 from my LAN. Receiving, perhaps a different story if I went with a dynamic DNS approach, but outgoing E-mail gets relayed to a proper SMTP server via port 465 and SSL/TLS in place no matter what.)
What needs to be a part of IoT is a LAN/WAN design. Local devices can chat with each other all they want to, but if they want connectivity onto the Internet, they work with a central, hardened system. This doesn't have to be any special stuff. For example, setting up SNMP and sending traps to the server, or having the server do a walk every so often for periodic status, then taking the results and using them locally.
It is a lot easier to secure one device than a bunch of little devices, all made by the absolute lowest bidder in China.
From what I've read, it looks like a decent IDE, comparable with similar items (Eclipse, for example.) The fact that it allows one to display text and other items and see how it will look on a number of devices at once is a nice touch.
The proof will be in the pudding -- I wonder how usable it will be as a day to day tool for app developers and coding houses, especially with multiple people doing check-ins and such.
Interesting that TFA talks about an activation key likely misused/abused.
I'm sure the shop has the skills to operate legitimately. An OEM version of Windows mainly requires a sticker to be peeled from the back of the DVD case and slapped onto the machine, and that one OEM copy of Windows goes out per machine sold. Not rocket science. Here in the US, $130 is the "retail" charge for an OEM copy.
In my experience, RAM is usually the second thing that causes slowdowns.
The first are either obvious malware, or the countless junkware programs that add ghost loopback VPNs for adding ads in transit, browser add-ons, random crap that sits in memory and phones home to Bog-knows-what, "virus" scanning utilities which pop up and say there is a major infection, and the only way it can be fixed is via a credit card, and so on. The best way to fix this is to back up the box via an image, dump all documents, completely nuke the OS HDD (boot from Windows media, get a command prompt , diskpart, run clean all on the disk after selecting it), and reinstall the OS and patches [1] from scratch before the machine ever goes back onto the network. Then, reinstall apps, AV program, and toss the data files back on (after a scan, of course.) Crapware is the #1 cause of a machine being dog slow. Well, a Windows machine, that is. If it is any other OS, the #1 cause will almost invariably be a RAM bottleneck.
Even with that in mind, capacity is still in high demand (the guys selling SSD upgrades for MBPs seem to be doing quite well.) Any user with a clue has some sort of backup drive (be it a Mac with Time Machine, a Windows machine with TrueImage, a Linux box with amanda/zmanda, or something.) Eventually, that backup drive will fill up with changes. A smarter user will be at least changing out HDDs every so often so that if the computer and the external drive are destroyed, the data is still accessible.
There are two battery technologies that I know of which can support more charge cycles than lead-acid. One is NiFe, which are expensive and hold less... but they will last a long time (which makes them quite usable for solar storage batteries), and the other are supercaps. Supercaps have come a long way, but they still don't have the energy density needed. However, since they use physical properties to store electricity rather than chemical, their useful life is far greater than almost all batteries.
The problem with lead-acid is that if you go below 50% SoC, the batteries take permanent damage. They require some tuning to get a proper battery charge cycle, and they need desulfation, something which few chargers are able to do. Of course, lead-acid batteries are innately toxic.
There is also the issue of lead-acid batteries (which are the ones generally used for solar energy storage) getting damaged if they go below 50% state of charge. So, it might wind up being 28 days of storage to prolong the life of the batteries if lead-acid. Of course, other types of batteries (Li-whatever, NiFe, etc.) have different advantages/disadvantages [1], so it might be good to consider another storage type.
If we can get a battery type that can store within 1-2 orders of magnitude as much energy per volume as gasoline, this would fundamentally change things.
[1]: Unlike lead-acid batteries where you can have multiple chargers and items discharging, lithium-ion batteries require a smart device controlling the juice going in and out to ensure that the batteries don't encounter a "thermal runaway" condition and explode.
Of course, there is the issue of getting locked out by forgetting one's PIN. Again, picking on SecurID, people forget if they put their PIN before the number or after, so this can blow one password entry attempt. Fumble-finger again, and that can easily use up three attempts, locking someone out indefinitely.
Don't forget scenarios. The senior sales person is out at a client site, he lost his token, and has to have access to the internal company's network for some charts or demos, or else he may lose a sale. How is this handled? SecurID can handle lost tokens via remote. Other token systems like the old SafeNet eToken Pros can have the device password/PIN recovered via a challenge/response system, but it takes some IT planning to have that set up and running.
RSA SecurID is one of the standard 2FA methods that can be used, and it works well without needing a special dialog on the screen (which may be needed for some challenge/response systems.) It has been around for a long time.
Of course, there is one major problem: The cost. The keyfobs are not cheap. The seeds which are required for apps on smartphones are also not cheap. The RSA Authentication Manager servers are not cheap, and you need multiples of these at the core office and branches.
Then there is the concern about hacking. RSA uses their own algorithm to get the authentication server and the keyfob to work. Is it as secure as the open source Google Authenticator? Who knows.
RSA SecurID on the edges, either via VPN, Citrix, or both? Yes, this is a wise thing to do. RSA for every AD access? The return on security investment would be minimal compared to just setting a wise password policy [1].
[1]: There were/. articles about using 16 character passwords and having them valid for 6-12 months which gave more security than 8-10 character PWs changed monthly. xkcd.com/936 explains it better.
The first time any glitches happen with the authentication system (and they will), the people mentioned by the parent will come down like a ton of bricks, asking why a system that costs productivity without obvious security merits is in place.
Replacing a core authentication mechanism takes a lot of buy-in, not just from management, but by users who have management's ear. One "this is keeping me from doing my work" E-mail from someone with some cloud in a company can sink a project like this.
The reason I wonder if 2FA can be at least moved to the edge or used for VPN logins is that it makes things a lot less of a headache.
Usually for internal AD, having a third party authentication apparatus strapped on can bring about issues. For example, if the system is a challenge/response system and a Web app is authenticating from AD, it likely won't have a window to present the 2FA challenge. SecurID is the only one I know which gets around this since there is no challenge token presented... users just enter in their password and the number off their token, and it logs them in with the standard username/password box. However, the downside of SecurID is that it is not cheap, and requires at least two servers to authenticate the tokens.
Internal logins, I'd just stick with AD unless there was really a need for internal security (expensive). If so, I'd then go with CAC/PIV tokens because they are fairly standard, have a wide use with the US government, and work with most major applications.
Now the edge is a completely different beast. You can set up RADIUS servers to use the Google Authenticator, SecurID, smart cards, or one's flavor of choice. This way, users can log in via 2FA, but the internal network doesn't need to have any major changes done to it.
Maybe a tiering system would be useful. I've seen some drive arrays that use SSD for caching. So, a SSD that can take a lot of info and forgets it after a month or two can be good enough in this case, assuming enough ECC to realize the cache data is damaged and to fetch from the spinning platters the bits needed to complete the read. Another example of this would be a write cache on a HBA. That way, the machine could send writes to the SSD cache, the HBA tells the machine the write is complete and then feeds the SAN a relatively easy sequential write to take care of.
On the other end of the spectrum, we really need archival grade media. No hard drives are built to hold data for 20 years, and SSDs will have the electrons wave farewell never to return if left alone for a long time. The only media that I could say could go 20 years sitting on a shelf would be LTO tape, or a well designed optical format.
I can see it now, tattoos that automatically update for the latest fashion trend with the wearer just visiting the tattoo artist just for a firmware download. This month, it might be tribal designs. Next month, pithy poetry written on the chest and arms. Skulls and spikes after that, then maybe a cyber theme when something Matrix themed comes out.
I'm sure there would definitely be a market for this. Perhaps even have the tattoos disappear for the work day and reappear at 5:00, with the special designs for the goth night at the club on Fridays.
I'd go for Windows Server 2012 or Windows Server 2012 R2. The advantage of this over W8 or W8.1 are a few things. What comes to mind is offline deduplication,, a built in backup tool (wbadmin) which reasonably works, a ZFS-like volume manager (Storage Spaces) which can do autotiering, and a decent hypervisor built in.
The only "real" battery saver utility I've seen on any device which actually was useful is the Extreme Battery Saver mode on the HTC One M8. This drops all network connections, changes the launcher to a simple one, stops all background apps, and allows for the phone, texting, and clock/alarm. This has come very much in handy, allowing for a phone to run multiple days on a single battery charge.
That's the rub... IoT sounds like 1990s thinking where the goal is to get stuff connected, and worry about security later.
IoT -might- be useful, but what is needed is for a LAN/WAN approach, with a central monitoring device that handles all the local devices, with a hardened external interface, perhaps even an independent NIC that does the firewall rules [1]. The monitoring device would either poll or receive traps from the BlueTooth devices, then handle the info either by sending it to a preconfigured destination or just allow the user to remotely access the monitoring device via a system similar to GoToMeeting.
With a hardened intermediary in place, the individual device security is less important (assuming they use Bluetooth standard pairing methods.) It is easier to harden a core device than it is to try to secure hundreds of little devices made from China at the lowest price point.
[1]: A while back, some nVidia motherboard chipsets actually had NICs with firewalling rulesets built in. That way, if the OS got compromised, the NIC would still work at packet filtering (for example, dropping port 25 outgoing so that the machine could not be used for spam, blocking any incoming ports other than a few machines on the LAN, etc.)
Of course, there are all the oddball ways of pairing items. Some just pair with the nearest device that is discoverable, some will demand you use "0000" or "1234" for a pairing code.
Ideally, if the device isn't too small (pairing a BT headset for example), it would be nice to have some form of e-Ink display where when pairing, the device could show its name discoverable by BT as well as a random six digit PIN. Once paired, the display would blank. Ideally, some way of both devices having PINs entered on each, so there is no way a third party could spoof either device.
Done right, Bluetooth can be decently securable. However, the level of security used in pairing most gewgaws is laughable at best.
As for the "third wave" after computers and the Internet, I can strongly speculate on what that will be... and that will be a run from the Internet on a large scale.
WANs that are air-gapped from the Internet will be something that is coming our way. Right now, the technology is nascent because previous networks were designed to get stuff connected with security as an afterthought. However, we will be seeing various items split from the Internet, similar to the US's SIPRNet and NIPRNet. Some countries are doing this now -- Cuba, North Korea, China, and Iran all have internal country networks that have firewalling from the Internet.
This is a good and bad thing. Obviously the bad is censorship, but the good thing is that if a bad guy can't get access to a WAN [1], they can't hack the machines on it.
A good example of this would be banks and large businesses using a dedicated, leased line topology between their centers. If a company isn't a bank, there will be no access to this backbone WAN. Not to say this is 100% secure, as a blackhat could probably get access somehow, but it is a lot more secure than what is present now, and likely would require a physical presence to create an intrusion.
As it stands right now, an attacker anywhere in the world has can get to a lot of internal networks... all they have to do is drop internal firewalling or create the right tunnels. By separating WANs fron the Internet, an attacker then has to find an entry point onto that WAN, beat the WAN's security (most likely if two machines are not prearranged to communicate with each other, they will be blocked from doing so), then obtain access to the remote site.
IoT just doesn't have that ring to consumers. Already, there is pushback and concerns about privacy, even by the people who put their lives on Facebook. A device that is always on and Internet connected will be scrutinized.
[1]: Especially if it uses actual connections and end to end encryption.
I would say that is correct, especially if one uses a PWM battery charger which "lops" off voltage that it doesn't use, so a 24 volt, 100 watt solar panel would really end up only being a 50 watt cell if the charger uses 12 volts of power. (This isn't an actual number, but good for the example.)
However, I've found that even though it may not be as good as an on-grid inverter based system, having an off-grid system in places does come in handy. For one, if the batteries are connected to a quality PSW inverter, it can provide a circuit for low draw items (chargers, laptops, etc.) Or if one is in a rural area, a couple cast-off car batteries, a low end panel and a PWM charger is good enough to give an outbuilding LED power without breaking the bank.
Of course, the one thing that will break the bank is heating or cooling. Heating can be done via a number of ways, but there isn't any real way to do cooling (barring a house designed from the ground up with a passive structure) without many kilowatts of electricity available.
There is also upkeep costs. When panels were expensive, the cost of keeping the moving parts maintained was considered part of a solar install.
Now, as stated above, it is cheaper to just add more panels and deal with the non-optimal configuration, especially in southern climates. With the fact that one just throws a lot more panels on a roof or other surface, the cost of keeping motors working does become a non-trivial factor.
For a lot of use cases, max wattage per square unit of area isn't an issue, compared to price per square area unit. even relatively inefficient flexible panels or solar roof tiles are far better than nothing.
1: A place for a backup house or car key. 2: A place for cash. 3: My Car2Go card. 4: Other ID cards.
If stopped by the local PD, I don't know any that will accept a photo of a driver's license from a phone.
I'm not convinced that Apple Pay, or some other system like this is any better than the European Chip And PIN system. With a debit card, I swipe it, enter my PIN, and the transaction is done in seconds flat. I don't have to fumble for my phone, wave it by something, confirm, hope I did it right, etc. For the average person, it means a slowdown in lines at grocery stores as people try to juggle their phone (especially while they are talking/texting on it) or lock themselves out by too many typoed PINs.
Germany has better traffic laws than here in the US. Someone in the left lane slams their brakes on to make a left and they get rear-ended... it is their fault. A car going slow in the left lane? Citable offense. Running out of fuel? A ticket. Someone swooping in too narrow a gap and causing a rear-ender, fault isn't automatically the person behind.
The fact that it is a law that vehicles have first aid kits and blankets is a good thing as well.
I did something slightly different with another client (although it wasn't medical, so HIPAA regs didn't apply). The machines on the intranet were on a subnet that was not Internet connected (with a small appliance ensuring that traffic couldn't go into that segment) , but there was a machine that allowed restricted access to a Citrix server, and that server allowed access via a Web browser to the Internet. Agreed it is less secure than a complete air-gap, but with physical ASA firewalls in place, someone who compromised the Citrix box couldn't get to the internal machines.
This provided for decent Internet access while keeping internal data locked up tight.
Slashdot Mirror
There are a number of tools that give non-root users root access. It might be "just" sudo, or it might be some GUI tool to allow graphical administration. All it takes is a program that can hijack one of those, or just passively wait until the user issued a sudo command (so their password and access is cached), then it could jump in, grab root, stuff a module in the kernel, and all bets are off from there.
Long term, what Linux really should have is the ability to have either signed executables or a manifest list that can whitelist or blacklist. This could be something like Solaris's elfsign or AIX's trustchk, where an admin can make a self-signed key and sign all executables. With this in place, on a production system, if an executable, script, or library isn't signed, it doesn't run. Virtually every other OS has this functionality in place. This doesn't have to rely on an "official" signing key either, and could just be a manifest list generated after install, similar to tripwire's database, and if some executable's signature is different, it doesn't get to run until an admin updates the signature DB.
Protecting commands (data goes without saying as well) is handled by a MAC/MIC system like AppArmor or SELinux.
What I don't get is how this Trojan could sit around for so long and not be caught by a competent admin. Between process accounting, Tripwire/Aide, mounting home directories with noexec, and finally a sane IDS/IPS [1] that does active protection, this should have been caught by someone and reported. Even a Linux based antivirus product like McAfee that uses the latest 2.6 kernel hooks to do realtime scans likely would catch something like this with heuristics.
[1]: Never ceases to amaze me how few companies actually have a working IDS/IPS in place. So many breaches would be caught and stopped in their tracks, especially on secure networks where traffic is known and limited.
My computer is online, similar with my Wi-Fi network...
But, my Internet connected devices are behind a solid firewall that puts the kibosh on unauthorized connections in, and out (for example, nothing, and I mean -nothing- needs to ever send traffic to the Internet on port 25 from my LAN. Receiving, perhaps a different story if I went with a dynamic DNS approach, but outgoing E-mail gets relayed to a proper SMTP server via port 465 and SSL/TLS in place no matter what.)
What needs to be a part of IoT is a LAN/WAN design. Local devices can chat with each other all they want to, but if they want connectivity onto the Internet, they work with a central, hardened system. This doesn't have to be any special stuff. For example, setting up SNMP and sending traps to the server, or having the server do a walk every so often for periodic status, then taking the results and using them locally.
It is a lot easier to secure one device than a bunch of little devices, all made by the absolute lowest bidder in China.
From what I've read, it looks like a decent IDE, comparable with similar items (Eclipse, for example.) The fact that it allows one to display text and other items and see how it will look on a number of devices at once is a nice touch.
The proof will be in the pudding -- I wonder how usable it will be as a day to day tool for app developers and coding houses, especially with multiple people doing check-ins and such.
Interesting that TFA talks about an activation key likely misused/abused.
I'm sure the shop has the skills to operate legitimately. An OEM version of Windows mainly requires a sticker to be peeled from the back of the DVD case and slapped onto the machine, and that one OEM copy of Windows goes out per machine sold. Not rocket science. Here in the US, $130 is the "retail" charge for an OEM copy.
IMHO, this is a non-issue.
In my experience, RAM is usually the second thing that causes slowdowns.
The first are either obvious malware, or the countless junkware programs that add ghost loopback VPNs for adding ads in transit, browser add-ons, random crap that sits in memory and phones home to Bog-knows-what, "virus" scanning utilities which pop up and say there is a major infection, and the only way it can be fixed is via a credit card, and so on. The best way to fix this is to back up the box via an image, dump all documents, completely nuke the OS HDD (boot from Windows media, get a command prompt , diskpart, run clean all on the disk after selecting it), and reinstall the OS and patches [1] from scratch before the machine ever goes back onto the network. Then, reinstall apps, AV program, and toss the data files back on (after a scan, of course.) Crapware is the #1 cause of a machine being dog slow. Well, a Windows machine, that is. If it is any other OS, the #1 cause will almost invariably be a RAM bottleneck.
[1]: I use Offline WSUS, which works pretty well.
Even with that in mind, capacity is still in high demand (the guys selling SSD upgrades for MBPs seem to be doing quite well.) Any user with a clue has some sort of backup drive (be it a Mac with Time Machine, a Windows machine with TrueImage, a Linux box with amanda/zmanda, or something.) Eventually, that backup drive will fill up with changes. A smarter user will be at least changing out HDDs every so often so that if the computer and the external drive are destroyed, the data is still accessible.
There are two battery technologies that I know of which can support more charge cycles than lead-acid. One is NiFe, which are expensive and hold less... but they will last a long time (which makes them quite usable for solar storage batteries), and the other are supercaps. Supercaps have come a long way, but they still don't have the energy density needed. However, since they use physical properties to store electricity rather than chemical, their useful life is far greater than almost all batteries.
The problem with lead-acid is that if you go below 50% SoC, the batteries take permanent damage. They require some tuning to get a proper battery charge cycle, and they need desulfation, something which few chargers are able to do. Of course, lead-acid batteries are innately toxic.
There is also the issue of lead-acid batteries (which are the ones generally used for solar energy storage) getting damaged if they go below 50% state of charge. So, it might wind up being 28 days of storage to prolong the life of the batteries if lead-acid. Of course, other types of batteries (Li-whatever, NiFe, etc.) have different advantages/disadvantages [1], so it might be good to consider another storage type.
If we can get a battery type that can store within 1-2 orders of magnitude as much energy per volume as gasoline, this would fundamentally change things.
[1]: Unlike lead-acid batteries where you can have multiple chargers and items discharging, lithium-ion batteries require a smart device controlling the juice going in and out to ensure that the batteries don't encounter a "thermal runaway" condition and explode.
Of course, there is the issue of getting locked out by forgetting one's PIN. Again, picking on SecurID, people forget if they put their PIN before the number or after, so this can blow one password entry attempt. Fumble-finger again, and that can easily use up three attempts, locking someone out indefinitely.
Don't forget scenarios. The senior sales person is out at a client site, he lost his token, and has to have access to the internal company's network for some charts or demos, or else he may lose a sale. How is this handled? SecurID can handle lost tokens via remote. Other token systems like the old SafeNet eToken Pros can have the device password/PIN recovered via a challenge/response system, but it takes some IT planning to have that set up and running.
RSA SecurID is one of the standard 2FA methods that can be used, and it works well without needing a special dialog on the screen (which may be needed for some challenge/response systems.) It has been around for a long time.
Of course, there is one major problem: The cost. The keyfobs are not cheap. The seeds which are required for apps on smartphones are also not cheap. The RSA Authentication Manager servers are not cheap, and you need multiples of these at the core office and branches.
Then there is the concern about hacking. RSA uses their own algorithm to get the authentication server and the keyfob to work. Is it as secure as the open source Google Authenticator? Who knows.
RSA SecurID on the edges, either via VPN, Citrix, or both? Yes, this is a wise thing to do. RSA for every AD access? The return on security investment would be minimal compared to just setting a wise password policy [1].
[1]: There were /. articles about using 16 character passwords and having them valid for 6-12 months which gave more security than 8-10 character PWs changed monthly. xkcd.com/936 explains it better.
The first time any glitches happen with the authentication system (and they will), the people mentioned by the parent will come down like a ton of bricks, asking why a system that costs productivity without obvious security merits is in place.
Replacing a core authentication mechanism takes a lot of buy-in, not just from management, but by users who have management's ear. One "this is keeping me from doing my work" E-mail from someone with some cloud in a company can sink a project like this.
The reason I wonder if 2FA can be at least moved to the edge or used for VPN logins is that it makes things a lot less of a headache.
Usually for internal AD, having a third party authentication apparatus strapped on can bring about issues. For example, if the system is a challenge/response system and a Web app is authenticating from AD, it likely won't have a window to present the 2FA challenge. SecurID is the only one I know which gets around this since there is no challenge token presented... users just enter in their password and the number off their token, and it logs them in with the standard username/password box. However, the downside of SecurID is that it is not cheap, and requires at least two servers to authenticate the tokens.
Internal logins, I'd just stick with AD unless there was really a need for internal security (expensive). If so, I'd then go with CAC/PIV tokens because they are fairly standard, have a wide use with the US government, and work with most major applications.
Now the edge is a completely different beast. You can set up RADIUS servers to use the Google Authenticator, SecurID, smart cards, or one's flavor of choice. This way, users can log in via 2FA, but the internal network doesn't need to have any major changes done to it.
Maybe a tiering system would be useful. I've seen some drive arrays that use SSD for caching. So, a SSD that can take a lot of info and forgets it after a month or two can be good enough in this case, assuming enough ECC to realize the cache data is damaged and to fetch from the spinning platters the bits needed to complete the read. Another example of this would be a write cache on a HBA. That way, the machine could send writes to the SSD cache, the HBA tells the machine the write is complete and then feeds the SAN a relatively easy sequential write to take care of.
On the other end of the spectrum, we really need archival grade media. No hard drives are built to hold data for 20 years, and SSDs will have the electrons wave farewell never to return if left alone for a long time. The only media that I could say could go 20 years sitting on a shelf would be LTO tape, or a well designed optical format.
I can see it now, tattoos that automatically update for the latest fashion trend with the wearer just visiting the tattoo artist just for a firmware download. This month, it might be tribal designs. Next month, pithy poetry written on the chest and arms. Skulls and spikes after that, then maybe a cyber theme when something Matrix themed comes out.
I'm sure there would definitely be a market for this. Perhaps even have the tattoos disappear for the work day and reappear at 5:00, with the special designs for the goth night at the club on Fridays.
I'd go for Windows Server 2012 or Windows Server 2012 R2. The advantage of this over W8 or W8.1 are a few things. What comes to mind is offline deduplication,, a built in backup tool (wbadmin) which reasonably works, a ZFS-like volume manager (Storage Spaces) which can do autotiering, and a decent hypervisor built in.
The only "real" battery saver utility I've seen on any device which actually was useful is the Extreme Battery Saver mode on the HTC One M8. This drops all network connections, changes the launcher to a simple one, stops all background apps, and allows for the phone, texting, and clock/alarm. This has come very much in handy, allowing for a phone to run multiple days on a single battery charge.
That's the rub... IoT sounds like 1990s thinking where the goal is to get stuff connected, and worry about security later.
IoT -might- be useful, but what is needed is for a LAN/WAN approach, with a central monitoring device that handles all the local devices, with a hardened external interface, perhaps even an independent NIC that does the firewall rules [1]. The monitoring device would either poll or receive traps from the BlueTooth devices, then handle the info either by sending it to a preconfigured destination or just allow the user to remotely access the monitoring device via a system similar to GoToMeeting.
With a hardened intermediary in place, the individual device security is less important (assuming they use Bluetooth standard pairing methods.) It is easier to harden a core device than it is to try to secure hundreds of little devices made from China at the lowest price point.
[1]: A while back, some nVidia motherboard chipsets actually had NICs with firewalling rulesets built in. That way, if the OS got compromised, the NIC would still work at packet filtering (for example, dropping port 25 outgoing so that the machine could not be used for spam, blocking any incoming ports other than a few machines on the LAN, etc.)
Of course, there are all the oddball ways of pairing items. Some just pair with the nearest device that is discoverable, some will demand you use "0000" or "1234" for a pairing code.
Ideally, if the device isn't too small (pairing a BT headset for example), it would be nice to have some form of e-Ink display where when pairing, the device could show its name discoverable by BT as well as a random six digit PIN. Once paired, the display would blank. Ideally, some way of both devices having PINs entered on each, so there is no way a third party could spoof either device.
Done right, Bluetooth can be decently securable. However, the level of security used in pairing most gewgaws is laughable at best.
Nail, head, hit.
As for the "third wave" after computers and the Internet, I can strongly speculate on what that will be... and that will be a run from the Internet on a large scale.
WANs that are air-gapped from the Internet will be something that is coming our way. Right now, the technology is nascent because previous networks were designed to get stuff connected with security as an afterthought. However, we will be seeing various items split from the Internet, similar to the US's SIPRNet and NIPRNet. Some countries are doing this now -- Cuba, North Korea, China, and Iran all have internal country networks that have firewalling from the Internet.
This is a good and bad thing. Obviously the bad is censorship, but the good thing is that if a bad guy can't get access to a WAN [1], they can't hack the machines on it.
A good example of this would be banks and large businesses using a dedicated, leased line topology between their centers. If a company isn't a bank, there will be no access to this backbone WAN. Not to say this is 100% secure, as a blackhat could probably get access somehow, but it is a lot more secure than what is present now, and likely would require a physical presence to create an intrusion.
As it stands right now, an attacker anywhere in the world has can get to a lot of internal networks... all they have to do is drop internal firewalling or create the right tunnels. By separating WANs fron the Internet, an attacker then has to find an entry point onto that WAN, beat the WAN's security (most likely if two machines are not prearranged to communicate with each other, they will be blocked from doing so), then obtain access to the remote site.
IoT just doesn't have that ring to consumers. Already, there is pushback and concerns about privacy, even by the people who put their lives on Facebook. A device that is always on and Internet connected will be scrutinized.
[1]: Especially if it uses actual connections and end to end encryption.
I would say that is correct, especially if one uses a PWM battery charger which "lops" off voltage that it doesn't use, so a 24 volt, 100 watt solar panel would really end up only being a 50 watt cell if the charger uses 12 volts of power. (This isn't an actual number, but good for the example.)
However, I've found that even though it may not be as good as an on-grid inverter based system, having an off-grid system in places does come in handy. For one, if the batteries are connected to a quality PSW inverter, it can provide a circuit for low draw items (chargers, laptops, etc.) Or if one is in a rural area, a couple cast-off car batteries, a low end panel and a PWM charger is good enough to give an outbuilding LED power without breaking the bank.
Of course, the one thing that will break the bank is heating or cooling. Heating can be done via a number of ways, but there isn't any real way to do cooling (barring a house designed from the ground up with a passive structure) without many kilowatts of electricity available.
There is also upkeep costs. When panels were expensive, the cost of keeping the moving parts maintained was considered part of a solar install.
Now, as stated above, it is cheaper to just add more panels and deal with the non-optimal configuration, especially in southern climates. With the fact that one just throws a lot more panels on a roof or other surface, the cost of keeping motors working does become a non-trivial factor.
For a lot of use cases, max wattage per square unit of area isn't an issue, compared to price per square area unit. even relatively inefficient flexible panels or solar roof tiles are far better than nothing.
A few others:
1: A place for a backup house or car key.
2: A place for cash.
3: My Car2Go card.
4: Other ID cards.
If stopped by the local PD, I don't know any that will accept a photo of a driver's license from a phone.
I'm not convinced that Apple Pay, or some other system like this is any better than the European Chip And PIN system. With a debit card, I swipe it, enter my PIN, and the transaction is done in seconds flat. I don't have to fumble for my phone, wave it by something, confirm, hope I did it right, etc. For the average person, it means a slowdown in lines at grocery stores as people try to juggle their phone (especially while they are talking/texting on it) or lock themselves out by too many typoed PINs.
Germany has better traffic laws than here in the US. Someone in the left lane slams their brakes on to make a left and they get rear-ended... it is their fault. A car going slow in the left lane? Citable offense. Running out of fuel? A ticket. Someone swooping in too narrow a gap and causing a rear-ender, fault isn't automatically the person behind.
The fact that it is a law that vehicles have first aid kits and blankets is a good thing as well.
I did something slightly different with another client (although it wasn't medical, so HIPAA regs didn't apply). The machines on the intranet were on a subnet that was not Internet connected (with a small appliance ensuring that traffic couldn't go into that segment) , but there was a machine that allowed restricted access to a Citrix server, and that server allowed access via a Web browser to the Internet. Agreed it is less secure than a complete air-gap, but with physical ASA firewalls in place, someone who compromised the Citrix box couldn't get to the internal machines.
This provided for decent Internet access while keeping internal data locked up tight.