Entry Nr 5: What is the opposite of Panopticon Contest? : Brian Sherwood Jones

Brian Sherwood Jones: The Panopticon question: "The current Web 2.0 has massive shortfalls in privacy and security - to a large extent representing the end of anonymity and privacy. Is IoT proposing to make good this technical debt as well as provide the end-to-end information assurance necessary for IoT applications to work with privacy, security, safety, accuracy, timeliness etc.? The issue is not one of 'things' but the funding and control of the infra-structure. Certainly a corporatist panopticon is the default way ahead. If people are to own 'their' data and have openness and transparency on its usage, then major changes to system architecture and business models will be required. The new years's contest is a welcome sign of awareness in the IoT community. Otherwise #OccupyIoT is a likely development! Bruce Sterling has discussed 'favela chic', a talk beautifully visualised here.  The technical IoT community is not in a position to lead some popular uprising against the corporate interests, and to the extent that it is trying to take down such barriers as exist in the 'internet of silos' it will be seen as part of the problem. "A moral obligation to contemplate a bright scenario" sounds like wishful thinking at best. The Daniel Suarez books are quite optimistic, and are essential reading if future scenarios are to be developed.

In these early days of proto-IoT, some of the problems are already apparent. For example:
    •    "In one instance, a thermostat at a town house the Chamber [of Commerce] owns on Capitol Hill was communicating with an Internet address in China." WSJ. (h/t ACM Risks Forum)
    •    "Smart meter hacking can disclose which TV shows and movies you watch" Naked Security.
    •    " Naperville Smart Meter Awareness (NSMA) filed a complaint in federal court seeking to stop the installation of smart electricity meters at homes throughout the city".  Greenbang.'

Browsing the IoT world, I have not seen much evidence of SIL assessments based on IEC 61508, or discussions of security accreditations. These architectural and infra-structure aspects have to be proven before getting into building 'things'. The technical debt for anything other than a panopticon is basically unaffordable. If global guerillas start using 'things' in the darknet, most of the IoT community is not going to know.

read further

 



| More