Talk Feb2019 at Lakehead University for Rise of the Machines
In the near future, our smart devices will know almost everything about us. These devices offer the opportunity to vastly improve our healthcare, urban planning, safety, and more. However, these same devices also pose dramatic new challenges for privacy and for ethics. In this talk, I'll discuss how these smart devices work, what they can learn about us, and what we need to make sure that the benefits of these technologies vastly outweigh the costs.
https://www.lakeheadu.ca/about/news-and-events/news/archive/2019/node/50549
https://www.lakeheadu.ca/research-and-innovation/about/research-and-innovation-week/schedule
I’ve been working on privacy and security issues for about 15 years, looking a lot at the human factors issues. I was invited to give a talk about some of the challenges ahead for the Internet of Things. I wanted to start out by giving some background about IoT first.
I’ve been working on sensor-based systems for about 15 years now
I believe in the near future, our smart devices will know pretty much everything about us
They are going to know how well we are sleeping, whether we are depressed or not, and how sustainable or green we are
You probably have many questions about this simple statement:
How did we get here?
How do these technologies work?
What will this all mean for you and for society? And given the title of my talk, what will this all mean for privacy?
Let’s start with the first question, how did we get here?
https://commons.wikimedia.org/wiki/File:Dell_Desktop_Computer_in_school_classroom.jpg
About 30 years ago, computers were primarily large boxes that came with a monitor, keyboard, and mouse
Emphasis is on large here, really takes up the entire desk
You could also only get computers in one color:ugly
Today, computers come in all kinds of form factors
Smartphones, tablets, glasses, cars, watches, clothes, fitness trackers, health monitoring devices, parking meters, electronic locks, smart mirrors, drones, and yes, even smart toilets.
All of these smart devices are part of the third big wave of computing.
The first wave focused on computation, making the basics of computing work.
The second wave centered on networking, connecting all of these computers together in a global network.
The third wave, of which we are in the early stages, looks at making computers part of the physical world in which we live. Computation and communication are being embedded into everyday objects.
All of this is possible because of shifts in the costs and capabilities of technology.
What will this world be like?
Will just focus on smartphones for now, since they are the most pervasive devices we have today
Representative of many of the problems and opportunities we will be grappling with in the future
Smartphones are everywhere
http://marketingland.com/report-us-smartphone-penetration-now-75-percent-117746
http://www.pewinternet.org/fact-sheets/mobile-technology-fact-sheet/
http://www.androidauthority.com/google-play-store-vs-the-apple-app-store-601836/
These devices are also incredibly intimate, perhaps the most intimate computing devices we’ve ever created.
From Pew Internet and Cisco 2012 study
Main stats on this page are from:
http://www.cisco.com/c/en/us/solutions/enterprise/connected-world-technology-report/index.html#~2012
Additional stats about mobile phones:
http://www.pewinternet.org/fact-sheets/mobile-technology-fact-sheet/
-----------------------
What’s also interesting are trends in how people use these smartphones
http://blog.sciencecreative.com/2011/03/16/the-authentic-online-marketer/
http://www.generationalinsights.com/millennials-addicted-to-their-smartphones-some-suffer-nomophobia/
In fact, Millennials don’t just sleep with their smartphones. 75% use them in bed before going to sleep and 90% check them again first thing in the morning. Half use them while eating and third use them in the bathroom. A third check them every half hour. Another fifth check them every ten minutes. A quarter of them check them so frequently that they lose count.
http://www.androidtapp.com/how-simple-is-your-smartphone-to-use-funny-videos/
Pew Research Center
Around 83 percent of those 18- to 29-year-olds sleep with their cell phones within reach.
http://persquaremile.com/category/suburbia/
From Cisco report
Also from Cisco report
But it’s not just the devices that are intimate, the data is also intimate.
Location, call logs, SMS, pics, more
A grand challenge for computer science
http://www.flickr.com/photos/robby_van_moor/478725670/
https://newyork.cbslocal.com/2018/04/24/china-assigns-every-citizen-a-social-credit-score-to-identify-who-is-and-isnt-trustworthy/
https://www.wired.co.uk/article/china-social-credit-system-explained
deductions for bad behaviour like traffic violations
add points for good behaviour such as donating to charity
Facial recognition is used to spot jaywalkers / how much time they spend playing video games
"not qualified" to buy a plane ticket, and banned from travelling some train lines, buying property, or taking out a loan
Pressure sensor too
Pressure sensor too
Let me convey to you the intuition behind how we transform low level sensor data into higher level activities
Here is an example of sensor data from a participant’s smartphone
Autonomous
Capable of independent thought, decision making
Experience compassion and love, or anger and revenge
This is closer to what the state of the art for Artificial Intelligence is
This was considered a major breakthrough a few years ago
Object detection and identification in images
https://research.googleblog.com/2014/09/building-deeper-understanding-of-images.html
Captioning images. Note the errors. See the “cat” on the bottom
http://cs.stanford.edu/people/karpathy/deepimagesent/
When you have razor thin margins, anything that improve things will be adopted
0.1% based on our paper Why People Hate Your App
Grade 12.5
About 10 min to read
So based on Lorrie and Aleecia’s work, it will take 25 full days to read all privacy policies of all web sites
But this assumes people read it
Rationale behavior not to read privacy policies: we want to use the service, painful to read, clear cost but unclear benefit
Like literacy or civil rights, every generation will have to face this issue, will have to invest in addressing these issues
https://www.flickr.com/photos/johnivara/536856713
https://creativecommons.org/licenses/by-nc-nd/2.0/
I want to wrap up by taking a big step back and looking at the big picture.
Today, we are at a crossroads. There is only one time in human history when a global network of computers is created, and that time is now. And there is only one time in human history when computation, communication, and sensing is woven into our everyday world, and that time is now. We’re already in the early stages of IoT. And it will offer tremendous benefits to society in terms of safety, sustainability, transportation, health care, and more, but only if we can address the real privacy problems that these same technologies pose. So I’ll end with a question for you to consider:
https://www.flickr.com/photos/johnivara/536856713
https://creativecommons.org/licenses/by-nc-nd/2.0/
Today, we are at a crossroads. There is only one time in human history when a global network of computers is created, and that time is now. And there is only one time in human history when computation, communication, and sensing is woven into our everyday world, and that time is now. Now, I’ve avoided using the term Internet of Things because as you may remember from yesterday, I don’t really like the term. But regardless of what it’s called, it’s coming, and coming soon. And it will offer tremendous benefits to society in terms of safety, sustainability, transportation, health care, and more, but only if we can address the real privacy problems that these same technologies pose. So I’ll end with a question for you to consider:
While IoT is often talked about as a single monolithic concept, it is more useful to think of it as a three-tier pyramid. Each tier represents a different class of device, based on the computational power of the device, as well as the amount of interaction and attention a person needs to devote to each device. Each tier also poses different kinds of security challenges due to the nature of the devices in that tier.
At the top of the pyramid are devices with a great deal computational heft, rich sensing capabilities, fast networking, long battery life, and high interactivity. These devices will be highly personal and be what people typically think of as computers. Example devices here include laptops, smart glasses, tablets, smartphones, and gaming devices. Each person will only have a few of these devices but will also spend a lot of time with them. Most of these devices will have common operating systems, can run third-party software, and will be manufactured by large corporations with a great deal of experience in developing secure software.
In the middle are devices that offer basic interactivity, such as TVs, smart watches, refrigerators, thermostats, electronic whiteboards, cable boxes, and interactive toys. Some of these devices will have advanced sensing and computing capabilities, but the key characteristic here is that people will only use these devices at most a few times a day, and they will also only require a little bit of their attention to use. There will also be greater diversity here in terms of manufacturers, operating systems, and software development experience.
At the bottom of the pyramid there will be hundreds of devices per person, each of which lie far in the background of our attention. These might include RFID-enabled ID cards and badges, clothes, HVAC, digital lightbulbs, smart toilets, smart meters, security systems, implanted medical devices, digital picture frames, cheap environmental sensors, electronic locks, and more. Most of these devices will be embedded or situated in homes, buildings, and public places. Devices in this tier will have very little computational resources, basic sensing, few (if any) software capabilities, and a wide range of software and operating systems. Many of the manufacturers of devices in this tier will also have little experience in developing reliable software and pushing out updates.
The sheer number of these devices will make what would ordinarily be trivial tasks into significant challenges. For example, configuring a security policy for a single device is tractable. Configuring a security policy for hundreds of devices, each of which has a different user interface, is not. Similarly, it is easy to have unique passwords for a few devices, but less so for a house or building full of devices, many of which do not even have keyboard input or displays. It is also easy to physically lock down a few computers to prevent
them from being stolen, but it is very difficult to do the same for large numbers of IoT devices. Even worse, many of these IoT devices can be easily lost or stolen due to their small size, or even tampered with to send back fake data.
Screenshot from Sep 11 2017
Example of a webcam type that likely has well-known password (admin / admin)
Note that shodan reports tens of thousands of these
Your blood glucose monitor doesn’t need to contact Facebook (or at least I hope it won’t)
Proximity: might be NFC, Bluetooth, makes attack much harder to scale
The diversity of these devices will make it hard for any single cybersecurity approach to dominate. First, the vast majority of IoT devices will be those at the bottom of the pyramid, having very little CPU processing power and limited battery life. Devices like digital light bulbs will not be able to run conventional encryption algorithms or security software. Second, there will be hundreds of IoT manufacturers all using different kinds of operating systems, different kinds of wireless networking (Zigbee, Z-Wave, Bluetooth, Wi-Fi), different kinds of configuration software, and different kinds of formats for access logs. The upshot is that compatibility and interoperability will be extremely difficult in the near future.
The sheer number of these
devices will make what would ordinarily be trivial
tasks into significant challenges. For example,
configuring a security policy for a single device is
tractable. Configuring a security policy for hundreds
of devices, each of which has a different user
interface, is not. Similarly, it is easy to have unique
passwords for a few devices, but less so for a house
or building full of devices, many of which do not
even have keyboard input or displays. It is also easy
to physically lock down a few computers to prevent
them from being stolen, but it is very difficult to
do the same for large numbers of IoT devices. Even
worse, many of these IoT devices can be easily lost
or stolen due to their small size, or even tampered
with to send back fake data.
This was as of Sep 2017
Ex. Operating system support, what are ways of making things secure by default, make the easy path the safe path
Image from wired.com
A friend told me that a person once annoyed a bunch of people wearing Google Glass by shouting out “Ok Glass, take a picture,” causing everyone’s wearable to take a picture.
In my first year teaching at CMU, I taught a project-based capstone course. I met with students in their lab space every week, and it wasn’t until the last week of class that they incidentally mentioned that we had been streaming on the Internet the entire semester. There was a small webcam that I had never noticed.
air-temperature, humidity, pressure, a 6-axis IMU, a 3 axis magnetometer, a AMG8833 grid eye sensor (a PIR sensor array), an ambient light and color sensor, a PIR sensor, and a wirewound inductor for EMI sensing
Better programming abstractions
Ex. app only needs “loudness” vs raw microphone
Make it easier for devs to get the data they want, but also make it easier to check
See privacystreams.github.io