Ákos Csertán, profile picture
Uploaded byÁkos Csertán
514 views

The (in)security of things

This document summarizes privacy and security considerations related to Internet of Things (IoT) devices and wearables. It notes that IoT devices collect a large amount of user data, which can be valuable but also creepy if used or stolen improperly. It advocates for a privacy by design approach where security and privacy are embedded in products from the start through practices like data proportionality, privacy as the default, end-to-end security, and transparency to build user trust.

Technology
Related topics:
Internet of Things

Embed presentation

THE (IN)SECURITY OF THINGS Privacy and security considerations of IoT and wearables CSERTÁN ÁKOS, I&I MEETUP, BUDAPEST 2015
HELLO! + I’m a psychologist + No, I don’t know what you are thinking about right now + I’m a UX Designer + All my pictures look awful
”COMPLETE DAILY CHALLANGES” ”SEE HOW MANY EGGS YOU’VE GOT” ”STAY CONNECTED WITH LAUNDRY CHORES” ”MONITOR YOUR PROPANE SUPPLY” ”EAT SLOWLY”
YOU SHARE A LOOOOOT OF DATA
YOU SHARE A LOOOOOT OF DATA
DATA IS VALUABLE REMEMBER TARGET, RIGHT?
AND SOMETIMES REALLY CREEPY THE CURLY FRIES CONUNDRUM, ANYONE?
IT’S THE NATURE OF THINGS + Check and set temperature + Check and set temperature + What devices are on the network? + How many people live there? + Is anyone home?
TRUSTING THE WRONG DEVICE… + 8 bit + $5 to buy + $1 to embed + 32 bit + $35 to buy + may be cheaper to embed
…MADE BY THE WRONG PEOPLE… + Small groups of startuppers… + …with no security background or money for consultancy… + …with a huge time-to-market pressure
…WITH THE WRONG DATA
PRIVACY AND SECURITY IS PART OF THE PRODUCT + Security trade-off for usability – NO SUCH THING + Technological security =/= Perception of security + Privacy vs Usability – FAKE DICHOTOMY + Privacy vs Feature development – IT’S CALLED FRAUD, MAN!
DATA PROPORTIONALITY
PRIVACY BY DESIGN A.K.A. A WAY TO STAY OUT OF THE NEWS
PROACTIVE NOT REACTIVE + Anticipate privacy invasive events + Specify the goals for your data collection BEFORE you collect + Minimize data collection, find low-data alternatives
PRIVACY AS THE DEFAULT + Defaults rule by default + Informed consent should be really informed real consent + No action required to secure privacy
EMBEDDED PRIVACY + Part of the products strategy + Part of the design + Part of the architecture
POSITIVE-SUM + No trade-offs necessary + ”Full functionality” includes security and privacy barriers
END-TO-END SECURITY + Strong security measures are the basis of privacy + Security is not just secure storage but secure destruction of data, too
VISIBILITY AND TRANSPARENCY + ToS is neither transparent, nor visible + Trust, but verify
USER-CENTRIC + …or you can also do it just for the money, but, you know. Don’t.
?
! @csertanakos
.

More Related Content

PDF
Cyber Security Dr Sally Ernst
byCissy Ma FCPA GAICD
 
PPTX
Basi per la sicurezza in rete
byAlessandro Colla
 
PPTX
Защита контента от кражи
byМихаил Хохолков
 
PPTX
Gamification in loyalty programs
byÁkos Csertán
 
PPTX
Gamification beyond Gamification
byÁkos Csertán
 
PPT
12s4.mesir.nova.elis
bynovaindriani
 
PPTX
Convexity calls
byBhushan Maskay
 
PDF
Problem Exists Between Photoshop and Chair
byÁkos Csertán
 
Cyber Security Dr Sally Ernst
byCissy Ma FCPA GAICD
 
Basi per la sicurezza in rete
byAlessandro Colla
 
Защита контента от кражи
byМихаил Хохолков
 
Gamification in loyalty programs
byÁkos Csertán
 
Gamification beyond Gamification
byÁkos Csertán
 
12s4.mesir.nova.elis
bynovaindriani
 
Convexity calls
byBhushan Maskay
 
Problem Exists Between Photoshop and Chair
byÁkos Csertán
 

Viewers also liked

PPTX
Axiom: Ensure Trouble-Free Supercapacitor Operation with Proper Component Sel...
byAvnet Electronics Marketing
 
PPT
A day in the life
bygreteeg16
 
PPTX
Bzzwings startups
byBhushan Maskay
 
KEY
L1 d1(changed) (1)
bylingsee
 
PPTX
Street smart
byBhushan Maskay
 
PPTX
Air budget templates 13 14
byTeamglobal_Corporate
 
PPTX
Comparatives
byIsabel Contreras Murillo
 
PDF
Avnet Analyst Day 2010 Presentation 2 Path to Premier
byAvnet Electronics Marketing
 
PDF
Life cycle services_GS-broschure_130312_LR
byJorge I. Villacis Gallo
 
PPTX
Pten Proteins - Molecualr Basis
byLiza Álvarez
 
PDF
Fundamentals of Photovoltaic Solar Technology for Battery Powered Applications
byAvnet Electronics Marketing
 
PDF
Avnet Analyst Day 2010 Presentation 6 Summary
byAvnet Electronics Marketing
 
PPT
Portfolio
byluizhonaiser
 
PPTX
Budget templates 2013 2014 - exports
byTeamglobal_Corporate
 
PDF
Ответственность рекламораспространителя общая 2013
byМихаил Хохолков
 
PPTX
Botswana
byJonas Babravičius
 
Axiom: Ensure Trouble-Free Supercapacitor Operation with Proper Component Sel...
byAvnet Electronics Marketing
 
A day in the life
bygreteeg16
 
Bzzwings startups
byBhushan Maskay
 
L1 d1(changed) (1)
bylingsee
 
Street smart
byBhushan Maskay
 
Air budget templates 13 14
byTeamglobal_Corporate
 
Comparatives
byIsabel Contreras Murillo
 
Avnet Analyst Day 2010 Presentation 2 Path to Premier
byAvnet Electronics Marketing
 
Life cycle services_GS-broschure_130312_LR
byJorge I. Villacis Gallo
 
Pten Proteins - Molecualr Basis
byLiza Álvarez
 
Fundamentals of Photovoltaic Solar Technology for Battery Powered Applications
byAvnet Electronics Marketing
 
Avnet Analyst Day 2010 Presentation 6 Summary
byAvnet Electronics Marketing
 
Portfolio
byluizhonaiser
 
Budget templates 2013 2014 - exports
byTeamglobal_Corporate
 
Ответственность рекламораспространителя общая 2013
byМихаил Хохолков
 
Botswana
byJonas Babravičius
 

Similar to The (in)security of things

PPTX
Privacy and Security in the Internet of Things
byJeff Katz
 
PPTX
Iot privacy vs convenience
byDon Lovett
 
PDF
Designing for Usable Security and Privacy
byCori Faklaris
 
PDF
Internet of Things With Privacy in Mind
byGosia Fraser
 
PPTX
Io t privacy and security considerations
byYves Goeleven
 
PDF
This Time, It’s Personal: Why Security and the IoT Is Different
byJustin Grammens
 
PPTX
Privacy for Mobile Sensing Systems
byJason Hong
 
PDF
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
byCharith Perera
 
PDF
The Architecture of Privacy 1st Edition Courtney Bowman
bykiroslunow74
 
PPTX
Ethics in development of Information Technology
byAnKit Mhatre
 
PDF
New challenges to secure the IoT (with notes)
byCaston Thomas
 
PDF
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
byWSO2
 
PPTX
Presentation on Information Privacy
byPerry Slack
 
PDF
Security, Privacy and the Future Internet
byFraunhofer Institute for Secure Information Technology
 
PPT
Wearing Your Heart On Your Sleeve - Literally!
byBarry Caplin
 
PPT
computer ethics for information technology.ppt
byssuserfdf196
 
PDF
Security And Usability Designing Secure Systems That People Can Use Lorrie Fa...
bytimeogeury
 
PDF
IoT & Privacy; 'By Design' or 'After Design?
byDelft Design for Values Institute
 
PPTX
Designing for Privacy in an Increasingly Public World
byRobert Stribley
 
PDF
Top 5 Privacy and Security Features That Make 2024’s Gadgets Unbeatable
bycivil hospital parasia
 
Privacy and Security in the Internet of Things
byJeff Katz
 
Iot privacy vs convenience
byDon Lovett
 
Designing for Usable Security and Privacy
byCori Faklaris
 
Internet of Things With Privacy in Mind
byGosia Fraser
 
Io t privacy and security considerations
byYves Goeleven
 
This Time, It’s Personal: Why Security and the IoT Is Different
byJustin Grammens
 
Privacy for Mobile Sensing Systems
byJason Hong
 
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
byCharith Perera
 
The Architecture of Privacy 1st Edition Courtney Bowman
bykiroslunow74
 
Ethics in development of Information Technology
byAnKit Mhatre
 
New challenges to secure the IoT (with notes)
byCaston Thomas
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
byWSO2
 
Presentation on Information Privacy
byPerry Slack
 
Security, Privacy and the Future Internet
byFraunhofer Institute for Secure Information Technology
 
Wearing Your Heart On Your Sleeve - Literally!
byBarry Caplin
 
computer ethics for information technology.ppt
byssuserfdf196
 
Security And Usability Designing Secure Systems That People Can Use Lorrie Fa...
bytimeogeury
 
IoT & Privacy; 'By Design' or 'After Design?
byDelft Design for Values Institute
 
Designing for Privacy in an Increasingly Public World
byRobert Stribley
 
Top 5 Privacy and Security Features That Make 2024’s Gadgets Unbeatable
bycivil hospital parasia
 

Recently uploaded

PDF
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
PDF
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PPTX
The Landscape of Computer Software Development Companies
byYash Singh
 
PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
Incident Response Planning with a Foundation Model
byKim Hammar
 
PDF
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
The Landscape of Computer Software Development Companies
byYash Singh
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Incident Response Planning with a Foundation Model
byKim Hammar
 
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
The year in review - MarvelClient in 2025
bypanagenda
 

The (in)security of things

Editor's Notes

  • #9 http://www.pnas.org/content/110/15/5802.full?sid=5284c068-bd43-4031-ac6e-792f6f8a6c99
  • #11 http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/
  • #13 http://www.autoblog.com/2015/02/09/can-darpa-hack-into-a-chevy-impala-through-onstar/