Categories
Civil liberties Crime English Culture HEALTH internet Mobile Communications Politics privacy Science Security Society Technology Telecommunications Transport Vehicle Safety Wearable Technology Work

The Internet of Things – Friend or Foe?

Who likes history? If you do, then I invite you to take a little journey with me…

Cast your mind back to the early 1990s.

If you were one of the 10% of the UK population that possessed a cell-phone at that time, then you may well have owned one of these – a Nokia 1610.

The Nokia 1610 Cellular Telephone

It was a simple device – able to make and receive telephone calls, and send and receive text (SMS) messages. I was using this model of phone back then, and at the time it was regarded as one of the top phones available.

It had a tiny screen by today’s standards, and was quite bulky. The antenna, whilst small, was still an intrusion, and would often malevolently jam the phone into my pocket.

In 1996, 27% of the UK population owned a PC (In 2017, 88% of us had a computer at home). Mine was a Packard Bell desktop system that I bought from the now-vanished Dixons.

Packard Bell – The workhorse for the British Public in the mid 1990s, Bought from Dixons, long since gone from our High Streets.

I can’t remember how much the system cost me, but I do remember that I was entitled to a Freeserve email account, which I used for a good few years before moving over to web-based systems such as Outlook, Google or more recently Imail.

My home set-up was ludicrously simple. No passwords, or hunting for that elusive Wi-Fi router.

Just plug the Modem into the network port on the PC, plug the other end into the phone line using an adapter, and the system was ready for use.

Old-School. A dial up modem – Looked cool with flashing lights and that wonderful connection sound

Getting onto the internet though, was a whole different matter. This was the heady days of Dial-Up Internet.

Simply open the web browser, and hit the connect button. The auto-dialler inside the PC would dial the number for the Internet Service Provider, and once connected, you would have been treated to the squeals and squawks of the computers setting up the connection.

Ahh, Yes, I remember something similar!


Once connected, the upload and download speeds were truly awful. I well remember downloading a detailed photograph. It appeared line by line, and eventually, after five minutes or so, I got bored with waiting and went downstairs to make a cup of tea. I came back twenty minutes later – and it was still not finished.

Today, with fibre broadband, images appear almost instantaneously!

The internet was pretty simple too. Basic browsers that contained a multitude of adverts, and rather unsophisticated email. Shopping online was in its infancy – eBay had only been started in 1995.

So, the interconnected world really consisted of a computer, hard wired to a modem, and the embryonic world wide web.

The only real risk attached to surfing the web, was that of unwittingly downloading malicious software (malware) or computer virus.

The first computer virus was designed in the early 1970s. It was created as part of a research programme conducted by BBN Technologies in the USA.

Researcher Bob Thomas designed the programme to be self-replicating and was targeted at DEC computers that shared the ARPANET network. This virus was called Creeper.

Bob and his team then designed a programme called Reaper which, once released into the ARPANET, hunted out the infected machines, and then killed the virus by deleting it.

Obviously, breaking into computers was seen as a target of opportunity to the less honest members of society, and viruses started appearing more frequently.

Some were just mischievous, such as the Elk Cloner virus (written by a ninth grader in a Pittsburgh High School in 1981) which upon its 50th opening would display a poem, the first line of which was “Elk Cloner: The program with a personality.”

Others were more malevolent, and were designed to either destroy records and data from the infected computer, steal personal data, record website access passwords and log keystrokes. Ransomware enables the attacker to hijack a computer, and then demand payment to unlock the machine.

The resulting loss of public confidence saw the arrival of cyber-security, specialist organisations that analysed the emerging viruses, worms, trojans and malware and wrote anti-virus software, which could be loaded onto a computer and which could then subsequently scan it for infection and quarantine any suspect viruses into a part of the disc not readily accessible by the user, or by the system.

Fast-forward to 2021.

The internet has evolved – and BOY has it developed! If you are privileged enough to live in a developed country, you may already be using fibre-optic broadband, offering speeds of up to 1 Gigabit per second.

According to recent UK survey Hyperoptic offer a 1GB service for an introductory offer of £45.00 per month!


This is jaw-droppingly fast. To put it into perspective, it would have taken about 3.5 days to download a 4K film (about 2GB) using a 56kbit dial up service.

My previous broadband was copper-wire based, and the fastest speed I ever achieved for a download was 8Mb/sec – and that same 4K film would have been delivered to me in 35 minutes.

My latest broadband is totally optical and is Fibre-to-the-Premises (FTTP) and my download speed is a minimum of 71Mb/sec – that 4K movie is now mine in about 4 minutes.

One of the major advantages of broadband, is that unlike a dial up service, the system is “always on”. The old modem has been replaced with a router, which essentially does the same job, but additionally acts as a network hub, through which multiple devices may be connected simultaneously.

BT Hub – A home router, Wi-Fi enabled, with 2GHz and 5GHz Channels

Whilst is it possible to connect equipment to the router using a network cable, most routers offer Wi-Fi connection, and this allows several Wi-Fi/internet-enabled devices to connect to the internet simultaneously.

With a sufficiently fast connection, it is possible for SWMBO to watch a movie on Netflix, whilst I catch up with a friend on a video call, or listen to the internet radio.

Why am I rambling on about this?

Well, technological advances never stop, and there is much publicity about the new 5G (5th generation communications network) which will increase the speed and capacity of the internet even further.

In my previous article, “Who is Driving YOUR Car?” I explored the embryonic Intelligent Transport System, which relies on internet-enabled vehicles and sensors in the fixed transport network, communicating with each other to provide optimised traffic flows and traffic safety management.

This is only made possible with 5G communications and ultra-fast internet systems, and the Internet of Things (IoT)

The Internet of Things is the medium through which our emerging “Smart Society” will operate.

In essence, the IoT consists of items that have the capability to connect to the internet, and communicate and exchange data with other similarly enabled things. These “things” may have sensors, software and other systems to support their intended purposes.

It could be a device as simple as a smart lightbulb that is able to be activated by a smart assistant such as Alexa or Siri, or from a suitably equipped smartphone – located perhaps many miles away.

Such items are already used in intelligent Building Management and Control systems, which employ an array of interconnected sensors to monitor heat and humidity, occupancy levels, lighting, lifts (Elevators for my US readers 😁) and security within a building.

Intelligent Healthcare uses the IoT to monitor medical data such as cardiac performance and blood pressure, or blood glucose levels. This enables improved management of an individual’s medical conditions. Significant research is being conducted in this area, and there are already several emerging disciplines and specialities.

The Internet of Things is also used in industry and manufacturing, to monitor and control processes – making use of internet-enabled sensors.

We are now seeing “Smart Homes” being built, which use the same type of Wi-Fi-connected IoT devices to control home environmental systems.

Smart Home hub

I imagine that a fair percentage of you may well be protecting your property with Closed Circuit TV Cameras. It’s probable that most of these cameras will be Wi-Fi-connected to your home broadband – and from there out onto the web.

A Wi-Fi enabled Internet CCTV Camera – A hackers back door into your systems? Photo ©Mark Charlwood

Maybe some of you will have an App on your smartphone or tablet that enables you to remotely view the camera feeds.

Smart speakers such as Amazon’s Alexa, Apple’s Homepod and Google’s Home are wirelessly connected to home networks, and are continuously monitoring their environment for their wake-up command (such as “Alexa”)

Smart doorbells enable us to see who is at the front door using integral video cameras and transmitting the footage over the internet via the home router and to an app on a smart phone.

Smart appliances, such as Samsung’s Smart Refrigerator now offer us the ability to manage our food.

Smart Fridge – Whatever Next?

An internal camera within the fridge compartment enables the user to view the contents by using a smart phone. The system will also monitor food expiry dates, without the door being opened, thus saving power.

Some models also enable groceries to be ordered via the fridge – a rather redundant feature in my opinion, as you can order your groceries online from your phone, tablet, laptop or PC.

Or, for the truly bold and adventurous – take a risk, and actually go into a shop and buy your groceries.

A large LCD screen is provided in order to display a family calendar, and if you really haven’t got enough tech in your home, it’s also fitted with a 5W Stereo sound system to play your favourite music tracks.

Poor Alexa… She may feel quite outranked by the domestic white goods!

Smart Washing machines are able to connect to the home network, and may be controlled remotely using an app, and are able to automatically sense loads, apply the correct dose of detergent, and add the optimal amount of water.

On some models, the best programme for the laundry load may be selected by filling in a few pieces of information on the app.

I’m sure it won’t be long before your garments will be fitted with a passive RFID tag, or a label barcode, and the machine will scan the items as they are loaded, and then set the correct wash programme.

Should an item that is not compatible with other items in the load be added inadvertently then the machine will inhibit the washing cycle from starting until the guilty culprit is removed.

No more business shirts stained girlie pink then!

Result!

As a society, we are all used to smart watches, and fitness trackers, (which all fall within the scope of wearable technology) and have become very complacent about the interconnectivity with our other tech.

And this is where the real problem lies…

Security MUST be one of your top priorities these days. I have removed my profile permanently from Facebook, as the platform discretely harvests everything I “like” and every comment I make. My preferences and personal data are then sold to other organisations, without my permission and regardless of the ethics involved.

Think about why Google and Facebook are free! There really is no such thing as a free lunch.

Most of you will already be protecting your data and PC behind an encrypted firewall, with passwords, multi-factor authentication, and PIN codes. In all probability, you will be paying for some kind of anti-virus protection which will (hopefully) prevent your data from being compromised.

The IoT makes this a lot more difficult.

The processing power inside some of the connected devices, and to an extent, their size may well prevent them from having all but the most basic of security protection – if any.

The CCTV you bought to protect your home may well be being used by the manufacturer, or a malicious hacker to access a backdoor into your router, from where it can monitor data passing up and down your comms link.


So, all of these innocent devices are hooked to the web via your router.

Lots of individuals I know never both changing the default password supplied with their devices, and will happily discuss bank details, finances, and other personal details within “earshot” of their smart speaker.

So, nasty hacker chap decides to wage an attack on his ex-employer. By harnessing the combined IoT devices of many households, and requiring all of them to connect simultaneously to the target company’s website will cause it to crash.

This is an extreme example of a Distributed Denial of Service Attack (DDoS), where innocent PCs and devices are hijacked to overload the target’s website.

Many large and respected companies have been attacked in this manner, despite having the financial clout and technical expertise to surround themselves with multiple layers of digital security.

In 2017, Google came under a sustained DDoS attack, originating from China, which, according to Google, lasted for up to six months.

In 2020, Amazon Web Services (AWB) was taken down for three days following a similar, yet more sophisticated attack.

Internet security expert Brian Krebs was attacked in 2016, when his website was assaulted by the Mirai botnet, executed by about 600,000 compromised and suborned Internet of Things – such as Internet CCTV cameras, home routers, and other simple IoT devices.

This may be the tip of the iceberg.

Cisco, the internet systems company predicted in its annual report (2018-2023) that sophisticated DDoS attacks will double from the 7.9 million in 2018 to 14.5 million in 2022.

Now the truly chilling bit…

In our increasingly technological world, we rely on the internet in so many ways – from grocery shopping to building control, from home banking to healthcare. Connected vehicles – not just cars, but ships, aircraft, tankers, trains.

As I have said, many of these devices are so simple and un-assuming, that we don’t regard them as a potential threat.

That simple fitness tracker that you wear all the time. The silly old fridge, just sitting there in your kitchen, keeping your food safe and edible. The CCTV that you use to monitor your car in the drive.

The ease and convenience with which you access your bank to pay a bill. The ability to have a video call with your dear old Mum from miles away.

And yet, in the stygian, gloomy murk of the deep, dark web, there lurk hackers, thieves, and criminals. Hackers who are willing to mount cyber-attacks from as little as 7.00 US$ per hour.

Foreign states, and terrorist organisations that are willing – and able – to hijack your IoT devices to wage an attack on society.

Imagine, if you dare – a world where the bad guys can hack into your car, and disable the brakes.

A world in which someone can access your pacemaker, and shut it down…unless you pay a ransom.

A world in which a hacker can eavesdrop on your home, and record everything that you say and do, and record everything about you?

It’s not as far-fetched and dystopian a reality as you think!

Go Well!

Categories
Civil liberties Crime English Culture Politics privacy Science Security Society Technology Uncategorized

Let Your Body do the Talking?

The morning outside is gloomy and damp, and I am enjoying my morning cuppa.

I have just finished setting up my new bank account.

Having been with my previous bank for 36 years, I thought that it was time for a change, especially as my old bank had consistently ripped me off over decades. Some of my money has been returned with a successful PPI claim, and now I am £175.00 better off, having switched my personal current account (Thanks Martin Lewis’s Money Saving Expert!) and have kicked the holder of the sign of the black horse out of my life. Now I just have one more account to move…

Happy Days.

So, there I was, on the phone setting up my new account, when the automated system requested whether I would like to set up voice recognition to ease access to my account.

I accepted, as I know that my voiceprint is as unique to me as my fingerprints, or my facial biometric data.

It then struck me how much of my unique personal data is in the hands and care of a commercial organisation.

This got me thinking.

I have an E-Passport, which contains all of my facial biometric data. I access some of my personal electronic devices with my thumb print, or, in the case of my new phone, through facial recognition and a pin number.

65DC67F4-7261-4E63-B6C4-63214E910452

This in itself is a little spooky, but at least the choice is mine to make.

I accept that Her Majesty’s Government will assume a full duty of care if they release my data, but with commercial organisations, maybe based overseas that may be more difficult to assume.

Since the development of Facial Recognition in the mid 1969s, it has become much more prevalent, and is found all over the world, including Great Britain.

China is now using facial recognition to constantly monitor its citizens, and the collected and identifiable data is being used to prosecute individuals for even minor misdemeanours such as Jay walking[1]. This allows “behavioural scoring” and may be used to grade and rank citizens on their perceived support of the government.

CF94E21E-3848-4B11-A4F9-4200BADE02E5_4_5005_c

Luckily, or not, depending on your persuasion, facial recognition does have a weakness. It requires capturing a clear image of a face before the system’s algorithms can plot the data, and compare it with images held in its database.

This weakness is being exploited. In Japan, a university has designed a pair of anti-facial-recognition glasses[2], which, when worn, emit a sea of Infra-Red light over the wearer’s face. This disrupts image capture, and results in the camera only “seeing” a blurred image.

There is also a mask available which is designed with multi-faceted angles and patterns that disrupt the received image, again, leading to blurred images.

If you thought that the potential for a dystopian disaster ended with facial recognition technology, there is more over the horizon.

As artificial intelligence develops, we may see an integration of facial recognition with emotion recognition technology, laying wide open an interpretation of our deepest innermost workings.

Currently Emotional Recognition technology is in its infancy, and there is as yet little evidence that shows a reliable and consistent interpretation of the emotional state of an individual, but this will change as AI develops further.

So – if we cover our faces, or wear IR spectacles, we will be able to fool the cameras, and go about our daily business without the state, or, other more sinister organisations tracking our every move and emotion.

Sadly, the answer is no.

Please welcome Gait Recognition Technology!

Gait recognition is another unique human characteristic. The way we walk, hold our body, and our profile and posture are as individual as a fingerprint – and it doesn’t need to capture a facial image.

Anyone like to guess where this technology is being developed?

Whoever muttered “China”, take an extra 10 points.

Yes, a Chinese start-up called Watrix has already developed a system that can identify an individual from up to 50m (165 feet) away, regardless of whether they are facing the camera.

According to the company, the system can’t even be fooled by an individual adopting a limp, walking with splayed feet, or deliberately hunching or distorting their body as they walk.

This is made possible because the system analyses multiple features from all over an individual’s body.

Currently, due to system limitations, real-time gait analysis and confirmation of an individual’s identity is not possible.

Gait analysis requires video footage of the target, which allows the analytical software to process and store the individual’s way of walking.

Currently, video footage has to be uploaded into the system, and then analysed, a process that takes about 10 minutes to assess 60 minutes of video.

In due course, the processing requirements will improve to the point that real-time identification is possible.

According to Watrix, the system has a 94.1% accuracy rating, which is quite acceptable for commercial use.

No doubt this will also improve.

Meanwhile, governments in many societies are realising the dangers of uncontrolled use of personal data.

The EU has recently banned the use of facial recognition for three to five years to enable an assessment of the impacts of this technology and possible risk management measures that could be identified and developed[3]

In the USA, larger cities, and even states are banning the use of Facial Recognition.

San Francisco banned it in May 2019, and later in 2019, Oakland followed suit, as did Somerville in Massachusetts, with Portland Oregon likely to follow suit.

But despite the EU-wide moratorium on the use of this technology, (and the fact that we are still, until 31st January a member of the EU) the Metropolitan Police have gone ahead with a project to use Facial Recognition.

It appears that under the EU/UK’s data protection law, GDPR, it forbids facial recognition by private companies “in a surveillance context without member states actively legislating an exemption into the law using their powers to derogate.”

It’s interesting to see that the system being used by London’s Met Police is subcontracted out to NEC, which, as far as I am aware is not only a private company, but also a foreign one.

Obviously, there are pros and cons to having some form of surveillance, and some sacrifices have to be made to ensure the safety and security of the public, but is this a bridge to far?

Only you can decide…

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

https://www.met.police.uk/live-facial-recognition-trial/

https://sciencebusiness.net/news/eu-makes-move-ban-use-facial-recognition-systems

 

[1] The Atlantic – Editorial Article

[2] The Daily Mail – Anti Facial Recognition Glasses Article

[3] Science Business – EU to ban Facial Recognition

Categories
Civil liberties internet privacy Society

The Internet of Things – Sinister Threat, or Powerful Friend?

Ask most people what they understand by the term “Internet”, and the majority will respond by explaining that the World Wide Web is accessed on their laptop computers, tablets, or smart phones to enable them to shop, communicate, and maybe conduct some research for business or educational purposes.

The expression “internet-enabled” is casually bandied about, referring to maybe a camera that will download photos automatically to a social networking site via the internet.

At the moment people access the internet, using a fixed dedicated interface device such as a desktop PC, Laptop, or smart phone.

However, the exclusive status is about to change, as more and more “inanimate” objects are being Internet enabled, becoming what is known as Ambient Intelligence.

The humble fridge in your kitchen may soon be able to assess stock levels, and reorder supplies when a preset level is detected. The vacuum cleaner may soon be able to communicate with a centralised home computer to decide which rooms require cleaning, and in what priority.

Your shopping basket may soon be enabled, and will monitor what products you are buying, and may look at patterns – maybe you are buying unhealthy food combinations, and may then upload this data to your medical centre, where your Doctor may be able to assess your diet.

Maybe government departments will monitor your spending habits to see if you are buying things that when used in combination may be dangerous.

Checking care labels on articles of clothing before loading the washing machine may soon become a thing of the past, as the item will have a microchip woven into the fabric which will communicate to the washing machine the required cleaning programme.

Already home management systems are on the market that enables a multitude of tasks to be automatically conducted with many of the functions being controlled remotely using a smart phone or a tablet computer, via the Internet.

The development of the Radio Frequency Identity Device (RFID) tag has had a profound and dramatic effect on the way we live our lives.

Initially developed for stock control and security purposes, this small chip may be programmed with a unique code that is associated with a particular product. The chip is passive, and will activate and transmit its code when interrogated by a reader device.

Stock may then be tracked within a warehouse, on board transport, and ultimately into the supermarket. It may be tracked again at checkout, and once paid for may be deleted from the system.

The same technology is used in bank cards, credit cards, Identity Cards, and documents such as passports and official documents.

If this technology is taken a step further, RFIDs may be attached to small inert chips, and placed under the skin of animals, and ultimately even human beings.

Even more chilling is the development of the Internet for security and control purposes. In the past, Governments had fairly limited means at their disposal to monitor its citizens.

Closed Circuit Television Cameras have been in use for decades, but have always relied upon human operators to monitor the captured film. Up until recently, the UK had the greatest number of cameras per capita than anywhere else in the world.

However, that is all about to change, and not necessarily for the better. The new Chinese city of Shenzhen already has a network of over 200,00 cameras monitoring its population of 12.4 million. Over the next few years, this is expected to increase to about two million.

In itself, this may not be so alarming, but when coupled with biometric data and RFID chip technology, this will enable a whole new concept in government control, and state intervention into private lives.

Facial recognition software has now been developed to the extent that it’s possible for computers to not only recognise an individual face, but also to interpret the mood or emotional state of the individual.

The covert monitoring of an individual’s body language and emotional state may be conducted by government agencies, and uploaded to powerful computers. Behavioural algorithms will analyse the data, and appropriate measures may be taken I. The event that adverse behaviour is detected.

This has both positive and negative aspects. A severely depressed individual, contemplating suicide by jumping off a bridge will naturally display strong emotional and physiological signals, which would be detected, enabling trained paramedics to be called to assist.

An individual contemplating criminal activity will also display behavioural markers that will trigger police officers to atend the scene.

However, what of the innocent individual who may be bored, mildly intoxicated, or awaiting a romantic liaison? They too may be targeted for intervention at some level.

In future, it may be possible for your local supermarket to monitor your internet enabled shopping trolley, and capture your facial image at the check out. The image may then be stored in a database containing your shopping profile.

It would then be possible for a network of cameras located in public places to recognise your image as you go about your daily business, and using your stored shopping preferences, display personally targeted advertisements on screens located, for example, on bus shelters, or mounted on the walls of buildings.

Individuals with medical conditions could be monitored effectively without the need for attending clinics at hospitals. Imagine if a pacemaker could monitor the state of a patients heart, and uplink real time data to a medical team. Early detection of a problem could result in the patient being called in for treatment before the condition becomes life threatening.

We have all become quite blasé about the internet, but it is very much a double edged sword. Used intelligently, and in a benign and sensitive way, it can improve the lives of everyone, empowering them to live a better quality of life.

Unscrupulous use of the internet by state governments for controlling the population leads to the undeniably sinister erosion of personal freedom.

Big Brother is out there – just waiting for the right moment to step in and take over our lives completely.

It is up to us, the general public to remain aware of the risks, and not allow ourselves to sleepwalk into computer controlled servitude.

You decide.

Mark Charlwood
17/06/2014

Mark Charlwood MSc reserves the intellectual copyright to this work. Re publication of this work is prohibited without seeking permission.