 |
 |
Dre++ OMG, I am so disconnecting my Aibo from the internet. I love the Compuserve of things… http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml Cary > On Mar 31, 2016, at 6:40 AM, Andreas Orphanides <[log in to unmask]> wrote: > > I'm not a technofuturist of any sort, so maybe I'm the wrong person to be > commenting on IoT (or maybe I'm exactly the right person)... but stuff in > IoT land is going to get utterly horrible before it gets good. I'd argue > that it might already be horrible, but it just doesn't have the penetration > to be fully recognized. > > Object lessons: > > - Your Jeep can be hacked so that someone can remotely disable the > brakes, thanks to crappy wifi. [1] > - Your smart refrigerator leaks your gmail credentials. [2] > - Your lightbulbs expose you to drive-by packet sniffing. [3] > - Your internet-enabled wine decanter requires you to use > vendor-provided wine bottle cartridges [4] > > There's a number of overlapping problems here > > - the "Compuserve of Things" issue [5], where every eager vendor is > going to try to lock users out of competitors' products [6] > - the expansion of this problem, which is that corporations will be > tempted to use the power of embedded computing to maximize profit [7] > - a more general "Internet of Sh*t" problem [8], where the security > ramifications of network-enabling devices is not fully realized and exposes > users to all kinds of horrors. (As someone aptly put it: open network ports > are like mucous membranes -- important for certain functions, but you don't > want more of them exposed than necessary.) > > Now all of these problems can be solved, but I am not convinced that they > will, unless and until things get particularly nasty: specifically, the > commercial enterprises doing IoT stuff don't have a motive to make things > better until it starts actually costing them money. > > What can libraries do about this? I don't know. Pushing for open standards > helps. Implementing open standards helps. Practicing good security in IoT > certainly helps. I do think that "Just because you can, it doesn't mean you > should" is not a bad starting point, especially if we model stepping > through the right risk analyses and security practices as we develop IoT in > libraries. > > For now, I prefer to stick with Adama's Law: "If it can kill you, don't > connect it to the network." > > > [1] http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ > [2] http://www.theregister.co.uk/2015/08/24/smart_fridge_security_fubar/ > [3] > http://arstechnica.com/security/2014/07/crypto-weakness-in-smart-led-lightbulbs-exposes-wi-fi-passwords/ > [4] > http://www.independent.co.uk/life-style/gadgets-and-tech/news/kuvee-smart-wine-bottle-screen-internet-indiegogo-a6958751.html > [5] http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml > [6] http://www.digitaltrends.com/home/philips-hue-bridge-firmware-update/ > [7] http://ieet.org/index.php/IEET/more/rinesi20150925 > [8] https://twitter.com/internetofshit?lang=en > > On Thu, Mar 31, 2016 at 8:29 AM, Andrew Anderson <[log in to unmask]> wrote: > >> For those who were not previously aware of IoT, here’s a primer focused >> specifically on the library space: >> >> >> https://www.oclc.org/publications/nextspace/articles/issue24/librariesandtheinternetofthings.en.html >> >> IMHO this is still a very young concept, and not even fully imagined yet, >> so there is no reason to feel like you’ve missed the boat, when the ship >> hasn’t even reached the dock yet. >> >> -- >> Andrew Anderson, President & CEO, Library and Information Resources >> Network, Inc. >> http://www.lirn.net/ | http://www.twitter.com/LIRNnotes | >> http://www.facebook.com/LIRNnotes >> >> On Mar 30, 2016, at 22:16, Lesli M <[log in to unmask]> wrote: >> >>> I feel compelled to pipe up about the comment "Very sad that a librarian >> didn't know what it was." >>> >>> Librarians come in all flavors and varieties. Until I worked in a >> medical library, I had no idea what a systematic review was. I had no idea >> there was a variety of librarian called "clinical librarian." >>> >>> Do you know the hot new interest for law libraries? Medical libraries? >> Science libraries? >>> >>> The IoT is a specific area of interest. Just like every other special >> interest out there. >>> >>> Is it really justified to expect all librarians of all flavors and >> varieties to know this very tech-ish thing called IoT? >>> >>> Lesli >>