Yeah, I guess I kind of strayed from the theme, but I couldn't pass up the
opportunity to kvetch. That said, as long as libraries are IoT-ing, I think
it's important for them to model "doing it right".
On Thu, Mar 31, 2016 at 10:04 AM, Lisa Rabey <[log in to unmask]>
wrote:
> a. Thank you everyone for your input! I asked this question out of
> curiosity, not for a project / paper / research area (yet). All the
> responses have been brilliant.
> b. #notalllibrarians
> c. I've been made privy the security issues are so big you can drive a Mac
> truck through them, but I'm ignoring them at the moment to see what people
> are doing with the tech.
> c. Andreas, if you haven't seen this before, I think you may enjoy Internet
> of Shit https://twitter.com/internetofshit
>
> "Obviously the best thing to do is put a chip in it."
>
> _lisa
>
>
> On Thu, Mar 31, 2016 at 9:40 AM, Andreas Orphanides <[log in to unmask]>
> wrote:
>
> > I'm not a technofuturist of any sort, so maybe I'm the wrong person to be
> > commenting on IoT (or maybe I'm exactly the right person)... but stuff in
> > IoT land is going to get utterly horrible before it gets good. I'd argue
> > that it might already be horrible, but it just doesn't have the
> penetration
> > to be fully recognized.
> >
> > Object lessons:
> >
> > - Your Jeep can be hacked so that someone can remotely disable the
> > brakes, thanks to crappy wifi. [1]
> > - Your smart refrigerator leaks your gmail credentials. [2]
> > - Your lightbulbs expose you to drive-by packet sniffing. [3]
> > - Your internet-enabled wine decanter requires you to use
> > vendor-provided wine bottle cartridges [4]
> >
> > There's a number of overlapping problems here
> >
> > - the "Compuserve of Things" issue [5], where every eager vendor is
> > going to try to lock users out of competitors' products [6]
> > - the expansion of this problem, which is that corporations will be
> > tempted to use the power of embedded computing to maximize profit [7]
> > - a more general "Internet of Sh*t" problem [8], where the security
> > ramifications of network-enabling devices is not fully realized and
> > exposes
> > users to all kinds of horrors. (As someone aptly put it: open network
> > ports
> > are like mucous membranes -- important for certain functions, but you
> > don't
> > want more of them exposed than necessary.)
> >
> > Now all of these problems can be solved, but I am not convinced that they
> > will, unless and until things get particularly nasty: specifically, the
> > commercial enterprises doing IoT stuff don't have a motive to make things
> > better until it starts actually costing them money.
> >
> > What can libraries do about this? I don't know. Pushing for open
> standards
> > helps. Implementing open standards helps. Practicing good security in IoT
> > certainly helps. I do think that "Just because you can, it doesn't mean
> you
> > should" is not a bad starting point, especially if we model stepping
> > through the right risk analyses and security practices as we develop IoT
> in
> > libraries.
> >
> > For now, I prefer to stick with Adama's Law: "If it can kill you, don't
> > connect it to the network."
> >
> >
> > [1] http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
> > [2] http://www.theregister.co.uk/2015/08/24/smart_fridge_security_fubar/
> > [3]
> >
> >
> http://arstechnica.com/security/2014/07/crypto-weakness-in-smart-led-lightbulbs-exposes-wi-fi-passwords/
> > [4]
> >
> >
> http://www.independent.co.uk/life-style/gadgets-and-tech/news/kuvee-smart-wine-bottle-screen-internet-indiegogo-a6958751.html
> > [5]
> http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml
> > [6]
> http://www.digitaltrends.com/home/philips-hue-bridge-firmware-update/
> > [7] http://ieet.org/index.php/IEET/more/rinesi20150925
> > [8] https://twitter.com/internetofshit?lang=en
> >
> > On Thu, Mar 31, 2016 at 8:29 AM, Andrew Anderson <[log in to unmask]>
> wrote:
> >
> > > For those who were not previously aware of IoT, here’s a primer focused
> > > specifically on the library space:
> > >
> > >
> > >
> >
> https://www.oclc.org/publications/nextspace/articles/issue24/librariesandtheinternetofthings.en.html
> > >
> > > IMHO this is still a very young concept, and not even fully imagined
> yet,
> > > so there is no reason to feel like you’ve missed the boat, when the
> ship
> > > hasn’t even reached the dock yet.
> > >
> > > --
> > > Andrew Anderson, President & CEO, Library and Information Resources
> > > Network, Inc.
> > > http://www.lirn.net/ | http://www.twitter.com/LIRNnotes |
> > > http://www.facebook.com/LIRNnotes
> > >
> > > On Mar 30, 2016, at 22:16, Lesli M <[log in to unmask]> wrote:
> > >
> > > > I feel compelled to pipe up about the comment "Very sad that a
> > librarian
> > > didn't know what it was."
> > > >
> > > > Librarians come in all flavors and varieties. Until I worked in a
> > > medical library, I had no idea what a systematic review was. I had no
> > idea
> > > there was a variety of librarian called "clinical librarian."
> > > >
> > > > Do you know the hot new interest for law libraries? Medical
> libraries?
> > > Science libraries?
> > > >
> > > > The IoT is a specific area of interest. Just like every other special
> > > interest out there.
> > > >
> > > > Is it really justified to expect all librarians of all flavors and
> > > varieties to know this very tech-ish thing called IoT?
> > > >
> > > > Lesli
> > >
> >
>
>
>
> --
>
> @byshieldmaiden | http://exitpursuedbyabear.net
>
> --------------------------------------------------------------------------------------------------------
> “There are moments, Jeeves, when one asks oneself, 'Do trousers matter?'"
> "The mood will pass, sir.” - P.G. Wodehouse
>
|