Jump to content

IoT and Security (and the X16)


Recommended Posts

I commented once that the X16 platform has the potential to be an IoT platform.  Perhaps one of the strongest points in favor of that is, paradoxically, its lack of internet and 5G (or 4G or 3G or...) connectivity.  In my opinion.  This means connectivity is more similar to a "custom" interface than a standard one... to me that means it is more difficult or less worthwhile to be hacked... potentially. 

Potentially I would think that a single central concentrator box (or cloud) could be modern, secure, and up-to-date, while these little critters can talk to it over a Very Low Baud Cryptid protocol.  Not that that's without pitfalls -- after all, security was more or less unknown for the IEC bus.  So maybe instead of a great thing, that's one of the worst possible things.  I suppose it all depends on how and where security is managed, as with all things.

Edge-based, IoT computing devices really can't run "agents" -- they're not powerful enough -- and therefore securing them is an issue.

But, security is fast becoming the issue in the IoT community.

Here's the video of the most recent entry in North Texas' own IoT SIG Breakfast lecture series.

 

Edited by rje
Link to comment
Share on other sites

I personally have fallen into the "nope, hard nope"  to most conceptions of IoT, save for audio/visual mediums where streaming content practically necessitates it. 

This viewpoint arises out of the fact few industry leaders are approaching it from a functionality and quality of life mindset. 

Instead, the mindset seems to be:  "How do we monetize people's refrigerator, laundry, doorbell, lightswitches, etc., usage?"

Net connected televisions are a natural evolution with streaming and all the cord cutting that followed. 

But no one will ever convince me that my coffee maker needs to be connected to the global network.    And there's no real functionality for the consumer.   "Oh, I can schedule it over my phone... but who puts the grounds in and fills the water?"  See photo attached!

(Hell, at any rate, when I have guests, I tend to break out the 1941 vintage Farberware 12 cup percolator -- the coffee is not as good, but it looks and smells damn good making it!).

As for the X16, its an 8 bit processor running at most at 8 mhz and without the architecture that can even handle the maths for modern network comms encryption.   Some guy made a utility to scramble 1541 disks on a C64 using AES and due to the particulars of AES it performed fine, which is to say fast enough that the abysmal 1541 speed was the bottleneck.   But AES performs especially well on 8bit processors, and some of the network security 'gotos" do not. 

But by and large I suspect that any connectivity framework for the X16 would have to treat the machine itself as terminal, and have all the security handled outside the machine's boundary with I/O.   So you would need a card or a dongle to talk to that central server or cloud instance, not the x16 itself.    That means more hardware dev, expense, etc.    And for the X16 what functionality really would benefit:    Mainly a file server, like the old  BBS systems.    Some of the amazing demos aside, no one is really going to do video on the machine and streaming audio would be better handled by other devices and is such a crowded market the X16 can't compete either in terms of capacity or playback.       

Also with the presentation you provided (still watching it, but its fairly interesting and a little scary), I would say that the "IoT" moniker is getting more and more  tainted with all the security issues and maybe it would be best not to besmirch the X16 brand with the label!   

lol.jpg

Edited by Snickers11001001
  • Like 2
Link to comment
Share on other sites

2 hours ago, Snickers11001001 said:

Instead, the mindset seems to be:  "How do we monetize people's refrigerator, laundry, doorbell, lightswitches, etc., usage?"

This detail right here is what pisses me off the most about IoT. I don't need my refrigerator to order more eggs from Amazon. I mean, how atrophied are we going to make ourselves? Big data mining out of seemingly innocuous little details is a grave concern. Most people just can't fathom how powerful it is to have all of these data points on everyone everywhere all the time. And we give it to them freely just so my stove can call a technician for me if it breaks?

Link to comment
Share on other sites

1 minute ago, ZeroByte said:

This detail right here is what pisses me off the most about IoT. I don't need my refrigerator to order more eggs from Amazon. I mean, how atrophied are we going to make ourselves? Big data mining out of seemingly innocuous little details is a grave concern. Most people just can't fathom how powerful it is to have all of these data points on everyone everywhere all the time. And we give it to them freely just so my stove can call a technician for me if it breaks?

As to the last point, the astonishing thing is that IoT makes it possible for unscrupulous corps to MAKE that stove break.    "Sorry, preheating is no longer supported at this subscription level."   

I'm just kidding, sorta.   But I def had had 'older' apple devices take an update that was supposedly only for bug fixes and immediately crater in terms of battery life or performance.   That has to be on purpose to feed the upgrade cycle.   There's an amazing youtube video that came out recently about the "lightbulb" cartel having a a meeting long ago to standardize to a much lower lifespan for light bulbs.   They actually included a mechanism to FINE each other if someone made a better lightbulb. 

Also, part of the problem with IoT is something that crept into "big gaming" the last decade or so:    As soon as something's connected to the internet, its hard for middle management to avoid falling victim to the "push it out the door, we'll patch the bugs later" mindset.     (My kids didn't get to PLAY any of their Christmas games even 5 or 6 years ago because the machines would take hours and hours or so to download and install the day 1 and subsequent patches!  What a contrast from unboxing Coleco, Atari and Nintendo games and playing all night when I was a kid).   

Link to comment
Share on other sites

1 hour ago, Snickers11001001 said:

My kids didn't get to PLAY any of their Christmas games even 5 or 6 years ago because the machines would take hours and hours or so to download and install the day 1 and subsequent patches!

Yeah, we got a Switch this past Christmas, like apparently EVERYONE else, and the Nintendo servers went down, meaning that we couldn't redeem the gift cards we got or install all of the necessary patches to run them for TWO DAYS. I should have pulled my N64 out of storage!

Edited by SlithyMatt
Link to comment
Share on other sites

13 minutes ago, SlithyMatt said:

Yeah, we got a Switch this past Christmas, like apparently EVERYONE else, and the Nintendo servers went down, meaning that we couldn't redeem the gift cards we got or install all of the necessary patches to run them for TWO DAYS. I should have pulled my N64 out of storage!

So it was YOU who kept me from getting my granddaughter's account set up Christmas morning?

I think a clever idea on this front would be to open the box a week before Xmas, get it initialized and patched and any games installed / patched / etc., and then put it back in the box and wrap that sucker. Santa's got tech-savvy elves nowadays, right?

  • Haha 1
Link to comment
Share on other sites

1 hour ago, Snickers11001001 said:

As to the last point, the astonishing thing is that IoT makes it possible for unscrupulous corps to MAKE that stove break.

The worst part is that opting out is really not an option either.

  1. No non-IoT products will even be available for purchase, eventually
  2. Failing to turn on the IoT functionality will result in things like voided warranties, things that refuse to work w/o being on the Internet, etc.
  3. Insurance / Financial institutions will penalize you for not having such things. (Your stove can't send you a notification that you left it on? Well then, that's a risk, so your premium goes up $200/mo.

Maybe it's time for a Butlerian Jihad.
(said the tech nerd on the Internet)

Link to comment
Share on other sites

5 hours ago, ZeroByte said:

....Insurance / Financial institutions will penalize you for not having such things. (Your stove can't send you a notification that you left it on? Well then, that's a risk, so your premium goes up $200/mo.....

Dang, hadn't thought of that one.   That's dirty.   Police already abusing the RING doorbells as warrantless surveillance nodes.    I remember reading 1984 in high school thinking it was 'over the top.'    Never in my wildest dreams would I have thought people would bring big brother into their homes and PAY for the 'privilege'       

Link to comment
Share on other sites

Posted (edited)

I also scoff derisively at refrigerators and toasters with internet connectivity.  That's a Bezos-level interference in my basics of life that fills me with fear and loathing.

 

Now.  The IoT I worked around for one very happy year was in and around city utilities.  I can tell you that buildings and utilities have a great use for smart sensors, and it's a valid use case as well.

 

Edited by rje
Link to comment
Share on other sites

13 hours ago, rje said:

Now.  The IoT I worked around for one very happy year was in and around city utilities.  I can tell you that buildings and utilities have a great use for smart sensors, and it's a valid use case as well.

No doubt.   Because those sensors and the network to communicate with and poll their status arose out of a classic engineering question:    "We have this capability, can it make our solutions work better, faster, more efficiently and how?"   

But that's not necessarily "IoT"   -  so far as I'm concerned, its networked management writ large and using the global network of the internet as a free routing and carrier infrastructure.   Nowadays, "IoT" has been coopted by the business school types who sit around trying to figure out ways to sell connectivity for its own sake, without identifying a problem/solution set where it can help.   And that's because the "customer" for them is not the schmuck who buys the networked device.  Nope, the "customer" is big data and the advertisers (and government offices) who will pay handsomely for the resulting databases.    The guy who buys the device along with that data about his habits and comings and goings and doings and whatnot are the product.   The device is just a "helper object" to get that product to those real customers who want to pay for that data. 

  • Thanks 1
Link to comment
Share on other sites

Posted (edited)
2 hours ago, Snickers11001001 said:

Nowadays, "IoT" has been coopted by the business school types who sit around trying to figure out ways to sell connectivity for its own sake, without identifying a problem/solution set where it can help.   

Right - and in my mind, that's not IoT.  Nothing defuses an argument as much as having to define one's terms.

I tend to think of edge-connected, small processors/sensors, typically for detecting failure scenarios et al.

Edited by rje
Link to comment
Share on other sites

I worked for a network services provider. AT&T sent a sales team to meet with us over various items. One was to tell us we weren't reselling enough of their handoff circuits, and we ran the risk of losing our discount. (We didn't sell many circuits using those precisely because they were ALREADY too expensive vs. other carriers in the area - lol), and the other was to introduce us to their IoT sales manager - to offer that service to our customers - all the 4G-connected meters, gauges, machines, etc... that kind of stuff. We said "okay thanks, have a nice day"

Less than a month goes by and one of our larger customers came to us looking for exactly that kind of solution. They're a large nursery in the area and were looking to do all of that monitoring kind of stuff. Perfect. We called the sales dude, and said we'd like him to present a solution to them. His response was basically: "Great. How many sim cards will they need?" We were like: "We don't know - they're looking for a solution. Can you help them with that?" And he was just "No, we don't engineer solutions, we just activate services."

We never called him again.

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

Please review our Terms of Use