On the Internet of Things

I hate the term “Internet of Things”. I say “Internet of Things” and “IoT” because everyone else does, but I don’t like it.

Not everything needs to be online. There’s a Twitter account called @InternetOfShit which posts regularly on this topic.

The first and most important reason why this is a bad idea is security. The Internet is planet-wide, where everyone with a connection is a potential threat. You really don’t want personal and private devices viewable, and possibly controlled, by just anybody.

The second problem is ownership, which also touches on privacy to an extent. Buying devices that rely on third-party providers (including the “trustworthy” ones like Google) means your private stuff is viewable by employees of those companies.

It also means that you could end up with useless equipment that cost a lot of money if the company shuts down or gets sold, and now a marketing firm who buys the assets has access to pictures of the inside of your house, which they will sell indiscriminately to defray expenses. If that doesn’t terrify you, please stop reading, turn off your computer or mobile device, and never visit my site again.

I won’t even get into how white-label Internet-connected cameras (manufactured inter alia by Sony, famous for being hacked many times) need to be rounded up and set alight, because their passwords are 888888, cannot be changed, and can be easily accessed remotely. The prevailing advice from security experts, in fact, is to toss these devices out.

A lot of crime is opportunistic. A database containing credit card numbers, personal information, nude photos, gamer tags, digital currency, whatever it may be, is attractive to certain people who have the technical skills to exfiltrate that information and sell it on to someone else. Rarely will you find that the people stealing this data are the ones using it. Firstly, that’s liable to get you caught, and secondly, the exfiltrator (or “hacker”, an unfortunate use of a perfectly cromulent word) just needs the money, or to prove his or her skills. The big paydays come from large data dumps. Sony, LinkedIn, Tumblr, Adobe, Yahoo, Yahoo (yes, twice), the list is endless.

So what’s the solution? With the number of devices growing exponentially every year, there’s no getting away from the convenience of having lights that turn on when you get home or a video camera to see if anyone is stealing your FedEx packages.

Ironically, the perception of extra safety and security provided by the devices is thwarted by their inherent lack of security. Manufacturers are racing to get into the market, forgoing testing. “Let the customer be the beta tester” is Google and Facebook’s mantra. Many companies are to blame; I’m not just singling these two out. Legal fees are clearly cheaper than research and development.

Which brings me to the point of this piece: building your own “Thing”. Do you want a camera watching your home while you’re away? Build one. Companies like Raspberry, Adafruit, and Arduino (to name just a few) have brought extremely cost-effective computing to the mass market, and relatively easy-to-use programming guides if you’ve never written a line of code in your life. Some of them even run Microsoft Windows!

Of course, building your own camera means that you can’t rely on Google or Sony to record and store your video, so you need what we call a DVR, or Digital Video Recorder. It didn’t help that cable and Internet-based television companies produced devices they also called DVRs, so there is some confusion when you search online. Fortunately the television kind is now called a PVR.

A DVR in this case is a hardware device with a number of connectors for security cameras to plug into. In the last ten years, this industry has seen impressive advances, where cameras are now wireless, connecting via the network, and DVRs can just be software.

In other words, you can buy a relatively inexpensive network-attached computer for your home (traditionally called a NAS, or network attached storage), run DVR software on it, and connect your Raspberry Pi Zero to that. Then, using a (free!) VPN (virtual private network) connection from your phone over the Internet to the NAS, you can view the images or video from the camera, and it’s all sitting in your home, away from prying eyes.

What you’ve done, then, is made your information harder to find. Security by obscurity. The chance of being hacked is still there, but the payday is much lower for a hacker if you use a good VPN server and follow best practices when it comes to securing your network.

One example is the principle of least privilege. What that means is, your camera that you’ve built will have its own security settings, away from, say, your desktop computer. If someone did happen to break into your VPN, and then break into your camera, they wouldn’t be able to hop onto yet another device on the network without doing a bit more work, because the security settings won’t work on any other device on the network (think of it like having a separate password for each device). Breaking this security is time-consuming, and working on stealing billions of passwords from Yahoo is much more lucrative.

Another example is layering. You don’t want to keep your Things on the same network as your computers. Even if they’re physically connected to the same Ethernet network, or everything is on Wi-Fi, there are inexpensive ways to partition your devices onto separate wireless networks, using the same router (which of course you’ve purchased separately, and sits between your cable company’s router and your network).

Yes, it takes a bit of effort to set up and secure your network. Yes, it costs more money. Yes, it’s inconvenient to trade security with ease of use, but the benefits are numerous, and I would suggest that it’s the minimum price of being part of the modern connected world. The manufacturers are responsible for creating ways to safely secure their devices, but we need to make sure we’re using those tools to keep ourselves safe from 7 billion (and counting) potential hackers.

It’s why in South Africa, to avoid being burgled, we just had to make sure we made our wall higher than the neighbours’ walls. If you’re going to be the family with the pretty little fence, welcome mat, and unlocked front door, don’t be surprised when you find a stranger going through your sex toys.

Microsoft BizSpark is now a one-year programme

As of 1 December 2016, Microsoft’s BizSpark programme is now only for one year, down from the original three years.

Given how useful the free Visual Studio tools are, and what is possible with Azure, I’m not surprised, but this is going to affect a lot of people.

From the BizSpark page:

A one year program, BizSpark puts all Microsoft development and test software at your fingertips, including Azure, Windows, Visual Studio, Office and SQL Server for free. Plus, enjoy access to hundreds of free training classes, technical content, and 4 break-fix phone support incidents to help you on your journey.

Anyone who signed up before 1 December 2016 is not affected by this change. The annual renewal is still in effect, but you still qualify for the full three-year programme.

Link: On Getting Old(er) in Tech

My friend Janie Clayton linked to this article by Don Denoncourt, which has some interesting thoughts and observations.

Something with which I agree:

I’ve seen too many people lock themselves into technologies (like Lotus Notes and Domino) and find themselves unmarketable after spending 10 years in that industry. Even if you have a high-paying salary, don’t let the tech world pass you by. Be sure to be up on the latest technologies. And, if you can’t do that at your current position, maybe it’s time to move on.

The entire article is worth taking your time to read.

My funniest line

In 1993, I was in Grade 11 and a member of the Parktown Boys’ High School Public Speaking team. Our four members were as unlikely to be public speakers as you could find. Two were exceptional athletes in their respective disciplines, and stereotypically assumed to be intellectually dim (they weren’t), one was a class clown.

And then there was me, the autistic anti-athlete. During one physical education lesson at school, the teacher had yelled something about how his grandmother could run faster than me, and I’d shot back, “I’m not your grandmother”.

Our topic for one particular speech, in a competition between several schools, was “The Games People Play”.

It was particularly memorable because both my parents attended (my father died only a few months later).

During our rehearsal, our team had come up with a very similar topic, so our stress levels were low, we were in a good mood, and I believe we came second in the competition.

Just before my summation as the leader of the team, the class clown, André, handed back to me by saying “Randolph is what you’d get if Snow White slept with Dopey.”

Naturally this brought the house down, and I could see my parents laughing too. I remember finishing very lamely, and that was that.

After the event, people had congregated as they tend to do, and I noticed André talking to my parents. I also knew that they’d never met, and it was unlikely they had introduced themselves in the short while they’d been chatting.

I walked over, and the line came to me as I opened my mouth:

“Ah, André, I see you’ve met Snow White and Dopey.”

We Didn’t Start 2016

(With apologies to Billy Joel.)


Carrie Fisher, Leonard Cohen, Arquette, Geordie Howe
George Michael, Nancy Reagan, Phife Dawg, Zydeco

Garry Shandling, Garry Marshall, Rob Ford, Ron Glass
David Bowie, John Glenn, Wilder, Castro

Prince Rogers Nelson, “Freaky” Leon Haywood
Zsa Zsa, Henderson, Ricky Harris, Harper Lee

David Smyrl, Caldwell, “Wizard of Woo” Worrell,
Green and White, Kimbo Slice, the great Muhammad Ali

We didn’t start the fire
It was always burning
Since the world’s been turning
We didn’t start the fire
No we didn’t light it
But we tried to fight it

Twitter

I’ve taken a break from Twitter for a while. This means unfollowing everyone. I am using Twitter Lists, though, so I am keeping track of events as they occur.

I have opened up my Direct Messages, and will respond to DMs (following the golden rule, of course).

Books To Read This Winter

Warren Ellis (the British author, not the Australian musician, though both have immaculate beards) asked his friends to recommend one book to read this winter.

I recommend subscribing to his Orbital Operations weekly newsletter.

I asked a bunch of friends for the name of one book they planned to read this winter. I am delighted to be able to share their suggestions with you.

Ingrid Burrington, author of NETWORKS OF NEW YORKThe Mushroom at the End of the World, Anna Tsing (UK) (US)

Lucy Swope, GHOST COP: Jerusalem, Alan Moore

Chris DuFour, White Canvas Group: Twin Peaks: A Secret History, Mark Frost

Steve Prue, photographer: Necrophilia Variations, Supervert

John Rogers, writer/producer: I Contain Multitudes, Ed Yong

Gideon Kiers, Sonic Acts: The Melancholy of Resistance, László Krasznahorkai

Elliot Blake, Amazon Studios: Before the Fall, Noah Hawley

Benjamin Percy, author: The Once and Future King, T.H. White

Damien Williams, writer and teacher: Magic In Islam, Michael Muhammad Knight

Klint Finley, writer and journalist: A Paradise Built in Hell, Rebecca Solnit

Jim Rossignol, videogame producer: Landmarks, Robert Macfarlane

Sean Bonner, Safecast: Everything Belongs To The Future, Laurie Penny

Kyoto Kitamura, vocalist and composer: Showa 1926-1939, Shigeru Mizuki

Justin Pickard, anthropologist: Iraq + 100, ed. Hassan Blasim

Robin Sloan, author & media inventor: Hild, Nicola Griffith

Anab Jain, Superflux: Being Mortal, Atul Gawande

Nalden, co-founder WeTransfer: Postcapitalism, Paul Mason

Chris DiBona, open source director at Google: Luftwaffe Over America, Manfred Griehl

Richard Kadrey, author: Gourmet Ghosts – Los Angeles, James T. Bartlett

Kio Stark, author of WHEN STRANGERS MEET: The Mushroom At The End Of The World, Anna Tsing

Ganzeer, artist and writer: Pictures At 11, Norman Spinrad

Johannes Kleske, Third Wave Berlin: Four Futures, Peter Frase

Arikia Millikan, writer/editor: Cloud Atlas, David Mitchell

Georgina Voss, writer/researcher: The Democratic Surround, Fred Turner

Douglas Rushkoff, theorist & writer: The End of Time, Julian Barbour

Julian Simpson, writer/director: The Nightmare Stacks, Charles Stross

Dan Novy, MIT, Magic Leap, VFX artist: Jerusalem, Alan Moore

Patrick Pittman,writer/editor: This is the Place to Be, Lara Pawson

Kiyash Monsef, writer/director: Universal Harvester, John Darnielle

Jay Springett, artist/theorist: Ifá: A Forest of Mystery, Nicholaj De Mattos Frisvold

Paul Graham Raven,writer: Words Are My Matter, Ursula le Guin

Samuel de Goede, writer: Wild Irises

Deb Chachra, professor: Staying with the Trouble: Making Kin in the Cthulucene, Donna Haraway

Adam Rothstein, archivist, writer & artist: Great Tales of Jewish Fantasy and the Occult, edited and translated by Joachim Neugreoschel

Mikey Pryvt, writer: Star Ark, Rachel Armstrong

Louisa Heinrich, strategist: Star Maker, Olaf Stapledon

E Paul Zehr, professor and author: The Dead Mountaineer’s Inn, Boris & Arkady Strugatsky

Corey White, author: Everything Belongs to the Future, Laurie Penny

Klint Finley, writer: A Paradise Built in Hell, Rebecca Solnit

Wayne Chambliss, strategist: Notes on the Underground, Rosalind Williams

Am I going to read all of the books on this list? Probably not. However, I’m sure you’ll find something to keep you warm.

New Host

I’ve recently moved this website to a new hosting provider. Let me know in the comments, or on Twitter at @rabryst, if you see any weird stuff happening.

What Would You Do?

Many years ago, my family was on holiday at a cottage owned by an uncle. It was a seaside cottage, with no electricity. Light was provided by paraffin lamps, and cooking was done with bottled gas plugged into a gas oven.

One evening, my brother and I, both recovering from chicken pox, were comparing our shadow sizes in front of a paraffin lamp placed at our bedroom door. I was demonstrating, and he was fascinated by, how proximity to a light source could influence the size of a shadow on the wall.

For whatever reason, the lamp was knocked over and landed on the floor, and the glass, paraffin and flames spread quickly.

My father was there almost immediately, but as it all happened so fast, I noticed before he did that the base of the lamp was right next to the door of another bedroom, and the flames were already licking at the wood.

I pulled the lamp away from the door by its handle, taking care not to cut myself, and my mother appeared with a large blue blanket, which she used to smother the flames. It all must have taken less than a minute. There was yelling involved, obviously, but I do recall an exchange, though not word for word, between my father and I, explaining that I was trying to move the lamp to avoid burning the cottage down.

We were all terrified. Needless to say, I didn’t know how I would have reacted until the actual incident. For many years afterwards, I relived the moment where I saw the fire spread to that door. I still remember what I was thinking at the time: fire eats wood. I was ten, my brother was six, and my sister was two. My only thought was to get the fuel source away from the door. I didn’t even think about the consequences of burning my hand or getting cut by the broken glass.

Six years ago, shortly after moving to Canada, I watched and fell in love with a show on Discovery called Canada’s Worst Driver. In that show, a driving instructor called Philippe Létourneau demonstrated a defensive driving manoeuvre where if you are driving in icy conditions and you can’t stop in time, you can make a lane-change manoeuvre to drive around the obstacle, without applying brakes, which slows the vehicle enough so that the brakes work.

During an Edmonton blizzard, I found myself in a situation where I couldn’t stop my vehicle in time. I called on that memory and was able to change lanes (blind spot, mirror, indicator) and bring the car to a stop, almost level with the car we almost hit. It took about four or five seconds for that entire manoeuvre.

Adrenaline makes you do interesting things. I’d love to hear your stories.