Internet Resilience

The Internet is a widespread tool reflecting, to some degree, free speech and freedom of the ‘press’.  As such, it is a threat to entities that wish to suppress these, or make them subservient to other priorities. A recent report on DefenseOne.com outlines the ways in which some countries have been able to put an “on-off” switch in place, and use this.  The trick is having all or most of the traffic going though a small number of (authorized) intermediate nodes where the pug can be pulled.

Countries like Egypt and China have such bottlenecks.  Countries with large numbers of intermediate nodes connected outside the country include Canada, Germany and the Netherlands.  Surprisingly Russia has a very large number of such connections — explained by the article as a complexity designed to make tracking cyber-crime nearly impossible.

Internet 3.0?

Steve Case, founder of AOL, has a new book out “The Third Wave: An Entrepreneur’s Vision of the Future“.  As a leader in the “First Wave” (remember dial up modems?… and getting a floppy disk from AOL every month in the mail? — that was SO last millennium) — Steve has some perspective on the evolution of the net.   His waves are:

  1. Building the Internet – companies such as AOL creating infrastructure, peaking circa 2000 (remember the dot-com bubble?)
  2. Apps and Services on top of the net. (the currently declining wave)
  3. Ubiquitous, integrated in our everyday lives — touching everything

This seems to ignore a few major ‘game-changers’ as I see it, including the introduction of the Web and Browsers, Altavista/Google for search, and Amazon for retail. But, that does not diminish the reality of the social impact of whatever Internet Wave we are on at this point.  You might tend to align his assertion with the “Internet of Things”, where very light bulb (or other device) has an IP address and can be managed over the net.  But Steve points to much broader areas of impact:
education, medical care, politics, employment and as promised in his title, entrepreneurial success.

Another way to look at this is “what fields, if any, are not being transformed by networked computing devices?” Very few, even technology that does not incorporate these devices (genetically modified whatever), they depend on networked computer technology at many points in their invention and production.

Steve suggests we need a “new play book” for this emerging economic reality.  I suspect he is only half right.  This was the mantra of the Internet Bubble, where generating income was subservient to new ideas, market growth, mind-share, etc.  What is clear is that it will be increasingly difficult for existing corporations to recognize, much less invest in the innovations that will disrupt or destroy their business. AOL and my past employer, Digital Equipment, are both examples of companies that had failed transitions, in part due to their momentum in “previous generations” of technology. (AOL continues as a visible subsidiary of Verizon, Digital has been subsumed into HP.)  What is happening is that the rate of change is increasing, The challenges associated with this were documented in the 1970’s by Alan Toffler in his book “Future Shock” and it’s sequels, “The Third Wave“, “Powershift” and most recently in “Revolutionary Wealth” (2006).  Toffler’s short form of Future Shock is: “too much change in too short a period of time” — a reality that has traction 50 years later.

What examples of disruption do you see coming? (But beware, it’s the ones we don’t see that can get us.)

What does it mean to be human?

Guest Blog from: John Benedict

“… I’d like to share a revelation that I’ve had during my time here. It came to me when I tried to classify your species, and I realized that you’re not actually mammals. Every mammal on this planet instinctively develops a natural equilibrium with the surrounding environment; but you humans do not. You move to an area and you multiply, and multiply until every natural resource is consumed and the only way you can survive is to spread to another area. There is another organism on this planet that follows the same pattern. Do you know what it is? A virus. Human beings are a disease, cancer on this planet, you are a plague, and we…are the cure…”

Let’s hope it doesn’t come to that.

Eighteen years have passed since the birth of a blind child and his graduation from high school. Eighteen years ago, there were no iPods, USSR was a superpower, Japan looked to the United States for economic leadership and support, smoking was permitted on airplanes, there were no companies which researched on biotechnology and only a handful of mobility and medical specialists taught in the nation’s public schools.

In eighteen more years, today’s blind infants will graduate from a strikingly different world. What we teach these kids today will determine how well they survive in their future. We have to make educated guesses about that future (and keep guessing) to prepare them for success.

When a much earlier world changed from a hunting-and-gathering culture to an agricultural age, human relationships were redefined and concepts about space and time changed. The speed of life accelerated. Leadership shifted; old power structures were replaced by the newly empowered. Old definitions and institutions collapsed and new ones took their place.

The hunting-to-survive stage lasted for a million years, the agricultural age – another six thousand years and the Industrial age lasted three hundred years. Some futurists defined an information age and then declared it dead after forty years.The concept of a “job” was also invented by the Industrial age. It pulled the children off the farms to the cities where they had to adjust to new spatial and temporal rules. A job required an employee to be at a certain place for a set amount of time, to do repetitive tasks – to “work” at producing things that were not immediately relevant to the individual’s life. In exchange for the loss of an agricultural lifestyle, employers gave steady wages (not affected by the weather or natural rhythms).

The industrial age saw the creation of vacations, health insurance, and sick days; all resulting from the invention of the job (a new way to work). This change was traumatic for a farm-based  agricultural culture, and many resisted. Human beings no longer were “ruled” by their natural rhythms or by the seasons. Respect for the wisdom of the elders of the society declined as their power was bypassed; they no longer controlled the source of wealth, and their knowledge was irrelevant to the new age.

The rules are ever changing in this age of communication. The life cycle of a business is only seven years now. The cycle in technology is down to six months, and in the software business, if a company is to survive, it must bring new products to market within two or three months. There is hardly time to plan; certainly the present is of little help.

The amount of information in the world is doubling every eight years. One-half of everything a college student learned in his or her freshman year is obsolete by the time they graduate. The amount of knowledge we are asking a typical high school senior to learn is more information than their grandparents absorbed in a lifetime. Our decision load is growing. We are running too fast, making too many decisions too quickly about things we know too little about. How can all these grand ideas about individual web pages, global consciousness, and the coming of massively capable workstations ever be implemented when we hardly have time to eat? This is the major social question facing the beneficiaries of the communications age.

The question remains – with advancements in technology, do we have too little time for what is important and much more for what might not? Are we missing out on morals and courtesies and relying too much on an online presence? We may be called social beings, but are we stepping away from human interaction? The answers to all these are terrifying to even think about! It’s time that we reclaim what we lost.

I finish this essay as I started – with a quote from The Matrix Revolutions.

“…Illusions, Mr. Anderson. Vagaries of perception. Temporary constructs of a feeble human intellect trying desperately to justify an existence that is without meaning or purpose. And all of them as artificial as the Matrix itself, although… only a human mind could invent something as insipid as love…”

The machines may be right but our entire purpose is built on something as insipid as love.

John Benedict is from Hyderabad, India and works with Amazon, India.

Auto(mobile) hacking – is it just a myth?

Scientific American ran a “Technofiles” piece  trying to debunk the idea that cars can be hacked.  The online version corrects errors made in their November 2015 issue where the variation of the article overstated the time required, understated the number of potentially ‘at risk’ cars, and mis-stated the proximity required to accomplish the feat.

This has been a topic here before – so I won’t repeat that perspective.  However, I will copy my reply to the article posted on the Scientific American web site, since I think that this effort to dismiss the risk does a poor service to both the public, and to the industry that needs to give serious consideration for how they manage software and communications that can affect the health and safety of consumers.

David, et al, are not getting the message.
Yes, some of the details are wrong in David’s article (I guessed they were without being party to the Wired article) … also wrong is the “Internet” connection required assumption — external communications that can receive certain types of data is all that is required. (OnStar does not use the Internet) and the “premium savings” device advocated by my insurance company (“oh no, our folks assure us it can’t be hacked”) connects to the diagnostic port of the car (i.e. ability to control/test all aspects of operation) and is cell-phone connected to whomever can dial the number.
This is not model specific since all OnStar and after-market components span multiple models and multiple suppliers. This is not internet specific, but truly remote control would require either the cellular or internet connectivity (WiFi and Blue tooth, which are also likely “bells and whistles” are proximity limited.)
This does not require purchasing a car… they do rent cars you know. And to the best of my knowledge no automobile manufacturers have licensed software engineers reviewing and confirming a “can’t be done” — even if they did patch the flaw that the U.S. DoD/DARPA folks exploited for Sixty Minutes. — Until 9/11 no one had hijacked a commercial jet to destroy a major landmark before, so the lack of examples is not a valid argument. We have multiple proofs of concept at this point, that significantly reduces the cost and time required to duplicate this. There are substantial motives, from blackmail to terrorism (a batch of cars, any cars – terrorists don’t need to select, going off the road after a short prior notice from a terrorist organization would get the front page coverage that such folks desire.) The issues here, including additional considerations on privacy, etc. are ongoing discussions in the IEEE Society for the Social Implications of Technology … the worlds largest technical professional society (IEEE)’s forum for such considerations. see http://ieeessit.org/?p=1364 for related postings”

I’m not sure the editors will “get it” … but hopefully our colleagues involved in developing the cars and after-market devices can start implementing some real protections.

A question for a broader audience: “How do cell phone or internet based services (such as On-Star) affect your potential car buying?”

Information and media authentication for a dependable web

Guest author: Prof. Alessandro Piva (Bio Below)

The wide diffusion of the web and its accessibility through mobile devices has radically changed the way we communicate and the way we collect information about the world we live in. The social impact of such changes is enormous and includes all aspects of our lives, including the shape of social relationships and the process whereby we form our opinions and how we share them with the rest of the world. At the same time, web surfers and citizens are no more passive recipients of services and information. On the contrary, the Internet is more and more populated with contents directly generated by the users, who routinely share information with each other according to a typical peer-to-peer communication paradigm.

The above changes offer a unique opportunity for a radical improvement of the level of democracy of our society, since, at least in principle, every citizen has the ability to produce globally-accessible, first-hand information about any fact or event and to contribute with his/her ideas to general discussions while backing them up with evidence and proofs retrieved from the Internet.

The lack of a centralized control contributes to increase the democratic nature of the Internet, however, at the same time it makes the Internet a very fragile ecosystem, that can be easily spoiled. The ease with which false information can be diffused on the web, and the possibility of manipulating digital contents through easy-to-use and widely diffused content processing tools, casts increasing doubt on the validity of the information gathered “on-line” as an accurate and trustworthy representation of reality.

The need to restore and maintain trust in the web as one of our primary sources of information is evident.

Within the IEEE Signal Processing Society, the Information Forensics and Security (IFS) Technical Committee is involved in the signal processing aspects of this issue, with a particular attention to multimedia data (see the IEEE Signal Processing Magazine special issue on Digital Forensics, Vol 26, Issue 2, March 2009). It is a fact that multimedia data play a very special role in the communication of facts, ideas and opinions: images, videos and sounds are often the preferred means to get access to information, because of their immediacy and supposed objectivity. Even today, it is still common for people to trust what they see, rather than what they read. Multimedia Forensics (MF) deals with the recovery of information that can be directly used to measure the trustworthiness of digital multimedia content. The IFS Technical Committee organized the First Image Forensics Challenge, that took place in 2013, to provide the research community an open data set and protocol to evaluate the latest image forensic techniques.

However, MF tools alone are not the solution to the authentication issue: several key actions must be undertaken involving technological, legal and societal aspects.

What are your opinions about this topic?

Are we irremediably condemned to base our opinions, beliefs and social activity on information whose reliability cannot be determined?

Do you think that the involvement of a critical mass of researchers with different background – technological, legal and social  – could find a solution?

Are you interested in working on this topic?

===================

Author: Prof. Alessandro Piva

IEEE Signal Processing Society Delegate on the SSIT Board of Governors

Associate Professor @ Department of Information Engineering – University of Florence (Italy)

Alessandro Piva is Associate Professor at the Department of Information Engineering of the University of Florence. He is also head of FORLAB – Forensic Science Laboratory – of the University of Florence. His research interests lie in the areas of Information Forensics and Security, and of Image and Video Processing. In the above research topics he has been co-author of more than 40 papers published in international journals and 100 papers published in international conference proceedings. He is IEEE Senior Member, and he is IEEE Information Forensics and Security Technical Committee Associate Member; he has served on many conference PCs, and as associate editor of the IEEE Trans. on Multimedia, IEEE Trans. on Information Forensics and Security, and of the IEEE Trans. on Circuits and Systems for Video Technology. Other professional details appear at: http://lesc.det.unifi.it/en/node/177

Technology In the Classroom?

The Wall Street Journal has a Pros/cons article on this question … which is at the core of Social Impact of Technology in Education.

My son-in-law teaches a university class where students get the “lecture” portion online, and come into class to work on projects/homework. My granddaughter has online assignments regularly, many key tests are done online, and they don’t get ‘snow days’ — in case of inclimate weather they stay home and login. Programs like the Kahn Academy, and a number of Universities offer courses free to “audit”.

At the same time, kids need the real world collaboration, social experience, ideally no bullying, and ideally sufficiently strong (positive) peer groups that help them develop a bunch of skills that are real world based.

What are the key references you find informative on the question of how we educate the next generation?

Eavesdropping Barbie?

So should children have toys that can combine speech recognition, wi-fi connection to capture and respond to them and potentially recording their conversations as well as feeding them “messages”.  Welcome to the world of Hello Barbie.

Perhaps I spend too much time thinking about technology abuse … but let’s see.  There are political/legal environments (think 1984 and it’s current variants) where capturing voice data from a doll/toy/IoT device could be used as a basis for arrest and jail (or worse) — can  Barbie be called as a witness in court? And of course there are the “right things to say” to a child, like “I like you”  (dolls with pull strings do that), and things you may not want to have your doll telling your child (“You know I just love that new outfit” or “Wouldn’t I look good in that new Barbie-car?”) or worse (“your parents aren’t going to vote for that creep are they?)

What does a Hello Barbie doll do when a child is clearly being abused by a parent?  Can it contact 9-1-1?  Are the recordings available for prosecution?  What is abuse that warrants action?  And what liability exists for failure to report abuse?

Update: Hello Barbie is covered in the NY Times 29 March 2015 Sunday Business section Wherein it is noted that children under 13 have to get parental permission to enable the conversation system — assuming they understand the implications. Apparently children need to “press a microphone button on the app” to start interaction. Also, “parents.. have access to.. recorded conversations and can .. delete them.”  Which confirms that a permanent record is being kept until parental action triggers deletion. Finally we are assured “safeguards to ensure that stored data is secure and can’t be accessed by unauthorized users.”  Apparently Mattel and ToyTalk (the technology providers)  have better software engineers than Home Depot, Target and Anthem.

Smart Government: ICT Enabled Social Engagement in Public Organizations

An SSIT Guest Blog provided by: Carlos E. Jiménez; Open & Smart Gov Specialist, IEEE SSIT Sr. Member; Barcelona, Spain.

In a broad sense, we usually use e-Government concept as the ICT adoption by public organizations as helpful tool in order to improve the way they achieve their goals. Key elements in these organizations are elements like efficiency, effectiveness, transparency and citizen-centric oriented.

However, it is important to say that in a more specific sense, there are important differences when we talk about its degrees and elements within this field. Then, we could talk on 4 distinct concepts: e-Administration, e-Government (in a more specific sense), Open Government and Smart Government. These stages are incremental where ICT transform the public organizations at the same time as they produce better services to citizens.

In the table, we can see that e-Administration started with the ICT adoption addressed to automatize workflows in public organizations (1st stage, -Bureaucratic organization) and, later, the e-Government stage (2nd stage, -Professional organization) includes interaction between citizens through the use of electronic tools, as well as bi-directional flows of information allowing citizens to use e-services. Next, technologies contribute and facilitate the move to a 3rd stage (Relational organization) where -Open Government- is achieved, allowing a high degree of the governance paradigm and not only through the use of e-services. In this stage there is a participation of the society in decisions and processes that before, were mainly done exclusively by the organization. A 4th stage and type of public organization (Intelligent organization) after the Relational one, would be based in the optimized IT adoption degree, and how it can transform the public organization as well as society.

Organization  Modernization Level ICT Role
1. Bureaucratic Begin Automatized Workflows  (e-Administration)
Benefit: increased internal efficency
2. Professional Middle Citizenship Interaction (e-Government).
Benefit: efficient public services (filing forms…)
3. Relational Advanced Citizenship participating in governance (Open Government).Benefit: Paradigm of governance
4. Intelligent Optimal:
Adopted completely Interoperability principle and Open Innovation as tool
Interconnected Ecosystem (Smart Government)Benefits: real time, data driven – integration of information, Public-Private-People Partnership…

This 4th “refined” public organization level, would be achieved as a result of ICT as tool that is being used in perfect harmony with: a) Open Government b) the Social & Open Innovation in public organizations and c) a maximized Interoperability Principle [this concept is expanded in a special issue of IEEE Computer Magazine, Oct 2014]. The concept of Smart Government, then, will have all these factors, and the social implications of technology are being key here.

Indeed, we have to understand that territories and cities only will be smarter if and only if are more social, through thinking in the best options for their citizens, specially, avoiding negative impacts of technology. To get a sense for how this looks in practice see, in the case of Barcelona, https://smartcitizen.me/.

What areas of government in your territory are starting to move towards the “Smart Government” level?

 

Amazon vs Hachette – Tech Consolidation Impact on Emerging Authors

The dispute between Amazon and book publisher Hachette reached a settlement in November.  The Authors United group formed by a number of top selling authors, including Steven King, sent a letter to the Amazon Board of Directors expressing their concern with “sanctions” directed at Hachette authors including “refusing pre-orders, delaying shipping, reducing discounting, and using pop-up windows to cover authors’ pages and redirect buyers to non-Hachette books“.  This group has not yet resolved their concerns about the impact of this applied technology. There are financial and career implications from the loss of Amazon as a channel for sales, even for the months of this dispute.  These include reduced sales for proven best selling authors, and for first-time authors, reduced sales can be the end of their career.

The Bangor Daily News indicates this group is pressuring the Federal government and exploring a law suit to address some of these damages.

A key question is the monopolistic potential of having a single major channel for selling a class of products.  Amazon is reported in this article as being the source of 41% of new book sales in the U.S. And is reported by some best selling authors as having “disappeared” them — with searches for their names on Amazon yielding no results.

Data Mining makes it possible to associate authors with publishers, and manipulate their visibility via online sales channels.  There are legal and ethical issues here that span beyond the immediate “Hatchet”: case.  Apple is continuing its e-book anti-trust battle claiming a “David vs Goliath” position where Amazon holds 90%+ of e-book sales.

Both Apple and Amazon hold significant control over critical channels that authors (books, software, etc) need to both sell their products, but also to even become visible to the to potential readers/users/consumers. Both are for-profit companies that apply their market power and technology to maximize their profits (which is what capitalism and stock holders expect.)  The creative individuals producing indi or even traditional channel creations who might be expected to benefit from the global access of the Internet can get trampled when these mammoth’s charge towards their goals.

Is the Internet creating new opportunities, or consolidating to create concentrated bastions of power?  (Or both?)   Oddly this comes around to parallel issues with “net neutrality” and how the entertainment industry is relating to Internet channels — perhaps there is a broader set of principles involved.

 

Cyberwar and Social Impact

War tends to have significant social impact.  Even back in the days of civilized warfare (civilians from Washington DC went to view the first battle of Bull Run aka Manassas, they were caught in the retreat of the Union forces) there were significant impacts on Society.  In the recent issue of Technology and Society, authors Flowers and Zeadally outline the challenges faced by Cyberwarfare.

When is a cyber abuse an act of war?  The abusers include script-kiddies, criminals, corporate/national espionage, civil protests, up to nation state attacks sometimes accompanied by ‘kinetic’ battles.  Events may go undetected for extended periods, or may take out significant military or economic targets (such as the power grid.)  And identifying the source of an attack can be difficult, particularly if the attackers choose to make it difficult.

This paper outlines nation state attacks ranging back to 1982, when a Soviet pipeline was destroyed, up to fairly recent events.  It also provides a country of origin count for attacks in 2013 — with Russia leading (1.15 million) then the U.S. (.86 million), and in case you were wondering, China comes in at #8 (.25 million) after Germany, Taiwan, Bulgaria, Hungary and Poland. Of course the source country does not mean it is a state sponsored attack, nor does it mean that it is directed at military objectives nor might it damage persons or objects.

The NATO Cyber Defense Center of Excellence have sought to define cyber warfare in the recently published Tallinn Manual on International Law Applicable in Cyberwarfare.  But many of the potential “Perps” are not likely to pay much attention to International Law, and of course the response to a given attack becomes problematic if the source or responsible parties cannot be identified — “beyond a reasonable doubt.”

The paper concludes that cyber attacks are increasing.  Which leads to the question of what might be done … by technologists, by citizens or by nation states.  What evils are creeping across your part of the web?  What might we do about it?