Slow down

It is great to be first. But it is better to be correct. Humans seems to always be in a hurry, which often leads to a mistake. Countless times we have jump into something without fully understanding the situation. This phenomenon has given rise to the phrase unintended consequences.

There is a rush to be the first to implement IoT. These early solution almost certainly deficient in some significant ways that will lead to unintended consequences. This paper argues that we are throwing caution to the wind. Read it and beware.

Researchers can now send secret audio instructions undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant.

Holy crap. I thought it was a bad idea to self-bug your home with Alexa. But it is worse than I ever thought. Researchers at UC Berkeley and Georgetown have shown that one can embed commands in music. That means just listening to music or a video while Alexa is in the room is a risk. Just don’t do it.

Our power grid is fragile

While. this article was in the queue waiting to be posted, the power was lost at ATL—Hartsfield-Jackson Atlanta International Airport—busiest airport in the US. There was a fire in an equipment room that took out the primary and all backups. What a poor design. Every highly-available data center I have visited has two fully-independent sources of power and local backup power (ie, a generator). The failures in ATL effected more that the passengers flying through ATL. The 1,500 canceled flights had cascading effects throughout the US and the world. This is gross negligence on the part of ATL. The inadequacy was certainly obvious to anyone who cared to look but no one looked. Unfortunately, ATL is not the only critical infrastructure that is negligently designed or maintained. It would be wonderful if the event in ATL perpetuates upgrades systems but I will not hold my breath.

The article that I planned to discuss shows how fragile smart systems have become. Advanced control systems in our power grid are merely internet-connected software programs that are vulnerable to attacks just as any other software. These systems are so critically important to our daily life that they require significantly more protection. However, the reality is that they are carelessly built. Most unfortunate is that fixing these known vulnerabilities in this critical systems may not happen until after a massive disruption (such as happened in ATL). There is a better path but it appears to be untraveled.