Slow down

It is great to be first. But it is better to be correct. Humans seems to always be in a hurry, which often leads to a mistake. Countless times we have jump into something without fully understanding the situation. This phenomenon has given rise to the phrase unintended consequences.

There is a rush to be the first to implement IoT. These early solution almost certainly deficient in some significant ways that will lead to unintended consequences. This paper argues that we are throwing caution to the wind. Read it and beware.

More block chain thoughts

I recently explained to my cousin why I’m skeptical about blockchain. She is in the technology side of the banking industry so her interest was more than casual. Below is basically what I told my cousin.

A blockchain is a ledger: An append-only file that stores records (i.e., blocks). The blockchain file is replicated across many nodes to build trust. In order to corrupt the file, an attacker must co-opt 50% plus one nodes. The more nodes involved, the greater the trust. I speculated that a highly trusted blockchain needs to be widely distributed because if at breakfast it become known that a $10B hedge fund ledger were distributed across only 10 nodes the money would be missing by dinner.

Second, because the blockchain file is distributed the information is shared. Sharing data increases the security perimeter that must be guarded. Thus there is a conflict between trust (increases with node count) and security/privacy (decreases with node count).

The last point, which is the most overlooked, is that blockchain does very little to protect against fraud. It protects the ledger by making it hard to tamper with. However, the ledger is internal data that is fairly easy to protect. But it does nothing to prevent an erroneous ledger entry from being inserted in the first place, as the millions of dollars of stolen bitcoins attest to. Therefore, the blockchain offers no help for the most vulnerable attack vectors.

In addition to these limitations, blockchain is also very inefficient, Consequently I have yet to be shown a use case (other that crytocurrency) for blockchain. Tell if I’m wrong in the comments.

I have an earlier and longer post on block chain.

 

Hacking into a Jeep

Watch the video in this Wired article “Hackers Remotely Kill a Jeep on the Highway—With Me in It.” Two security researchers tap into a Jeep via the Internet. From a house miles away from the Jeep (which means anywhere) they disable the Jeep’s engine, as well as control various other functions. This is scary.

We are not ready for the Internet of Things.