š° Security, Self-driving consolidation, AI in Energy ā Internet of People Observatory #17
Hi,
glad you could make it.
In this issue: The mess that is IT Security, Uberās mess, and AI trying to solve the mess that are energy grids.
ā¤ļø Love this? Please share it via Twitter or Facebook.
š¬ Got this forwarded from a friend? Sign up here!
Letās talk about security
It feels like hardly a week goes by without announcements of major security breaches or leaks. And while weāre not in the business of keeping tabs on individual breaches (egregious ones, like unsecured databases that contain millions of voice recordings, like the one covered two weeks ago, excluded), there was enough smoke this week to have a closer look where the systemic fire might be.
Letās start with Wikileaksā Vault7 document drop. While anything Wikileaks publishes these day should be consumed with a rather copious amount of salt, the framing of the purportedly leaked documents, which seemed to ascribe to the CIA almost mythical powers of ācyberā, brought the discussion around consumer IoT electronics to the fore again.
And of course everybody now thinks that who they need to worry about when it comes to IT security is the CIA or NSA. Theyāre the ones who get their hands on a lot of Zero-Day vulnerabilities (who tend to linger for a long time, as a fortuitously times study by RAND shows). And yet, the reality is far more mundane.
The web has been around for a while, and thereās a whole industry in supporting security on web sites. And yet, the complexity of frameworks and solutions to build websites lead to poor security even in an environment where incentives for security align better than in low-cost consumer hardware. Research into some 133.000 websites has shown that at least 37% of them rely on insecure Javascript frameworks.
It might sound antithetical, but Iām coming around to think that for IoT to work successfully, and sustainably at that, maybe we need to increase the barriers of entry. Apple often gets a bad rep for its stringent requirements for MfI and hence HomeKit certification, among which thereās a requirement for a custom security module, but that makes those low-hanging fruit attacks so much harder. The tradeoff, of course, would be much slower product discovery, i.e. figuring out what people actually want out of connected homes and connected products.
Relatedly, we need to dispense with the notion that āData is the New Oil.ā It leads producers of goods who have no business running backend servers and data collection efforts to think they have to do it, or else theyāll miss out on a massive revenue opportunity. Thereās a reason why you shouldnāt host your own email server, and thatās the exact same reason why you probably shouldnāt be collecting customer data yourself. Leave that to the professionals. But I guess you donāt become a disruptive platform unicorn with classic core competency matrices.
The internet of things: Home is where the hackers areĀ
The Truth About the WikiLeaks C.I.A. CacheĀ
Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their ExploitsĀ
Thou shalt not depend on me: analysing the use of outdated JavaScript libraries on theĀ webĀ
Cars
I guess itās as hard these days to not hear about Uber as it is not to have news about 45ās latest twitter antics pushed into your streams. But the Waymo/Uber does make for a compelling business thriller, given that the suit essentially portrays Otto, the autonomous trucking firm acquired by Uber, as a corporate vehicle specifically set up for the purpose of extracting trade secrets from Google to Uber. Of course, itās for the courts to decide whether that claim has merits, but the narrative doesnāt exactly bode well for a firm that had two punitive weeks in the public relations department.
And if Google/Waymo gets its injunction against Uberās self-driving car project, the company will be back at square one at a time where the technology race is accelerating. Weāve detailed some of the diverse partnerships that have emerged around self-driving car tech. One of the dominant players has been Mobileye, which until last summer powered Teslaās self-driving tech, and was this week acquired by Intel. Intel themselves, after having missed Mobile completely, desperately needs a play in automotive, so this makes sense. Itās interesting to note, as weāve done before, that thereās increasing specialisation around chipsets. Something something death of Mooreās Law, I presume.
Another angle of those partnerships are the enormous data sets that have to be generated and maintained for cars to be able to navigate the world. The mapping data needs to be far more precise than what us mere mortals need. A machine is dumb after all, machine learning notwithstanding, and needs information in much higher resolution. Those mapping efforts are underway, although you have to wonder whether a collective solution wouldnāt be better for everyone involved.
But cars arenāt just tech, and it was obvious that at some stage, specialised insurance products for advanced driver assistance systems would appear. Now such a product has been launched in the US, and it promises reduced rates for miles travelled with Autopilot engaged. The problematic aspect here is that youāre going to hand over your driving data to your insurance, and that of course sets a precedence that can then be used for things like usage-based road taxation. For now itās an interesting data point for more upheaval in the car insurance industry, as it comes to terms with shifting notions of mobility.
The Uber Bombshell About to DropĀ
Alphabetās Waymo asks judge to block Uber from using self-driving car secretsĀ
Intel Joins Silicon Valleyās Race to Make Best āServer on Wheelsā With Mobileye DealĀ
The most detailed maps of the world will be for cars, not humansĀ
This Insurance Startup Wants to Cover Tomorrowās Self-Driving CarsĀ
Energy
Ah, Elon Musk. Nobodyās really as good at creating a PR opportunity and riding it as Teslaās CEO. While South Australia suffers from scheduled black-outs due to poor reserve capacities and inclement weather, thereās apparently an offer on the table to deliver 100MWh of battery storage within 100 days, or the system is free. The notional price tag of the system runs at $25mm, but the extraordinary aspect is the speed with which the system supposedly can be installed. Increasingly,
Meanwhile, Googleās DeepMind is trying to embed itself ever deeper into the fabric of the United Kingdom. After itās gotten access to some NHS data, thereās now a deal to help National Grid to run the electricity grid more efficiently. DeepMind has done the same thing with Googleās data centers before, but complexity tends to increase exponentially in these systems. So weāll have to see where this leads.
But thereās certainly a lot of potential here. Electricity is a weird market with a mix of price signals and central coordination, and a lot of inefficiencies. Helping discover those inefficiencies, and consequently run the grid better, should go a long way in reducing cost and carbon emissions (which fell by 6% last year, due to a combination of factors). Bear in mind that with the vastness of electricity systems, even small percentage changes can have drastic effects.
Elon Musk: I can fix South Australia power network in 100 days or it's freeĀ
Google's DeepMind is in talks with National Grid to apply artificial intelligence to energy useĀ
DeepMind AI Reduces Google Data Centre Cooling Bill by 40%Ā
UK carbon emissions drop to lowest level since 19th century, study findsĀ
The Strange, Weird, and Interesting
The CIAās canonical directory of Japanese style Faces
How 1960s nuclear-fallout math influences todayās drone regulationsĀ
End note
Thatās it for this week. Iāll be in Dusseldorf tomorrow, and hit Bosch Connected World in Berlin on Thursday. If youāre there, say hi! We should meet up.
In the meantime, if you have feedback please send it my way: martin@internetofpeople.eu
And if you like this newsletter, donāt forget to share it!
See you next week.
Cheers,
Martin