Sublime Text 2 is a text editor for OS X, Linux and Windows, currently in beta.
Yesterday, Google announced that it would buy privately-held Nest Labs for $3.2 billion. This was Google’s second largest acquisition ever. Nest is a smart thermostat and smoke alarm-maker which promises to give Google a leg up in the fast expanding home automation market. But the acquisition also highlights the degree to which communications technology is now embedded in ordinary devices. The benefit is convenience. The risk is privacy.
Since this is a thought piece, I am putting it outside the paywall.
Last week cryptography expert Bruce Schneier wrote an interesting piece on the NSA at the Atlantic, arguing that the intelligence agency threatens national security. His argument in a nutshell was that the NSA – in its zeal to undermine security for espionage purposes - made the digital world vulnerable to any attacker, including foreign governments and common hacker criminals. Schneier pointed to the NSA’s “collect-everything mentality” as being at the heart of the security vulnerability. And I believe this is important when thinking about embedded technology in the context of the Google acquisition.
Embedded technology or embedded systems are computer systems that operate within larger devices in order to make them ‘smart’ and more technologically advanced. Think of electronic watches, baby monitors, refrigerators or washing machines. These articles are by their very nature mechanical/electronic. But in today’s world, they also contain tiny little computers in order to enhance their functionality and ease of use. Embedded systems of this sort are literally ubiquitous. The Nest acquisition gives Google entree into this embedded technology market in its most important application, home automation.
The problem with embedded systems is that they are a major security and privacy risk. In another Bruce Schneier post, he explains:
“We’re at a crisis point now with regard to the security of embedded systems, where computing is embedded into the hardware itself — as with the Internet of Things. These embedded computers are riddled with vulnerabilities, and there’s no good way to patch them.
It’s not unlike what happened in the mid-1990s, when the insecurity of personal computers was reaching crisis levels. Software and operating systems were riddled with security vulnerabilities, and there was no good way to patch them. Companies were trying to keep vulnerabilities secret, and not releasing security updates quickly. And when updates were released, it was hard — if not impossible — to get users to install them. This has changed over the past twenty years, due to a combination of full disclosure — publishing vulnerabilities to force companies to issue patches quicker — and automatic updates: automating the process of installing updates on users’ computers. The results aren’t perfect, but they’re much better than ever before.
But this time the problem is much worse, because the world is different: All of these devices are connected to the Internet. The computers in our routers and modems are much more powerful than the PCs of the mid-1990s, and the Internet of Things will put computers into all sorts of consumer devices. The industries producing these devices are even less capable of fixing the problem than the PC and software industries were.
If we don’t solve this soon, we’re in for a security disaster as hackers figure out that it’s easier to hack routers than computers. At a recent Def Con, a researcher looked at thirty home routers and broke into half of them — including some of the most popular and common brands.”
Schneier focuses on the security risk. And that’s a big problem because these embedded technology products are never updated by end users, making them vulnerable to hackers, especially if they are internet-enabled. But then there is the privacy risk too. A lot of ink has been spilled over GPS and WiFi tracking for example. For retailers, tracking customers in-store will soon be the norm. But these tracking mechanisms can be used across retailers too in the same way tracking cookies are used across the Internet. Turnstyle Solutions has set up a WiFi tracking mechanism in downtown Toronto that uses sensors at 200 different stores, allowing the company to create a mosaic of 2 million people and their shopping habits – in the hopes of serving them with proto-Minority Report-style advertising.
We see the emerging location tracking technology developing in cars too at this year’s Detroit auto show. The Guardian reported on privacy problems:
the US government accountability office (GAO) found inconsistencies in the way automakers handle data from car owners, raising fears of privacy breaches. The study looked at information collected by Chrysler, Ford, General Motors, Honda, Nissan and Toyota as well as navigation device-makers Garmin and TomTom and map and navigation app developers Google and Telenav.
“Without clear disclosures about the purposes, consumers may not be able to effectively judge whether the uses of their location data might violate their privacy,” the report noted.
Now, note, that these technologies are geared not just toward enhancing computing power but toward increasing convenience for end users. So the convenience factor is the trojan horse for security and privacy vulnerabilities. Couldn’t the government embed hidden backdoors into these systems? Couldn’t hackers break into the vendors’ computer systems to access our private information? Couldn’t someone or some company or some government use our home automation devices to watch our every move where we live and sleep? The answer to all of these questions is yes. This is what happened with the Target and Neiman Marcus data breaches, affecting 70 million customers with not just stolen credit card information but stolen email addresses, telephone numbers and other personally identifying information.
I don’t have a solution to this problem but I think it will be end up as a mutli-factored problem in a world that is increasingly dependent on always-on computing and internet communications capabilities. The economic and social impact will be in terms of theft, industrial and government espionage, privacy and freedom of speech. it’s hard to tell when, where and how the privacy and security vulnerabilities will be made manifest as serious problems but the NSA spy scandal tells you it already is one. And it is likely to get bigger unless we do find a solution.
Bruce Schneier makes a good case for seeing the security and privacy risks as social in nature. He writes:
Not only is ubiquitous surveillance ineffective, it is extraordinarily costly. I don’t mean just the budgets, which will continue to skyrocket. Or the diplomatic costs, as country after country learns of our surveillance programs against their citizens. I’m also talking about the cost to our society. It breaks so much of what our society has built. It breaks our political systems, as Congress is unable to provide any meaningfuloversight and citizens are kept in the dark about what government does. It breaks our legal systems, as laws areignoredorreinterpreted, and people are unable to challenge government actions in court. It breaks our commercial systems, as U.S. computer products and services are no longer trusted worldwide. It breaks our technical systems, as the very protocols of the Internet become untrusted. And it breaks our social systems; the loss of privacy, freedom, and liberty is much more damaging to our society than the occasional act of random violence.
And finally, these systems are susceptible to abuse. This is not just a hypothetical problem. Recent history illustrates many episodes where this information was, or would have been, abused: Hoover and his FBI spying, McCarthy, Martin Luther King Jr. and the civil rights movement, anti-war Vietnam protesters, and—more recently—the Occupy movement. Outside the U.S., there are even more extreme examples. Building the surveillance state makes it too easy for people and organizations to slip over the line into abuse.
It’s not just domestic abuse we have to worry about; it’s the rest of the world, too. The more we choose to eavesdrop on the Internet and other communications technologies, the less we are secure from eavesdropping by others.
The end result of not fixing this problem will be an erosion of the legitimacy of government and democracy, something that will eventually create economic upheaval and revolution. One way to hold this at bay is to stop government from exploiting the security and privacy loopholes. But another important factor is for citizens to start taking security and privacy seriously. The trade-off between convenience and privacy/security needs to move more in the direction of security and privacy – and by that I mean we consumers need to force companies to add security into their systems. Two-factor authentication systems and easy to use security protocols. One reason I think Bitcoin is interesting is that it sets up a way for people to interact across the web securely in a way that is independent of the security systems of one individual company. It is the technology behind Bitcoin that provides answers for the future more than the currency, which is a legacy of the increasing distrust of government and the erosion of the legitimacy of democracy.
Eventually, repeated violations of security and the erosion of privacy will lead to a breakdown in society. I think we can have the convenience and the security and the privacy. But we need to take the security and privacy seriously or we won’t get it.
Investing.com - Coming off the best weekly performance in a month last week, gold futures again traded higher in the early part of Monday’s Asian as traders continued to boost the yellow metal higher.
On the Comex division of the New York Mercantile Exchange, gold futures for September delivery rose 0.43% to USD1,377.10 per troy ounce in Asian trading Monday. The September contract settled up 0.74% at USD1,371.20 per ounce last Friday.
Gold prices added 4.55% on the week, the strongest gain since the week ending July 12. The precious metal has rebounded 16% since hitting a 34-month low of USD1,180.15 a troy ounce on June 28.
Gold futures were likely to find support at USD1,304.50 a troy ounce, the low from August 9 and near-term resistance at USD1,391.35, the high from June 17.
Gold was embraced as a safe-haven play last week amid some concerning U.S. data points that weighed on stocks. In U.S. economic news out last Friday, the Thomson Reuters/University of Michigan's preliminary reading on the overall index on consumer sentiment for August fell to 80 from 85.1 in July. The August reading was the worst in four months.
The Commerce Department said housing starts rose 5.9% to 896,000 units. Economists expected housing starts to rise to 900,000 units.
Data indicate traders are boosting their long bets on bullion. According to the U.S. Commodities Futures Trading Commission, net long positions in gold futures and options contracts jumped 18% to 56,604 contracts for the week ending August 13.
Demand in India and possible mine strikes in South Africa may boost prices in the next four to five weeks before an industry conference in Denver, Bloomberg reported, citing a JPMorgan research report published last week.
Elsewhere, Comex silver for September delivery inched down 0.06% to USD23.307 per ounce while copper for September delivery rose 0.30% to USD3.372 per ounce.
It would be nice to add a custom Toolbar, eg. for ColdFusion Shortcuts, that I could click on, like Dreamweaver has
I am teaching robotc coding. Your program showing all the logical connections (do/while, if then else, while, etc) is wonderful for helping students (and the teacher) see the relationships between the parts of the code. I would love to be able to print the code with all the colors and the connecting lines so I can insert it into a document for each exercise. For long code (over 60 lines or so), it would help to be able to insert a page break.
Customer support service by UserEcho