Category Archives: Technology

The Internet of Things: it’s a really big deal. Oh yeah?

Posted on by

This morning’s Observer column. From the headline I’m not convinced that the sub-editors spotted the irony.

Like I said, everybody who is anybody in the tech business is very turned on by the IoT. It’s going to make lots of money – oh, and it’ll change the world, too. Of course there are some boring old creeps who keep raining on the parade. Spoilsports, I call them. There are, for example, the “security” experts who think that the IoT opens up horrendous vulnerabilities for our networked society. Hackers in Azerbaijan could get control of our “smart” electricity meters and shut down the whole of East Anglia with the click of a mouse. Pshaw! As if the folks in Azerbaijan even knew there was such a place as East Anglia. Or some guy in Anonymous could remotely jam the accelerator in your car so that you drive into your garage at 130mph even when you have your foot firmly on the brake. As if!

That’s why it’s *sooo* annoying when the media publicise scare stories about security lapses involving connected gadgets. I mean to say, how could TRENDnet have known that its “secure” security webcams weren’t really secure at all? It’s not its fault that a hacker broke into the SecurView camera software and told other people how to do it. The result, according to the US Federal Trade Commission, was that “hackers posted links to the live feeds of nearly 700 of the cameras. The feeds displayed babies asleep in their cribs, young children playing and adults going about their daily lives”.

This is *so* unfair. Poor old TRENDnet makes security *cameras*. Why should it know anything about internet security?

Read on

Can Google really keep our email private?

Posted on by

This morning’s Observer column.

So Google has decided to provide end-to-end encryption for any of its Gmail users who wants it. One could ask “what took you so long?” but that would be churlish. (Some of us were unkind enough to suspect that the reluctance might have been due to, er, commercial considerations: after all, if Gmail messages are properly encrypted, then Google’s computers can’t read the content in order to decide what ads to display alongside them.) But let us be charitable and thankful for small mercies. The code for the service is out for testing and won’t be made freely available until it’s passed the scrutiny of the geek community, but still it’s a significant moment, for which we have Edward Snowden to thank.

The technology that Google will use is public key encryption, and it’s been around for a long time and publicly available ever since 1991, when Phil Zimmermann created PGP (which stands for pretty good privacy)…

Read on

LATER Email from Cory Doctorow:

Wanted to say that I think it’s a misconception that Goog can’t do targeted ads alongside encrypted email. Google knows an awful lot about Gmail users: location, browsing history, clicking history, search history. It can also derive a lot of information about a given email from the metadata: sending, CC list, and subject line. All of that will give them tons of ways to target advertising to Gmail users – — they’re just subtracting one signal from the overall system through which they make their ad-customization calculations.

So the cost of not being evil is even lower than I had supposed!

STILL LATER
This from Business Insider:

Inside the code for Google’s End-to-End email encryption extension for Chrome, there’s a message that should sound very familiar to the NSA: “SSL-added-and-removed-here-;-)”

Followers of this blog will recognise this as quote from a slide leaked by Edward Snowden.

google-cloud-exploitation1383148810

This comes from a slide-deck about the ‘Muscular’ program (who thinks up these daft names?), which allowed Britain’s GCHQ intelligence service and the NSA to pull data directly from Google servers outside of the U.S. The cheeky tone of the slide apparently enraged some Google engineers, which I guess explains why a reference to it resides in the Gmail encryption code.

Cars as services, not possessions?

Posted on by

This morning’s Observer column.

We now know that the implications of the driverless cars’ safety record were not lost on Google either. Last week the company rolled out its latest variation on the autonomous vehicle theme. This is a two-seater, pod-like vehicle which scoots around on small wheels. It looks, in fact, like something out of the Enid Blyton Noddy stories. The promotional video shows a cheery group of baby-boomers summoning these mobile pods using smartphones. The pods whizz up obligingly and stop politely, waiting to be boarded. The folks get in, fasten their seatbelts and look around for steering wheel, gear shift, brake pedals etc.

And then we come to the punchline: none of these things exist on the pod! Instead there are two buttons, one marked “Start” and the other marked “Stop”. There is also a horizontal computer screen which doubtless enables these brave new motorists to conduct Google searches while on the move. The implications are starkly clear: Google has decided that the safest things to do is to eliminate the human driver altogether.

At this point it would be only, er, human to bristle at the temerity of these geeks. Who do they think they are?

Read on

Ten of the best

Posted on by

Every year MIT’s Technology Review has a feature on what its editors regard as the most interesting tech developments to have emerged during the previous year. Their current list is now out. See the article for the full details, but the headlines are:

  • Agricultural Drones (giving farmers new ways of increasing yields and reducing crop damage)
  • Ultra-private smartphones (e.g. the Blackphone)
  • Brain mapping
  • Neuromorphic chips (i.e. microprocessors configured more like human brains than conventional chips)
  • Genome editing (the ability to create primates with intentional mutations to study complex and genetically baffling brain disorders). Hmmm… some ethical issues here
  • Microscale 3D printing (i.e. using inks made from different kinds of materials)
  • Mobile collaboration (so-called ‘productivity’ software for smartphones. Example: Quip)
  • Oculus Rift (the wearable VR tech that Facebook recently acquired)
  • Agile robots
  • Smart wind and solar power (i.e. using big data and AI to produce more accurate forecasts of winds)

If you think the music industry is a big deal, think again

Posted on by

Industry_global_revenues

Given all the noise the recording industry makes — and the idiotic amount of attention it gets from government ministers — you’d be forgiven for thinking that it was one of the most important industries on the planet. In fact, as this chart shows, it’s minuscle compared to the industries that drive our economies. It’s about the same size as the watch industry. That doesn’t mean that it isn’t important to those who work in it, or that its future doesn’t matter. But let’s have a sense of proportion about it.

HT to Benedict Evans for highlighting the chart.

Metcalfe’s Law Rules OK

Posted on by

This morning’s Observer column:

There are two paradoxical things about Twitter. The first is how so many people apparently can’t get their heads around what seems like a blindingly simple idea – free expression, 140 characters at a time. I long ago lost count of the number of people who would come up to me on social occasions saying that they just couldn’t see the point of Twitter. Why would anyone be interested in knowing what they had for breakfast? I would patiently explain that while some twitterers might indeed be broadcasting details of their eating habits, the significance of the medium was that it enabled one to tap into the “thought-stream” of interesting individuals. The key to it, in other words, lay in choosing whom to “follow”. In that way, Twitter functions as a human-mediated RSS feed which is why, IMHO, it continues to be one of the most useful services available on the internet.

The second paradox about Twitter is how a service that has become ubiquitous – and enjoys nearly 100% name recognition, at least in industrialised countries – could become the stuff of analysts’ nightmares because they fear it lacks a business model that will one day produce the revenues to justify investors’ hopes for it.

They may be right about the business model – in which case Twitter becomes a perfect case study in the economics of information goods. The key to success in cyberspace is to harness the power of Metcalfe’s Law, which says that the value of a network is proportional to the square of the number of its users…

Read on

Inflection points and advanced robotics

Posted on by

This morning’s Observer column.

Not often do you hear a Newsnight presenter using an arcane mathematical term, but last week was an exception. The culprit was David Grossman, who made an excellent film for Newsnight about the threat to employment from advanced robotics. In the course of this, he made the standard pilgrimage to MIT to interview Erik Brynjolfsson and Andrew McAfee, who have made much of the running in this area with a number of books, of which the most recent is The Second Machine Age. Their argument, said Grossman, was that our society has reached an “inflection point”, a concept beloved of those who studied differential calculus in their youth, but probably unfamiliar to the average viewer.

Still, that’s what Wikipedia is for. A point of inflection, it explains, is a point on a curve at which the curvature or concavity changes sign from plus to minus (or vice versa). Since this sounds like a smaller deal than the wholesale upheaval prophesied by Brynjolfsson and McAfee, Grossman might have got more mileage out of “tipping point”, which, though different to inflection, seems to me to get closer to the nub of the question.

Read on

Why Facebook and Google are buying into drones

Posted on by

This morning’s Observer column.

Back in the bad old days of the cold war, one of the most revered branches of the inexact sciences was Kremlinology. In the west, newspapers, thinktanks and governments retained specialists whose job was to scrutinise every scrap of evidence, gossip and rumour emanating from Moscow in the hope that it would provide some inkling of what the Soviet leadership was up to. Until recently, this particular specialism had apparently gone into terminal decline, but events in Ukraine have led to its urgent reinstatement.

The commercial equivalent of Kremlinology is Google- and Facebook-watching. Although superficially more open than the Putin regime, both organisations are pathologically secretive about their long-term aspirations and strategies. So those of us engaged in this strange spectator-sport are driven to reading stock-market analysts’ reports and other ephemera, which is the technological equivalent of consulting the entrails of recently beheaded chickens.

It’s grisly work but someone has to do it, so let us examine what little we know and see if we can make any sense of it…

LATER: Seb Schmoller, struck by my puzzlement about why Facebook had bought Oculus Rift, sent me a link to an interesting blog post by Donald Clark, who has experience of using Oculus kit.

I’ve played around with the Oculus for some time now – played games, roared around several roller-coasters, had my head chopped off by a guillotine, walked around on the floor of the ocean looking up at a whale and shark, floated around the International Space Station using my rocket pack.
Why do I think it matters? It’s possible, just possible, that this device, or one like it, will change the world we know forever. It will certainly revolutionise the world of entertainment. Flat screen TVs have got as big and sharp as they can get. It is clear that most people do want that big, panoramic experience but there’s a limit with 2D. Climb into that screen, which is what the Oculus allows you to do and you can look around, upwards, over your shoulder. You can them move around, do things and things can be done to you. It’s mind blowing.

The problem that Oculus has is getting to market quickly. Kickstarter was fine, for starting. Sony is right on their shoulder with project Morpheus. With this money they can accelerate R&D, have a massive marketing push and keep the price right…

His conclusion:

This is not only a ‘game’ changer, it’s an experience changer. It will change the way we spend our time, expand our experience and acquire skills. I’ve seen the effect it has with children, teenagers, adults and pensioners. It’s an experience, even at low resolution that can change your life, as you know, when you’ve tried it that it’s coming and when it comes it will be all-embracing. Facebook already has the world at its feet with 1.5 billion users, it now has the world on its head.

Translation: maybe the acquisition make more sense than I though.

Making sense of Snowden

Posted on by

This is a fantastic example of how to conduct an academic discussion of a really contentious subject. It brings together academics and NSA people to talk calmly about what’s happened and what it means. The participants are Yochai Benkler, Bruce Schneier, and Jonathan Zittrain of the Berkman Center and John DeLong and Anne Neuberger of the National Security Agency. The conversation is expertly moderated by the Berkman Faculty Director Terry Fisher.

It runs for 90 minutes, but is really worth it. So book some time off and watch.

Some thoughts triggered by it, in no particular order…

  1. Tempting thought it might be, I see little point in demonising the agencies (NSA/GCHQ). Most of the people who work in them are conscientious officials engaged on a mission which they believe to be important and necessary. One interesting aspect of the Snowden revelations is that they contain few, if any, horror stories of “bad apples” or corrupt officials abusing their powers. This doesn’t mean that such scandals don’t exist, but my hunch is that this is very different from, say, what went on in MI5 and the CIA during the Kennedy/Nixon/Reagan eras.
  2. The discussion so far has focussed too much on the details or the surveillance programs, and not enough on what the existence of such programs means for society and democracy.
  3. ‘Oversight’ has been interpreted as checking that the agencies strictly adhere to the rules that have been set for them by legislation and executive order. It seems clear already that much of this oversight has been inadequate and flawed. But there has been very little discussion of democratic oversight of the rule-making process itself. It is important, of course, to ensure that rules set by Parliament or Congress are being obeyed at the execution level. But what is equally important – and thus far under-discussed – is whether the rules that have been created by politicians are themselves wise, effective and proportionate. There is little comfort to be derived from government assurances that everything done by NSA/GCHQ is “lawful” if the laws themselves are flawed.
  4. There is an important difference between espionage and bulk surveillance: the former is directed or targeted; the latter is generalised and indiscriminate.
  5. In a way, the agencies were set an impossible task by politicians in the aftermath of 9/11. “Never again” was both the letter and the spirit of the injunction. Societies must never again be vulnerable to the terrible things that terrorists might dream up and conspire about. Charged with this terrible responsibility the agencies attempted to forewarn against any conceivable threat, and the only way they could invent to do that involved the kind of comprehensive surveillance that Snowden reveals. What we don’t know – yet – is whether the agencies were actually doing this kind of surveillance before 9/11, in which case there would be some further awkward questions to be asked.
  6. The “war on terror” proved to be a really pernicious ploy. A state of war implies an existential threat to the nation, which justifies and legitimates very drastic measures. Between 1939 and 1945, for example, Britain was effectively a totalitarian state, and all kinds of civil liberties were drastically curtailed and infringed; but the citizenry grudgingly or willingly accepted these conditions because they understood the existential threat. But the “war on terror” is not a war in that sense; it’s merely a rhetorical device. it did, however provide ideological – and in some cases legal – cover for massive extensions of intrusive surveillance.
  7. Secrecy is always a tricky concept for democracies Because, on the one hand, democracy requires openness and publicity (to ensure that citizens can give their consent to what is being done in their name by state actors); but at the same time, democracies may legitimately need to engage in some activities which have to be kept secret. In some cases, secrecy is legitimate: in 1963, for example, the Cuban missile crisis was resolved by President Kennedy’s decision to offer the prospect of withdrawal of American missiles based in Turkey in return for a Soviet decision to withdraw their missiles from Cuba. This offer was kept secret from the American public for the very good reason that if it had been made public then it might have undermined congressional and public support for the president’s handling of the crisis.
  8. Democracies therefore are always trying to strike a balance between openness and secrecy. This can be a very hard balance to strike, so not surprisingly democracies tend to fudge the issue by offering to lift the veil of secrecy just far enough to provide a semblance of accountability. One of the things we have learned from the Snowdon affair is how threadbare this semblance is. What we have, as one shrewd commentator observed, is not real oversight but “oversight theatre”.
  9. A useful way to conceptualise the problem is to imagine a horizontal line. Activities above the line – for example legislative rule-making – take place in public. This is where policy is formed. Below the line is the area of policy execution by the agencies, and is hidden from the public.
  10. It would be naive to assume that the agencies confine themselves just to execution. They may sometimes be active above the line – for example in framing legislation which meets their needs but which is couched in terms that conceal from an ignorant public and a complacent or incompetent legislature the real import of the legislation. This process has been especially visible since 9/11. In that context, it’s interesting that the legislator who co-authored the Patriot Act has publicly declared his dismay at discovering (pace Snowden) what his statute has supposedly authorised. And in Britain it’s clear that directors of security organisations can play an important role in framing legislation.
  11. In Britain there is a deeply-ingrained tradition of political deference to the security services. This could be because Britain is a society that is more hierarchical and deferential than most. Or it could be that sentiment rules: GCHQ, for example, is seen as the spiritual heir of the wartime Bletchley Park codebreakers, and thus rides on their heroic coat-tails. Whatever the explanation, there are suspicions that budgetary and other proposals from senior security officials receive more favourable treatment in Whitehall than do comparable demands from “civilian” departments. One former senior member of the Blair government told me that in all his time in the Cabinet he could not recall a single instance in which a request from MI5/MI6/GCHQ was turned down by Tony Blair.
  12. Politicians in most Western democracies – including the United States and United Kingdom – are astonishingly ignorant about the capabilities and potential of computing and communication technologies. The proposition that such politicians might be capable of maintaining effective ‘oversight’ of technologically-adept agencies is implausible.
  13. Allied to politicians’ technological ignorance is the fact that “hacker culture” is an entirely alien world to them. This is important in considering the possibility of “mission creep” by surveillance agencies which are staffed by large numbers of talented software engineers. The Snowdon revelations include a few examples of what programmers call “cool hacks” which are indicative of technological exuberance and associated mission creep.
  14. Even if we except that the NSA has strictly adhered to the rules laid down by Congress, there is the problem that some of the activities revealed by Snowdon are nowhere mentioned in the rules. Congress, for example, did not mandate that the RSA encryption which supposedly secures the bulk of the commerce transactions on the open Internet should be covertly compromised by the agency. Nor did Congress mandate that the NSA should approach Microsoft after it acquired Skype with the demand/request that the technology should be modified in order to facilitate surveillance of VoIP communications.
  15. One of the most perplexing aspects of the whole surveillance question is why citizens of some of the most-surveilled societies seem relatively relaxed about it. There are, of course, cultural differences at work here – Germans, for example, seem to much more concerned about the Snowdon revelations than are Britons.
  16. The Snowdon revelations demonstrate the extent to which what one might call the National Surveillance State is a public-private enterprise. In a sense the state has covertly outsourced some of the surveillance to major Internet companies and telecommunications organisations. This is hardly surprising given that the core business of both the NSA/GCHQ and the Internet giants (Google, Yahoo, Facebook, Microsoft) is intensive, detailed, comprehensive surveillance. The only real difference is that the companies claim it is being done with the consent of their users – as registered by their acceptance of the terms and conditions imposed by corporate EULAs (End User Licence Agreements).
  17. One strange aspect of the whole business is the way the US government appeared unaware to the threat that exposure of NSA activities would pose to the country’s big technology companies. It’s inconceivable that policy makers would not have considered the damage that exposure would do. Or is it? Was it just that (see earlier comment about the cluelessness of politicians in this area) that the risk never crossed what might loosely be called their minds?
  18. The biggest question of all — and the one least discussed – is whether the kind of comprehensive surveillance revealed by Snowden and other whistleblowers is compatible with any meaningful conception of democracy.

Triumph of the Nerds

Posted on by

My Observer piece on Michael Lewis’s new book.

Light travels at 186,000 miles a second in a vacuum, which is another way of saying that it covers 186 miles in a milli-second – a thousandth of a second. Given that much of our contemporary electronic communications are conveyed by pulses of light travelling along fibreoptic cables, we are given to extravagant hyperbole about the “death of distance”. After all, if a message – or a file – can traverse the globe in the blink of an eye, it doesn’t matter whether your hard drive is on your desktop or in a server farm in Nebraska or Sweden.

But it turns out that the speed of light is of great practical interest to some people. One group of them have shelled out $300m to lay a fibreoptic cable in a straight line from Chicago to New York. This involves, among other things, drilling through mountains and under urban areas. And for what? So that the time taken to send a signal between New York and Chicago could be reduced from 17 milliseconds to 13. For that apparently infinitesimal improvement, stock market traders were willing to pay $14m a year, plus a substantial upfront payment, to use the cable.

Therein lies the tale of Michael Lewis’s enthralling new book, Flash Boys, which joins an elite but growing list of volumes that set out to explain how computing is reshaping our world…