Privacy in the IoT Age

name: inverse
class: center, middle, inverse
layout: true
.header[.floatleft[.teal[Christopher Biggs] — IoT Privacy].floatright[.teal[@unixbigot] .logo[@accelerando_au]]] .footer[.floatleft[.hashtag[NetAppBNE] May 2019]]

---
layout: true
name: callout
class: center, middle, italic, bulletul
.header[.floatleft[.teal[Christopher Biggs] — IoT Privacy].floatright[.teal[@unixbigot] .logo[@accelerando_au]]] .footer[.floatleft[.hashtag[NetAppBNE] May 2019]]

---
layout: true
name: toply
class: center, toply, italic, bulletul
.header[.floatleft[.teal[Christopher Biggs] — IoT Privacy].floatright[.teal[@unixbigot] .logo[@accelerando_au]]] .footer[.floatleft[.hashtag[NetAppBNE] MayApr 2019]]

---
layout: true
template: callout
.header[.floatleft[.teal[Christopher Biggs] — IoT Privacy].floatright[.teal[@unixbigot] .logo[@accelerando_au]]] .footer[.floatleft[.hashtag[NetAppBNE] May 2019]]

---

template: inverse

# Privacy in the IoT Age
### or, "Alexa, does my bum look big in this?"

.bottom.right[
Christopher Biggs, .logo[Accelerando Consulting]
<br>@unixbigot .logo[@accelerando_au]
]

<!-- Abstract

Recapture your privacy in the IoT age

Living in the future is great. The gadgets are awesome, the
convenience is great, oh, and your life insurance premium just went up
because you bought crisps at the supermarket.

Have you ever had your home voice assistant randomly burst out
laughing? While you weren't even talking to it? While you were getting
dressed? While you were enjoying sexytimes? Does that freak you out?

This presentation is about some ways to enjoy the benefits of
the Internet of Things without spiking the freak-o-meter.

Many home automation devices default to "big brother mode", with all
its invasions and risks. Did you know that is now cheaper to produce a
smart TV than a non-smart TV, because of the value of the data that
smart TVs leak? We'll look at how to subvert big brother by making
your smart devices work for you and not their corporate creators.

-->

---
layout: true
template: callout
.crumb[
# Welcome
]

---
class: vtight

# Who am I?
## Christopher Biggs — .teal[@unixbigot] —  .logo[@accelerando_au]

* Brisbane, Australia
* Previously: Programmer, Architect, Developer Lead
* Convenor, Brisbane Internet Of Things Meetup
* Founder, .logo[Accelerando Consulting]
* Accelerando is a "full service" consultancy - chips to cloud

???

I founded Accelerando Consulting which helps businesses
use technology to reduce stress.   Really, that's what
I believe, that technology is the gradual process of freeing
humanity from drudgery and fear, and I started Accelerando
because I wanted to contribute to a future that I will
be excited to live in.

And that's what I want to talk about today, some ways to
enjoy the awesome benefits of technology while avoiding
a few pitfalls.

---

# Shameless Self-Promotion

## Brisbane Internet of Things Meetup

.tight[
* Evening Symposia 4th Mondays
* Afternoon Workshops 2nd Saturdays
* Visitors and speakers welcome!
* Find us on [meetup.com](https://www.meetup.com/Brisbane-Internet-of-Things-IOT-Meetup/)
]
???

But first, some shameless self promotion.  As one of the
organisers of the brisbane internet of things interest group, I
invite you to join us in our quest to create a livable future.
We meet in Fortitude valley on the 4th monday of each month.

We also do practical workshops, our next one of those is in May, but
tickets close soon so check us out on meetup.com if you want to come along.

---
layout: true
template: callout
.crumb[
# Welcome
# Dream
]

---
class: center, middle
template: inverse

# The Dream

???

Now, lets talk about what the internet of things is about.

---

# Devices, Communications, Data

## The pillars of the connected future

???

Actually, first I want to give you my definition of IoT, and that's
this: the internet of things is the fusion of inexpensive embedded
devices, pervasive wireless communications, and cloud data.  The IoT
promises a future where we can extend our vision and reach as far as
we want to go, where each human thrives at the center of their own
extracortical web of sensors and agents.

---

# But *which* Future?  A, or B?

.fig50l[
![](startrek-house.jpg)]]
.fig50r[
![](dune-house.jpg)]

???
I think a lot about what kind of future I want to live in.

On the left we have Star Trek, which says that in the future whenever
we want to do anything we have to poke at a screen or command a
disembodied computer "Tea, Earl Grey, Hot."

In the Star Trek future, the computer becomes an unavoidable presence
in our lives.  Everything we do is mediated through it.

On the right we have a still from the 1984 production of Frank
Herbert's Dune, directed by David Lynch.   A problematic book, and
widely regarded as a terrible movie, neverthless it is spectacularly
beautiful film to look at.   You can turn the sound down if you like.

---

.fig80[
![](make-it-slow.png)]

???

The technology in Herbert's future is different.   It's everywhere,
built in to every object, but aesthetics and comfort come first.  In
this future they've had their technological singularity and they
didn't much like it.

They instead navigated a path where technology becomes about augmenting
human intelligence, not supplanting it.

---

# My Three Laws of IoT

* **First Law:** Devices must cooperate for the benefit of humans
   * **Second Law:** Devices must communicate, and obey instructions
   * **Third Law:** Devices must be as simple and reliable as possible

???

So I give you my three laws of IoT

* Devices must cooperate for the benefit of humans
   * Devices must communicate, and obey instructions
   * Devices must be as simple and reliable as possible

If you squint a bit they look like Asimov's laws.  And they serve the
same purpose, which is to imagine a future where our technology has
inherent checks and balances that serve to protect our agency and safety.

---

# My Three* Laws of IoT

* **Zeroth Law:** Devices must be beautiful (or invisible).
   * **First Law:** Devices must cooperate for the benefit of humans
   * **Second Law:** Devices must communicate, and obey instructions
   * **Third Law:** Devices must be as simple and reliable as possible

.footnote[-ish]

???

But Asimov got to retcon in a Zeroth law, so I can too.

Devices must be beautiful, or invisible.

If we invite computers into our living rooms, bedrooms and bathrooms, 
and even our bodies, they can't look like truck parts, and they
definitely need to be working for our benefit, not for somebody else's
profit.

---
layout: true
template: callout
.crumb[
# Welcome
# Dream
# Reality
]

---
class: center, middle
template: inverse

# The Reality

???

Which brings us back to the unglamorous present.

We have built an internet that feeds on attention
and sells it, along with our behaviour and habits
to whoever will pay.

And it's big business.  As the saying goes, if you're not paying for
the service, you're not the customer, you're the product.

---

# Profit

## Your TV pays for itself by spying on you

.more[[theverge.com/2019/1/7/18172397](https://www.theverge.com/2019/1/7/18172397)]

???

In January this year, the CTO of a smart TV company admitted in an interview that
if you want to buy a dumb TV without any spyware I mean apps then they're going to
have to charge you MORE to offset the loss of all that juicy monetizable data.

This is not human centred technology, this is us as the fly in somebody else's web.

---
layout: true
template: callout
.crumb[
# Welcome
# Dream
# Reality
# Nightmare
]

---
class: center, middle
template: inverse

# The Nightmare

???

We have started down the path of being at the mercy of technology,
except there isn't even any mercy.

---

# Big Data

## It rhymes with "Big Oil" and "Big Pharma"

???

Do you notice how there's still a whole step at the supermarket checkout,
whether human or robot mediated, that badgers you for your loyalty
card.  They time the toilet breaks of their staff, they aren't
spending ten seconds of every checkout pestering you about this so
that you can have that flight to bali.

---

# Inverse Pokémon Go

## "You have insufficient social credit to ride this bus"

.more[[BBC](https://www.bbc.com/news/world-asia-china-34592186)]
???

But it can get worse.

The Chinese government have created a system where your entitlement to
government services, and even the right to travel is determined by
your behaviour as observed by a pervasive grid of internet and
physical surveillance.

Here in Australia the junior league fascists who pass for our
government think that's a great idea and have legislated themselves
frightening powers.

We already have robodebt which yanks the social security safetynet
out from under the disadvantaged based on less than reliable
inferences about our honesty.  You can bet they'd love to do the same
to healthcare and other services.

---

# Would you like fries with that?

## Disclaimer: we'll tell your insurer

.more[[The Economist](http://www.economist.com/node/21556263), [Forbes](https://www.forbes.com/sites/kashmirhill/2012/06/15/data-mining-ceo-says-he-pays-for-burgers-in-cash-to-avoid-junk-food-purchases-being-tracked/#43918ffa1d9e)]

???

And then there's the private sector.

If supermarkets think they know everything you buy, you bet they're
thinking monetising that data by selling it your insurer.   And if you
buy all your fruit and veg at the farmers market and only the junk
food at woolies, what is the insurer going think about your health risks?

---
layout: true
template: callout
.crumb[
# Welcome
# Dream
# Reality
# Nightmare
# Perspective
]

---
class: center, middle
template: inverse

# Perspective

???

One solution here is to throw all your devices into a barrel and burn
the lot.  But I don't think any of us really want to put the genie
back in the bottle.  Do you remember encyclpedia britannica?  Have you
used it lately?  I remember when pub trivia arguments could go for
hours because nobody had a definitive answer at their fingertips.

---
.fig35[
![](radioshackad.jpg)]

.spacedown[
# The unsmart past

## Would you really want to live there?
]

.more[[huffpost.com/entry/radio-shack-ad_b_4612973](https://www.huffpost.com/entry/radio-shack-ad_b_4612973)]
???

Sometimes you get these moments when I realise that we really are living
in the future.  It's 2019, the year of bladerunner and the running
man and Akira.  And our world today looks a lot more like those than
it does 1985 up there.   Almost every single piece of technology in
this ad is extinct now, and what's more, EVERYTHING on that page is
now performed by our phones.  Its a really hard argument to say that
our lives are worse today than in 1985.

---
layout: true
template: callout
.crumb[
# Welcome
# Dream
# Reality
# Nightmare
# Perspective
# Gadgets

]

---
class: center, middle
template: inverse

# Gadgets
???
Along with the smartphone, the star trek future chameleon gadget that
can do anything, we surround ourselves with technology from that other
future, where interactivity is built into our homes, our cars, our jewelry
and even our bodies.  Invisible technolgy is great, but it makes us
feel differently about overt technology.   Think about why everyone
loves having a phone camera on their person at all times, why we take
more photographs than ever before, sales of dedicated cameras have
plummeted, yet we reacted with visceral revulsion to the idea of
building a camera into our eyewear, as exemplified by google glass.

---

.fig60[
![](fitbit-baghdad.jpg)]

.spacedown[
# The fitbit snitch
]

.more[[Washington Post](https://www.washingtonpost.com/world/the-us-military-reviews-its-rules-as-new-details-of-us-soldiers-and-bases-emerge/2018/01/29/6310d518-050f-11e8-aa61-f3391373867e_story.html?utm_term=.ff184fec6e6d)]

???

When technology is out of sight it mustn't be out of mind.  Here's a
story from the middle east last year.  This is the outline of a
military base in Iraq, showing the fence lines and patrol routes and
convoy corridors, assembled from the aggregate fitbit data of US
troops stationed in Baghdad.

Since almost no locals in countries that have been bombed to a dusty
crater by the USA have fitbits, it's easy to identify ones worn by
soldiers.  What's worse is the US military gave thousands of fitbits
out to their own chunky soldiers, without realising they were giving
away more than they intended.

---

.fig40[
![](nest-outage.jpg)]

.spacedown[
# The statist thermostat
]

.more[[NY Times](https://www.nytimes.com/2016/01/14/fashion/nest-thermostat-glitch-battery-dies-software-freeze.html)]
???
Here's another tale from the united states, where in order to avoid
disruption, a manufacturer of IoT thermostats rolled out an update in
the middle of the night.   But it all went wrong, and crashed a huge
cohort of thermostats, in the middle of the night, in the middle of
winter.   So people woke to find their babies crying in 2 degree
rooms.

When technology permeates our lives, so do the attendant risks of failure.

---

.fig50[
![](bird.webp)]

.spacedn[
# The unending coprolanche that is IP Cameras
]

.more[[Krebs](https://krebsonsecurity.com/2019/04/p2p-weakness-exposes-millions-of-iot-devices/)]

???

And then we have the effect of what's known as Hanlon's Razor.   Never
attribute to malice what can adequately be explained by incompetence.

Just last month news broke that a huge fraction of the IP cameras
on the internet can be pretty trivially taken over by anyone who knows
the serial number.  Oh and you don't have to know the serial number
becuase they're only a letter plus six digits and you can just loop
through all the possible numbers until you amass 2 million vulnerable
cameras.   True story.   If you have an IP security camera, talk to me
after, or follow that link on the slide.

---
template: inverse

# Taking back control

???
So how do we protect ourselves from these three risks, from devices
that leak our privacy, from devices that might go rogue, and devices
that are vulnerable to bad actors.

I'm not one of the doomsayers.  I'm not in favour of throwing it all
in the bin and going back to the benighted and miserable dark ages,
you know, the 1990s.

But it is true, a lot of the time, that the S in IoT stands for Security.

---

# Trusted infrastructure 
???
One of the things you can do is reduce your threat surface.

Spider silk might be stronger than steel weight for weight, but would
you drive across a bridge held up by spiderwebs?   I think you
intuitively understand that one mis-piloted cessna or a flock of angry
birds could bring the whole thing down.

And by the inarguable power of a dodgy analogy and vigourous hand
waving, I assert that the same is true of the internet of things.

Fifty apps connected to fifty low-rent cloud services is a curtain of
spiderweb.   A smaller number of professionally built and maintained
services is likely to be more secure.   Think of it another way, if
every time we wanted to send a letter to melbourne we hired someone
going that way to hand deliver it end to end, there's more to go wrong
than if we hand it to aus post to put on a truck.   Okay maybe
equating aus post with reliability is pushing an analogy too far.

---

# Home automation hubs 
## Apple, Google, Amazon etc.

???
The aus post in our increasingly shaky analogy are the big cloud
players, Amazon, Google, Apple, Microsoft, Mozilla

Instead of your light bulb running a control line from your front
porch, all the way to the cloud, and back down to your phone, which
some of them do, your porch light ought to talk to your google home or
whatever and then you communicate with your home hub, either by
talking to it or using your phone.

If you want remote access then you still have it, but there's only one
connection to the outside world, not fifty.

---

# Home automation hubs
## Mozilla IoT

???
There's a new kid on the block from Mozilla, the makers of firefox.
This is a company that's thought a lot about privacy, and so there
home automation system is fully autonomous.   There's no reliance on
cloud servers to make it work.   If you want remote access you can
still get it but it's not a mandatory feature.

They've also proposed an open standard for IoT interoperabiity to the
world wide web consortium, in an attempt to end the madness of the
walled gardens from those other players.

---

# Home automation hubs
## Roll yer own

* FOSS home automation hubs (HomeAssistant, OpenHab, et .al.)
* [Node-RED](https://nodered.org/) - IoT's Gaffa Tape
* [Blynk.io](https://blynk.io/) - The app for your exocortex

???
We're going down the slippery slide here from Apple at the top with no
assembly required, to genuine full nerd options.

There's a number of home automation frameworks you can install on an
old PC or a raspberry pi and use to automate your home or workplace.
Some of them are more friendly than others, and we don't really have
time to go any deeper.   We'll touch on some more detail next week at
the IoT meetup if you're interested.

---

.fig50[
![](nodered-wall.png)]

# Node-RED

## Home control panel on your TV, Phone or Wall

.more[[https://www.youtube.com/watch?v=FJXrN5aq5fY](https://www.youtube.com/watch?v=FJXrN5aq5fY)]

???
There are two tools I want to point out, though.

The first one is called Node-RED and it's your IoT get out of jail
free card. Whenever you have two systems that don't quite meet in the
middle, node-RED is the duct tape that joins them all up.   It knows
how to talk to almost every iot device, cloud service and database in
the business, and it gives you a visual drag and drop interface that
lets you take events from one place and transform them into actions
somewhere else.

---

.fig50[
![](blynk.jpg)]

.spacedown[
# Blynk.io

## Create your own custom IoT app
]
???
The other one is blynk.  This is an app that lets you build your own
dashboard applications for iphone or android.   If there's a bunch of
things you want to monitor or control but there's no one place to do
it all, then blynk lets you build your own.   Again, we're going to go
into that in more detail at next week's IOT meetup.

---
layout: true
template: callout
.crumb[
# Welcome
# Dream
# Reality
# Nightmare
# Perspective
# Gadgets
# Cameras

]

---
class: center, middle
template: inverse

# Cameras

???
Now cameras, I'm afraid, are a little bit of a shitstorm.

---

.fig70[
![](echo-look.jpg)]

.spacedn[
# "Alexa, Does my bum look big in this?"

## Cameras, .ul[every]where
]
???

Amazon in their unlimited wisdom announced a device about two years
ago called the Echo look.  And they thought it was a good idea to put
this in your wardrobe so you can take a morning selfie.

Now morning selfies ARE a thing, and I applaud those with the
dedication to carry them off, but this is one of those cases where the
risks and consequence of failure far outweighs the total benefit of
the product.

---

# Mirai

## Shall we play a game?

.more[[The Internet of Scary Things](https://www.youtube.com/watch?v=dG49ZVjT67U)]

???

What are those risks?  Back in 2016 half the internet was knocked
offline by a denial of service attack orchestrated by a new kind of
botnet, a network of hundreds of thousands of compromised video
cameras.

---

# Open Network Video Interface

## ONVIF lets you throw the bundled app in the bin

* turn off uPNP
* sandbox the cameras
* iOS: [Homebridge.io](https://homebridge.io/) adds cameras to home app
* [Mozilla IoT](https://iot.mozilla.org/gateway/) now supports ONVIF cameras
* [Shinobi.video](https://shinobi.video) lets you build your own camera controls

.more[[github/unixbigot/onvi-finder](https://github.com/unixbigot/onvi-finder)]
---
layout: true
template: callout
.crumb[
# Welcome
# Dream
# Reality
# Nightmare
# Perspective
# Gadgets
# Cameras
# Hubs

]

---
class: center, middle
template: inverse

# Hubs

---

.fig70[
![](voice.jpg)]

# Are they listening?

## Sure

.more[[https://www.wired.com/2016/12/alexa-and-google-record-your-voice/](https://www.wired.com/2016/12/alexa-and-google-record-your-voice/)]

---

.fig50[
![](alias.jpg)]

# Are they recording?

## Probably not

.more[[http://bjoernkarmann.dk/project_alias](http://bjoernkarmann.dk/project_alias)]

---
.fig50[
![](simpsons.gif)]

.spacedn[
# Are the edge cases creepy AF?

## Heck, yeah.]

.more[[Kiro7](https://www.kiro7.com/news/local/woman-says-her-amazon-device-recorded-private-conversation-sent-it-out-to-random-contact/755507974), [Bloomberg](https://www.bloomberg.com/news/articles/2019-04-10/is-anyone-listening-to-you-on-alexa-a-global-team-reviews-audio)]

???

Except when they are.

In Portland a couple in the midst of an argument were called by a
concerned colleague who had just received a recording of their
argument.

And

---

# De-creeping a voice hub

* Mozilla "Project Things" [iot.mozilla.org](https://iot.mozilla.org)
* [mycroft.ai](https://mycroft.ai) - Open source voice assistant
* Project Alias [bjoernkarmann.dk/project_alias](http://bjoernkarmann.dk/project_alias)
* Just turn off speak-to-activate

---
layout: true
template: callout
.crumb[
# Welcome
# Dream
# Reality
# Nightmare
# Perspective
# Gadgets
# Cameras
# Hubs
# Networks

]

---
class: center, middle
template: inverse

# Networks

???

We've looked at things you can do at the device level, now lets look
at some general principles you can apply to your whole building.

---

# Network risks

* .red[Devices that don't employ authentication and/or confidentiality]
* .red[Vulnerable cloud services]
* Default authentication credentials
* Firewall ingress
* .red[Malware]

???

Blue = easy, Red = hard

---

# Network safety

* Separate device wifi ([openwrt](https://openwrt.org))
* Use your guest wifi in a pinch
* Turn off or restrict uPNP
* [Fingbox](https://www.fing.com) or other network monitor

---
layout: true
template: callout
.crumb[
# Welcome
# Dream
# Reality
# Nightmare
# Perspective
# Gadgets
# Cameras
# Hubs
# Networks
# Coda
]

---
.fig30[
![](keep-calm.jpg)
]

# Recap

.nolm.vtight[
* Choose the future you want to live in
* Value your data and privacy
* Keep the good parts
* Retain local control
* Non-creepy voice options
* Sandbox high-risk devices
]

---

# Resources, Questions

## Related talks - [http://christopher.biggs.id.au/#talks](http://christopher.biggs.id.au/#talks)

- Email: .blue[christopher @ biggs.id.au]
- Twitter: .blue[@unixbigot]
- BNE IoT Meetup: .blue[@iotbne]
- Accelerando Consulting - IoT, DevOps, Big Data - .blue[@accelerando_au] https://accelerando.com.au/