I tell people that everyone fights about which field of technology is changing the fastest. I don't fight about it. I figure security has a lock on it. Regardless of what else changes in whatever other field of technology, it has an implication for security.
We need to keep up.
We need to keep up with each change in technology. We need to keep up with the vulnerabilities that are being created as people create more "solutions." We need to keep up with the latest threats; the latest exploits; the latest attacks; the latest news about who has been attacked, and how. We have to pursue the news avidly, and effectively, to try and keep up with the most relevant issues of the day.
There are of course people who try to produce newsletters to help us out. Well, sometimes not to help us out. Vendors, and trade rags, frequently produce such newsletters themselves. Unfortunately, since their aim is to promote their own products, they put minimal work, and pretty much no analysis, into retailing whatever stories they consider to have security implications.
There are, however, some useful ones. The oldest, and preeminent, one is the RISKS-Forum Digest. It's contributors make up the cream of the cream of those who are interested in the dangers of technology, and to technology. And Peter, over thirty-five years, has set the standard for the moderation of a quality topical mailing list on the Internet.
The Department of Homeland Security used to produce one. It's ceased publication on January 27th, 2016. Odd, that.
Another one is put out by the Security Branch of the office of the Chief information officer, of the province of British Columbia. It's pretty good. And it has been running for long enough to develop a track record that I can use to say that.
Les Bell has recently started one. He's got a background in trade media, but, unlike most of the editors and writers in trade rags, he also knows the field of security.
In a recent version of the newsletter, he talked about the fact that Amazon has purchased iRobot, the maker of the Roomba vacuum cleaner. Les noted that Amazon makes a number of home IoT devices. Amazon can collect a great deal of information from the devices in your home. But one thing the devices can't do, is map your home. Until now. The Roomba is built to map your home, in order to make its vacuuming more efficient. So now, in addition to all the other data that Amazon is able to collect, it is able to look inside your home, in a sense.
Les doesn't go any farther than that. I don't think he goes quite far enough. Because iRobot doesn't just make vacuum cleaners. They also make robots for the military, and law enforcement. And, now that all of this is under one roof, so to speak, Amazon will be able to sell a service to law enforcement.
When law enforcement once to do a raid, they would dearly love to know what they will face once they get inside the door. Well, if a Roomba is in the house, Amazon will be able to provide them with that information. Amazon/iRobot will be able to tell you the layout of the rooms, and where furniture is, and (possibly not in real time, but) where people are likely to be. I'm sure that law enforcement will be willing to pay for such information. After all, it will be a saving of lives to do it. Not just police officers, but the occupants of the house, who will be in less danger, given that the police have more information about where they are.
More and more companies are getting more and more information about you. Some of this information is helpful, both to you, and the authorities. Some of the information is just useful to the authorities. And some of the information is going to be useless, and even misleading, and mistakes will be made.
No comments:
Post a Comment