As the Internet becomes more and more part of our lives, we also face
serious dangers and risks. Now software and sensors are being embedded in
all appliances and equipment we are using  to create 'Intelligent
appliances' that are part of the Internet of things. This already includes
cars, tractors, refrigerators etc. Here the software can have instructions
that we do not know and which could be manipulated to harm us.

As a society we need to discuss and decide the manner of implementation of
Internet of things, not leave it to companies alone. read the article
below. Teachers must become familiar with this new development in ICT. The
Internet of Things goes along with the new developments of 'big data' and
'artificial intelligence' which can manipulate all of us in very harmful

Guru, IT for Change.

Bruce Schneier: 'The internet era of fun and games is over'
by  Austin Powell  Nov 16 at 4:31PM | Last updated Nov 16 at 4:31PM

Internet pioneer Bruce Schneier issued a dire proclamation in front of the
House of Representatives' Energy & Commerce Committee Wednesday:
"It might be that the internet era of fun and games is over, because the
internet is now dangerous."

The meeting, which focused on the security vulnerabilities created by smart
devices, came in the wake of the Oct. 21 cyberattack on Dyn that knocked
Amazon, Netflix, Spotify, and other major web services offline.

Schneier's opening statement provided one of the clearest distillations of
the dangers posed by connected devices I've seen. It should be required
viewing. He starts around the 1:10:30 mark in the livestream below, but
we've also transcribed most of his remarks.

Here's how he framed the Internet of Things, or what he later called the
"world of dangerous things":

As the chairman pointed out, there are now computers in everything.

But I want to suggest another way of thinking about it in that  everything
is now a computer: This is not a phone. It's a computer  that makes phone
calls. A refrigerator is a computer that keeps  things cold. ATM machine is
a computer with money inside. Your car is  not a mechanical device with a
computer. It's a computer with four  wheels and an engine... And this is
the Internet of Things, and this  is what caused the DDoS attack we're
talking about. He then outlined  four truths he's learned from the world of
computer security, which  he said is "now everything security."

1) 'Attack is easier than defense'

 Complexity is the worst enemy of security. Complex systems are hard  to
secure for an hours' worth of reasons, and this is especially true  for
computers and the internet. The internet is the most complex  machine man
has ever built by a lot, and it's hard to secure.
 Attackers have the advantage.

2) 'There are new vulnerabilities in the interconnections'

 The more we connect things to each other, the more vulnerabilities in  one
thing affect other things. We're talking about vulnerabilities  in digital
video recorders and webcams that allowed hackers to take  websites. • There
was one story of a vulnerability in an Amazon  account [that] allowed
hackers to get to an Apple account, which  allowed them to get to a Gmail
account, which allowed them to get to  a Twitter account. Target
corporation, remember that attack? That was  a vulnerability in their HVAC
contractor that allowed the attackers  to get into Target. And
vulnerabilities like this are hard to fix. No  one system might be at
fault. There might be two secure systems that  come together to create

3) 'The internet empowers attackers'

 Attacks scale. The internet is a massive tool for making things  more
efficient. That's also true for attacking. The internet allows  attacks to
scale to a degree that's impossible otherwise. We're  talking about
millions of devices harnessed to attack Dyn, and that  code, which somebody
smart wrote, has been made public. Now anybody  can use it. It's in a
couple dozen botnets right now. Any of you can  rent time on one dark web
to attack somebody else. (I don't recommend  it, but it can be done.)

 And this is more dangerous as our systems get more critical. The  Dyn
attack was benign. A couple of websites went down. The Internet  of Things
affects the world in a direct and physical manner: cars,  appliances,
thermostats, airplanes. There's real risk to life and  property. There's
real catastrophic risk.

4) 'The economics don't trickle down'

 Our computers are secure for a bunch of reasons. The engineers at  Google,
Apple, Microsoft spent a lot of time on this. But that  doesn't happen for
these cheaper devices. • These devices are a  lower price margin, they're
offshore, there's no teams. And a lot of  them cannot be patched. Those
DVRs are going to be vulnerable until  someone throws them away. And that
takes a while. We get security  [for phones] because I get a new one every
18 months. Your DVR lasts  for five years, your car for 10, your
refrigerator for 25. I'm going  to replace my thermostat approximately
never. So the market really  can't fix this.

Schneier then laid out his argument for why the government should be a part
of the solution, and the danger of prioritizing surveillance over security.

 It was OK when it was fun and games. But already there's stuff  on this
device that monitors my medical condition, controls my  thermostat, talks
to my car: I just crossed four regulatory agencies,  and it's not even 11
o'clock. This is something that we're going  to need to do something new
about. And like many new agencies in  the 20th century, many new agencies
were created: trains, cars,  airplanes, radio, nuclear power. My guess is
that [the internet]  is going to be one of them. And that's because this is
 This is all coming. Whether we like that the technology is coming,  it's
coming faster than we think. I think government involvement is  coming, and
I'd like to get ahead of it. I'd like to start thinking  about what this
would look like.

 We're now at the point where we need to start making more ethical  and
political decisions about how these things work. When it didn't  matter •
when it was Facebook, when it was Twitter, when it was  email • it was OK
to let programmers, to give them the special  right to code the world as
they saw fit. We were able to do that. But  now that it's the world of
dangerous things • and it's cars and  planes and medical devices and
everything else • maybe we can't do  that anymore.

That's not necessarily what Schneier wants, but he recognizes its necessity.

"I don't like this," he concluded. "I like the world where the internet can
do whatever it wants, whenever it wants, at all times.
It's fun. This is a fun device. But I'm not sure we can do that anymore."

You can watch the full committee meeting above or here.

