Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Education Technology

Vint Cerf: CS Programs Must Change To Adapt To Internet of Things 163

chicksdaddy (814965) writes "The Internet of Things has tremendous potential but also poses a tremendous risk if the underlying security of Internet of Things devices is not taken into account, according to Vint Cerf, Google's Internet Evangelist. Cerf, speaking in a public Google Hangout (video) on Wednesday, said that he's tremendously excited about the possibilities of an Internet of billions of connected objects. But Cerf warned that it necessitates big changes in the way that software is written. Securing the data stored on those devices and exchanged between them represents a challenge to the field of computer science – one that the nation's universities need to start addressing. Internet of Things products need to do a better job managing access control and use strong authentication to secure communications between devices."
This discussion has been archived. No new comments can be posted.

Vint Cerf: CS Programs Must Change To Adapt To Internet of Things

Comments Filter:
  • by Anonymous Coward

    "Internet of things" sounds like some retarded proprietary crap from some big-name company

  • by Anonymous Coward on Wednesday April 02, 2014 @09:09PM (#46645735)

    But until lawsuits make fixing things more affordable than ignoring the gaping holes, you're going to be playing guinea pig. That's just the free market at work.

    • by Cryacin ( 657549 ) on Wednesday April 02, 2014 @09:13PM (#46645753)
      This. A thousand times This. I have been in meetings where security has explicitly been regarded as irrelevant, where one way encrypting passwords from plaintext on the client is irrelevant, and where we can trust our employees to always do the right thing with all of our users passwords, and "what could they do with the passwords that is outside of our irrelevant application" was bandied around the room as acceptable.

      They should not be teaching the importance of such things to CS students, but much rather to the MBA's and BBus students. It's not the knowledge of the need for security amongst those that build, but the desire to pay for it from Management.
      • by mlts ( 1038732 ) on Wednesday April 02, 2014 @09:38PM (#46645883)

        Nail, head, hit. Even if someone had a device that had obvious security failings that were unfixable, the EULA/TOS by opening it up and turning it on would ensure that lawsuits would not proceed (either by forcing arbitration, or just a clause stating that it isn't their fault, no matter what.)

        I have no interest in IoT. Realistically, what has to be on the Internet all the time and take commands? Why do we need to give devices full exposure if it isn't needed?

        If someone wants status messages from devices, why not just have devices communicate via BlueTooth to a log box, and said log box present the data to where it needs to go? This would force an intruder to have to hack that core box, then use BlueTooth weaknesses to jump to actual devices, rather than just run scripts blindly and hope someone's widget shows up.

        • by AmiMoJo ( 196126 ) *

          You need to fix your consumer laws so you are not dominated by tyrannical EULAs.

          In the UK the law is quite clear. All products must be fit for purpose. If a router has security features (like a password to access the management interface, or a firewall) it must work in a typical home environment where the router was intended to be used. No EULA can change that, or take away your legal right to redress.

          If three years after buying the router there is a security hole discovered and the manufacturer does not fi

        • Being in a EULA doesn't mean it's enforceable. You can't do illegal things, even if it's in the EULA.
      • by Anonymous Coward

        I know a student in UCF, who is in CS102(? - he called it CS 2) who didn't even know what a cryptographic function was. Had _never_ heard of the term "md5", "bcrypt", etc. And he's about to get his CS degree. I don't know what in hell they're teaching these kids, but it sure isn't computer science. Most of the work he's shown me, has been reimplementing bubble sort and the like...

      • by epyT-R ( 613989 ) on Thursday April 03, 2014 @01:27AM (#46646733)

        No thanks. I don't want to be responsible for intractable problems. Security is one of those. See, in this situation the programmers would be the ones canned over any security flaw, regardless whether it's due to programming or misuse by the customer.

        Cleaning toilets is starting to sound like a great job these days. It sure beats cleaning up peoples digital toilets...err computers and networks.

        The best way to be safe from the internet of things is not to have unneeded connectivity. Anything else is a risk.

        • Yes, but cleaning physical toilets doesn't pay nearly as well as cleaning digital toilets. I have no problem getting my digital hands dirty for my salary.
      • Spot on.

        Of course, what this really means is that they teach something resembling real ethics to these folks.

        Not holding my breath while waiting for this to happen, though.

        • make the C levels PERSONALLY on the hook for the cost of fixing any security problems unless it can be shown that ALL good security practices were followed.

    • by mwvdlee ( 775178 )

      My thoughts exactly.
      Without laws and punishments to enforce those laws, there will be no security.
      Just make sure those laws don't have loopholes.

  • Stupid (Score:5, Insightful)

    by hsmith ( 818216 ) on Wednesday April 02, 2014 @09:13PM (#46645751)
    You teach core and theory and you apply it to whatever the current fad is. It is preposterous for a computer science program to be geared directly to some "thing" that is currently popular or will be.

    College is about learning theory and how to apply it, it isn't a vocational program.
    • Re:Stupid (Score:5, Insightful)

      by bmo ( 77928 ) on Wednesday April 02, 2014 @09:39PM (#46645899)

      College is about learning theory and how to apply it, it isn't a vocational program.

      When you have a $100k bill to pay off that you can't escape through bankruptcy, you'd better have some way to pay it off. When you have a trillion dollar debt problem based upon this (see previous slashdot headlines) you have what they call a "real problem."

      What you say is a nice sentiment. It's a sentiment that was only valid 40 years ago, when a summer job every year could pay for tuition at Northeastern.

      It is also preposterous to not teach the concepts of security for devices connected to hostile environments (i.e., every network ever), and networking is not a "fad." The only people that thought that the Internet and networking in general for "the great unwashed" were fads were "futurists" like Cliff Stoll who were wildly wrong in 1995.

      http://www.newsweek.com/cliffo... [newsweek.com]

      Read that. A 30 year trend is not a fad.

      --
      BMO

      • by rts008 ( 812749 )

        I don't think 'hsmith' was refering to networks as a fad, but this 'Internet of Things' as being a fad, similar to 'web 2.0' and 'cloud computing'.

        It is also preposterous to not teach the concepts of security for devices connected to hostile environments (i.e., every network ever...

        I agree wholeheartedly with all of that, but I take particular note of the portion in parenthesis, which describes the afore mentioned 3 fads:
        1)Internet of Things
        2) Cloud Computing
        3) Web 2.0

        All have been basic, core functions of networks from early on.(mid and late 1970's)

        Based on the quote from your comment(above), I suggest that you and 'hsmith' are saying abou

        • In all those examples, I still don't know quite what they are. They look suspiciously like well-established technologies being wrapped up in new business models.

    • by Morgaine ( 4316 ) on Wednesday April 02, 2014 @09:58PM (#46645979)

      You teach core and theory and you apply it to whatever the current fad is.

      He's not really saying that CompSci programmes should be tailored for Internet of Things. What he's saying indirectly but perfectly clearly to those who are aware of the appalling state of networking security in recent years is that university-level tuition needs to buck up and face the music, because the people they have been releasing into the field are totally inept at designing secure systems. The hundreds of thousands of security problems spread right across the whole Internet speak for themselves.

      It's a very important message, and hopefully it will resonate with more than a few CompSci departments. IoT is just being used as an excuse for releasing a high-profile message from a respected person about the very unsatisfactory state of developer competence in the area of secure systems.

      Regarding your second point about education versus vocational training, you are right about that, but secure software design and cryptogtaphy are not subjects for vocational training, but very strongly in the domain of CompSci. You have to understand the fundamentals, not just know which functions to call.

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        Personally i think that you miss the point. It's not about security in the real world, it's about the economics of security. No manufacturer will put an advanced security system into dirt cheap consumable devices. It is a joke to even consider iot for most stuff. It's an '80s fantasy that just has no economical value if applied as blindly as the idea suggests.
        One of the mayor benefit of a structure like iot is agencies can spy on everything more easily. The question is why we should consider this to be some

      • That's a false premise. You ASSUME that computer science program is responsible for the lack of security in products because they don't teach security. The fact is businesses that build these products do not promote security because it will cost money. Do you honestly think that some guy who graduates with a CS degree is responsible? Put another way, where do all these security experts get their training?
    • by gl4ss ( 559668 )

      embedded connected devices aren't a fad...
      but you know what is a fad? slapping an IoT sticker on things when trying to find startup funding.

      that's why the so called reporter/journalist in this case slapped it under that label, because he is a fad seeking ahole incapable of writing actual news or opinion pieces so he mismatches someone else's comments into an opinion piece that ends up being incoherent.

    • Maybe, but it's high time that when it comes to teaching Networking, IPv6 starts replacing IPv4 as the taught protocol, so that it gets applied more going forward, and does not tie newer graduates to older technology that's hit its limits ages ago
  • by Anonymous Coward

    What exactly are the upsides of having my fridge, toaster, microwave oven, sock drawer or fork connected to the internet?

    • by ArcadeMan ( 2766669 ) on Wednesday April 02, 2014 @09:24PM (#46645813)

      Your sock drawer would know how many time each sock has been fucked, it would alert your washer to wash two cycles instead of one, it could tell your fridge to order more detergent since it's in charge of the grocery list and it could buy more sexy lingerie on Amazon for your girlfriend since you're obviously ignoring her physical needs.

    • by LookIntoTheFuture ( 3480731 ) on Wednesday April 02, 2014 @09:28PM (#46645831)

      What exactly are the upsides of having my fridge, toaster, microwave oven, sock drawer or fork connected to the internet?

      You won't be able to understand the upsides because you aren't part of the "today's busy idiot" demographic.

    • What exactly are the upsides of having my fridge, toaster, microwave oven, sock drawer or fork connected to the internet?

      Well a smart oven can be set to cook your meal when you hit a button on an app before you head home. A smart fridge can keep track of what food you have when it expires what you use then compile meal plans and grocery lists add to it a link to your smart bathroom scale, and smart shoes to measue the amount of physical activity you have throughout the day and it it opens up dynamic dieting meal plans. A houses light and sound system could detect what room you are in and turn on and off lights and speakers as

      • by Anonymous Coward

        I'll never trust a smart cooking appliance. You never know if there's going to be a sudden traffic surge or be in an accident. Good luck burning your house down. That's aside from the fact that you'll have to leave the food in the oven hours beforehand (robotic oven/fridge is still too expensive). Many foods don't do well sitting out uncooked and there's always the possibility of forgetting that you didn't put food in (in-oven camera would fix that).

        Appliances aren't worth connecting until they're also

        • by rts008 ( 812749 )

          Appliances aren't worth connecting until they're also fully automated.

          I question the need to connect if it is truly automated, but I think I understand what you are getting at. (jumping to your third para)

          What I see as a goal is a 'master computer' controlling your home, and applicable contents.
          You communicate with the Home Computer, and then it controls the individual appliences and equipment. (fully automated)

          So you are connected to the home comp and communicating your commands to it, and it takes things from there.

          Is this what you had in mind for 'fully automated'?

      • Re: (Score:3, Informative)

        by sexconker ( 1179573 )

        What exactly are the upsides of having my fridge, toaster, microwave oven, sock drawer or fork connected to the internet?

        Well a smart oven can be set to cook your meal when you hit a button on an app before you head home. A smart fridge can keep track of what food you have when it expires what you use then compile meal plans and grocery lists add to it a link to your smart bathroom scale, and smart shoes to measue the amount of physical activity you have throughout the day and it it opens up dynamic dieting meal plans. A houses light and sound system could detect what room you are in and turn on and off lights and speakers as you enter/leave. Given time I could come up with more applications but those were just the first ones to pop into my head.

        You'd have to prepare the meal before hand and hope there's only one cooking step.
        Fine if you're doing boxed dinners, but useless if you want to actually cook anything.

        A smart fridge won't know when milk's gone sour before the date or when yogurt and cheese are still good a month after the date. Nor will they have a way to read the damned date on any of the brands I like. I sure as hell am not typing (or touching, or speaking) that shit in to the fridge. Nor would such a smart fridge need to be connected

        • You would have to cook your meal before leaving or at the least prepare it and leave it to cook ; check it when you're away to see that it doesn't get burned or not cooked enough, you can adjust time or temperature. Then let it sit and cool off for hours.. Just before you come back you can turn on low heat to make it warm again. Pretty limited..
          Remote control can be used at home too but really, why not walk to the friggin'g oven!

          On the plus side, I will spy on your oven's content, remotely deactivate your a

          • There was a character in a (new series) Outer Limits episode who survived by doing exactly that - he learned to hack building management and lived free at a a futuristic apartment complex by stealing a little food here and there - adding an item to someone's grocery order and intercepting it on delivery, living in the maintenance spaces. The invisible parasite.

        • You'd have to prepare the meal before hand and hope there's only one cooking step.
          Fine if you're doing boxed dinners, but useless if you want to actually cook anything.

          A smart fridge won't know when milk's gone sour before the date or when yogurt and cheese are still good a month after the date. Nor will they have a way to read the damned date on any of the brands I like. I sure as hell am not typing (or touching, or speaking) that shit in to the fridge. Nor would such a smart fridge need to be connected to the internet

          As to it not being able to know what is in it without you manually entering the data have you.ever heard of bar codes? You can put a hell of a lot of stuff in qr codes. As for knowing that something went bad soon just mark it as bad or gone if something isn't bad at experation click the not bad button that adds a week

      • Hacker's Paradise.

        What happens when you are hacked, pwned, 'gamed' 12 ways from Sunday, and have to disconnect to clean up and straighten out the mess?

        Is it really worth it at this point in time? Not for me, no way!

    • by Anonymous Coward

      What exactly are the upsides of having my fridge, toaster, microwave oven, sock drawer or fork connected to the internet?

      It's so BigBrother.com. can sell you things that break down faster. It enables BigBrother.gov to come up with more reasons to oppress you in various ways. Oh, upside for you? None, slave. Now get back to producing crap people don't need and buying crap you don't want, or we may decide to audit your taxes, or bust down your door with a S.W.A.T. raid or something.

    • Some things, though not all, make sense to be connected to the internet. Like your home security system. Or your garage door opener. Let's say the spouse is locked out and doesn't have the key, & calls you while you're watching a movie. A few buttons on the cellphone, and the garage door is opened. Or you are told that you've driven off w/o closing the garage door. Done w/o driving back. You remember that you've forgotten to turn off the oven while setting the quiche? Done from wherever you are.

    • Ahhh, the sock drawer...

      So, it has come to this.

      If you give your sock drawer access to the internet, it will hack it's way into the means to put the Large Hadron Collider into turbo boost overdrive, all in order to rip the fabric of space-time to open a portal into Demon Murphy's demension/domain(of Murphy's Law infamy), have a Massive Black Hole FedEx'd into our solar system, and Earth would get sucked into Demon Murphy's Domain, making Hell look like Paradise.

      All to hide the true facts about all of those

    • by Hentes ( 2461350 )

      True, all of the Internet of Things functionality could be replaced by machines having an open interface and open specifications, controlled by a central computer which may or may not be connected to the internet. But the great thing about doing it distributed is that now manufacturers can charge extra for each "smart" device. That's what's driving the Internet of Things.

  • I don't understand why people want their $3000 fridges to be bricked by Chinese hackers. Could someone please explain it to me?
  • Oh yeah sure. (Score:5, Insightful)

    by istartedi ( 132515 ) on Wednesday April 02, 2014 @09:28PM (#46645839) Journal

    My Internet-enabled fridge needs to be developed using proper security procedures which are ummm.... not applicable to any other field such as SCADA or medical database systems that are already in place. Who's smoking the crack here, the journalists or Cerf? I'm betting it's the journalists and that he's misquoted and/or being quoted out of context. Too lazy to RTFA of course...

  • by Anonymous Coward

    Its bad enough that mobile phones and tablets are forced into early obsolescence (I have 2 perfectly viable Transformer Prime Infinity tablets, they're awesome...they just don't get updated anymore. Yes, in that particular case its easy for me to flash in a custom ROM, and I do that, but thats not easy for the average joe, and its not nearly as easy across all devices).

    When its a phone its one thing...freagin waste, but at least they're mostly cheap-ish, contract or not. A fridge? A washer/dryer? A car? Sma

    • Only appliances with a valid support contract and maintenance agreement are entitled to receive firmware upgrades. Appliances without either of those, or that have been transferred to a third party without the authorization of the vendor or a licensed reseller are inelligble.
  • Specifics (Score:4, Informative)

    by phantomfive ( 622387 ) on Wednesday April 02, 2014 @09:40PM (#46645901) Journal
    If anyone wants to know what specific changes he suggests universities implement, don't bother watching the movie, he doesn't mention it. The interviewer never gives him the chance.

    The interviewer does however ask him who the mother of the internet is.
    • If anyone wants to know what specific changes he suggests universities implement, don't bother watching the movie, he doesn't mention it.

      It wouldn't matter if he did.
      Beating security consciousness into the programmer is the easy part.
      Beating security consciousness into businesses is... mostly impossible.

      The interviewer never gives him the chance.

      Replace "interviewer" with "boss" and you've encapsulated the problem in a nutshell.

      • Beating security consciousness into the programmer is the easy part.

        Maybe, but if we even managed to get it to the programmers we'd be far ahead of where we are.

        • LMOL, you don't work for a corporation do you. They set the standards. If the standards don't accommodate security, then security is not included. Security is a matter of corporate culture.
  • by TrollstonButterbeans ( 2914995 ) on Wednesday April 02, 2014 @09:59PM (#46645989)
    The most explosive *recorded* invention in the history of mankind was the printing press.

    And it set Europe on fire.

    But this led to the Renaissance.

    You can't put the genie back in the bottle.

    What is going on now with the internet and mobile devices and communication in general --- like the printing press or like radio or television --- is going to upset the status quo in 57 different ways.

    Embrace these ways, understand how they will be used for good (yes --- if you think citizens are upset, just imagine how upset tyrants and governments are --- people in power hate change) ----

    Communication advances always causes flowers to bloom --- any heartache always looks dumb and old fashioned in a decade of hindsight, because it yields new freedoms and rights that were never expected. If you doubt this, why do civil right continue to grow and governments to ever more tend to the welfare of their people?
    • I'm pretty sure the internet (and computers in general) has topped the printing press in that way.

      In less than half a century, the Internet has gone from invention to be widely used in every nation on earth with more than a 3rd of the world's population* actively using it. The printing press, while wildly popular and transformative did not have nearly this level of adoption and impact.

      You are right in how transformative the printing press was, and a great example of how we can expect the Internet to continu

      • ???? The printing press did not have as great an impact on the world as the internet? Really? I didn't realize porn and stock quotes were more important than being able to read.
    • That's cool, but, how does your post relate in any way to the story? I'm not seeing it.
    • Communication advances always causes flowers to bloom --- any heartache always looks dumb and old fashioned in a decade of hindsight, because it yields new freedoms and rights that were never expected. If you doubt this, why do civil right continue to grow and governments to ever more tend to the welfare of their people?

      Huh?
      The biggest advance that I've seen in communication is revelations that the NSA and its sister agencies around the globe have been spying on all the new freedoms that were never expected.
      How's that for civil rights continuing to grow?

    • The most explosive *recorded* invention in the history of mankind was the printing press.

      You can't put the genie back in the bottle.

      What is going on now with the internet and mobile devices and communication in general --- like the printing press or like radio or television --- is going to upset the status quo in 57 different ways.

      Cost of global communication has already dropped to the point of saturation in much of the world. With low hanging fruits already plucked wouldn't hold my breath on disruptive change arriving anytime soon.

      I expect to see a lot of crap with questionable or negative value prop so I will not be blindly embracing anything.

      • Cultural change takes time. Just look at the backlash - how many countries have set up elaborate internet filtering systems in an effort to keep out ideas they regard as dangerous to their society? And how well are those filters working? The biggest barrier to international communication now is language, and Google is working hard on that one.

  • I reject, fundamentally, the idea that 'The Internet of Things' means that every device in one's home should outwardly face the Internet. There is plenty of opportunity for layering. An IP enabled refrigerator can be connected to the internet through some far more secure routing device.

    Security zoning functionality and monitoring technology for security purposes needs to see far, far more development than it does at present. Perhaps there are entities and forces out there that don't want us to have secur

  • "the internet of things" is a reductive concept. It's an unnecessary abstraction layer that just puts more barriers between the programmer and the device. We should be **getting rid of** concepts like this in CS not adding them...

    **of course** CS programs have the problems TFA listed...here on /. we know CS programs have areas from improvement

    what I object to is the entire notion of "the internet of things" as being a concept worth repeating...it's a nothing phrase that just confuses people

    when educating, we need to have concrete theory not hype language

  • by catmistake ( 814204 ) on Wednesday April 02, 2014 @10:37PM (#46646197) Journal

    Computer Science has absolutely NOTHING TO DO WITH ANY INTERNET, of "things" or otherwise.

    Computer Science needs to change its name so everyone that thinks they know what a computer is can stuff it up their ass. Because CS has nothing to do with computers, and nothing at all to do with software or programming. The "Computer" in "Computer Science" is not, I repeat, is not synonymous with the thing you call "computer" that's on your desk or lap. It means simply "calculator," i.e. one who calculates, or, precisely, that which computes, or to make it really simple for them, that which reckons. They should call it Reckoner Science. Then no one would be confused, no one would fantacize about studying it (because they just love their computer!!) when they go off to college in a year or so, and HR morons would stop requiring CS degreed Windows Administrators or help desk monkeys because that is ridiculous. Mechanics don't need Mechanical Engineering degrees, Nurses don't need an M.D., and corporate america does not need specialized mathematicians furiously installing java browser plugin security updates on all the machines on their network. Think of Computer Sciece as math... then you'll understand how stupid everyone sounds when they say anything about Computer Science. Be a programmer if you want. Programmers do not need a Computer Science degree, or any degree for that matter.

    I'm just going put this here:

    Computer Science [wikipedia.org] (abbreviated CS or CompSci) is the scientific and practical approach to computation and its applications. It is the systematic study of the feasibility, structure, expression, and mechanization of the methodicalprocesses (or algorithms) that underlie the acquisition, representation, processing, storage, communication of, andaccess to information, whether such information is encoded as bits in a computer memory or transcribed engines and protein structures in a human cell. A computer scientist specializes in the theory of computation and the design of computational systems

    • Understanding the impact of how the future world of always-on, always-available, omnipresent computing interacts at a high theoretical level is not programming and absolutely does belong in the realm of science of computing.

      This isn't the realm of code monkeys, and I agree that's not what CS should teach. However, the theory of systems and interactions should be taught.

      Where does researching AI, machine learning, or organic networks fall in your narrow definition? CS is maturing as a science and researching

    • Computer Science has absolutely NOTHING TO DO WITH ANY INTERNET, of "things" or otherwise.

      Between you and Vint Cerf, I'm going to guess that he actually does understand Computer Science, and that you didn't understand what he said.

      Also, the internet of things? That fits right in the definition of CS you have there, under "practical approach to computation and its applications." You should have read it, instead of just putting it there.

    • As one circulating quote puts it: "Computer science is about computers in the same way astronomy is about telescopes."

    • by ndykman ( 659315 )

      I've seen this argument quite a bit, that Computer Science is a really just a branch of applied mathematics, that it is unnecessary for programmers and so on. Sure, it could be viewed that way, but it is ignoring a lot of the history of how the discipline developed.

      The first CS programs always had an applied component. It was not just math and proofs. There was (and still is) math, but there was a lot of engineering from the start. When Ivan Sutherland started the field of computer graphics, it wasn't just

  • by fuzzyfuzzyfungus ( 1223518 ) on Wednesday April 02, 2014 @10:39PM (#46646207) Journal
    So far as it goes, what he says is true: this 'internet of things' will represent a major challenge to secure and problem if not secured; further, if the present state of security tells us anything, we sure as hell aren't prepared for it, much less what we do right now.

    Fundamentally, though, treating it as a 'security' problem is making a dangerous and conceptually limiting mistake. "Security" ensures that a system operates as intended, provides only the access and capabilities intended to various parties, and so on. It Does Not specify who those parties are. Bad news, kids, based on everything we've seen so far, and how everything that was bad on the internet is even worse on 'mobile' and so on, do you really think that even perfect security would do much more than keep small-time criminals from inconveniencing 'respectable' advertisers and subscription-service pushers?

    Unless you think that cellphones were some sort of abberation, totally different from everything else because, um, reasons; 'internet of things' is just a polite way of saying "EULAs, crypto bootloaders, 'consumer behavioral marketing', and who knows what else, baked into every device large enough to support some kind of NIC".

    Yes, Cerf is correct in that having the 'internet of things' work out slightly better than "Hey, let's sell SCADA to home users!" would be a pretty good idea; but that's not even close to good enough. 'Security' just means that the wishes of the system creater are being followed. Do you think those wishes will be to your benefit?
    • by Dynedain ( 141758 ) <slashdot2&anthonymclin,com> on Wednesday April 02, 2014 @11:34PM (#46646371) Homepage

      I think Vint gets that, and is speaking to the higher level and using "security" as an abstract generalization.

      For example, the web was explicitly developed as a "pull" technology with declarative linking by reference with public visibility. Understanding the impact of that to how you build a security model governing access presents unique challenge. By comparison, Usenet is the opposite. It's essentially a syndicated push technology, more similar to a broadcast publishing method. As a result, the security model for how people gain access to resources, and what talks to what, is handled in a very different way.

      Those are just two examples of content on today's general Internet which is an extension of Vint's work. When he talks about the Internet of Things, he doesn't merely mean the fad of sticking a web browser on a toaster. He's talking about the bigger vision of omnipresent computing and direct interaction of common devices to each other. Much like the Internet (specifically TCP/IP and DNS) was conceived as a way for computers to directly talk to each other (not going through a centralized hierarchy for approval and redistribution). We learned a lot of great lessons about how it would be used, the shortcoming, and the security ramifications. Now that we're in the fledgling stages of doing the same thing for a whole new are of automation and computing, there's great opportunity to think about and apply the lessons learned.

      • I certainly hope he does, and he's definitely sharp enough to have a better-than-average chance of doing so. I think I've just gotten a bit jumpy about this sort of talk about 'security' since the whole electronic voting machines issue showed up (and, um, never actually went away, not that you'd know that by looking). Even some people I think of as atypically clueful and competent focused on the (genuinely alarming and sometimes downright comical) security flaws in the various early systems, and paid no app
  • Need more of trades like learning in schools with teaching with real work skills not theroy with teachers who have been in the Ivory tower for years

  • At times there can be big software bugs or all of kinds of rush hacks just to get it working much less security issues.

  • by Anonymous Coward

    Poor guy, he's so adored but he literally has nothing left.

    99% of what network admins do is control access and require authentication. 99% of what's "on the internet" isn't on the internet.

    I just don't see what's different for my Fridge compared to my company's intranet.

  • A friend told me he wishes for the crapper's flush to be linked to the coffee pot. Smart algorithms will detect his habit of taking a crap on the morning and then preparing coffee, so flushing the toilet should trigger coffee brewing on the right hour ranges, and if the pot is not full of coffee already. Taking a dump is a proxy for presence detection, but also for the intent of drinking coffee.
    I suggested that the powers-that-be will spy on him by detecting droppings falling into the water as well as analy

  • The "Internet of Things" is, I think, driven mainly by manufacturers who want people to have an excuse to buy their new thing, which everybody already has, and works fine. Maybe universities should be teaching smartwatch programming too!

    No. Universities should teach programming and technology basics. If corporations want to try to convince us all that we need an Internet-connected stapler, they aren't going to go looking for university graduates that have an IoT degree! They'll figure it out all on thei

  • Right after people learn to break up their code into actual functions instead of the standard multi-thousand line long garbage. Oh and of course give everything meaningful names. Can't forget to tell people to actually check their warnings ETC. (I'm sure everyone here that's a programmer/SE/developer can easily expand on all the crazy shit they've seen people do which would come way before this.)
  • by WaffleMonster ( 969671 ) on Wednesday April 02, 2014 @11:42PM (#46646397)

    Apparently what the Internet needs most is yet another buzzword so nebulous, context free and ill defined nobody really understands what it is your talking about.

    If "Internet of things" means home automation the technology has been around for decades yet remains a small niche market. "you can ..." scenarios are fun and cool and functional and all yet tend to impart very little useful value to the owner. I don't need or want Internet connected thermostats, light bulbs and toasters. As for security we can't even communicate securely. Email, Telephone/SMS are wholly insecure and trivially spoofed by anyone. Securing a mythical buzzword is not a problem I chose to spend my time perusing.

  • So what does he want CS students to learn? Embedded system programming? Control theory? Labview? System safety engineering? Mechatronics? Robotics?

  • by wcrowe ( 94389 ) on Thursday April 03, 2014 @09:24AM (#46648985)

    Apart from a few technology companies here and there, does anyone really want the "Internet of Things"? I have yet to hear someone say, "Gosh, I wish my washing machine were internet-capable". Yes, I understand that tech firms can come up with all sorts of scenarios where they can try to convince us that this technology will be useful, but what have you really gained with an internet-ready appliance, apart from yet another vehicle for advertisement?

No spitting on the Bus! Thank you, The Mgt.

Working...