Month: October 2016

Behold, for I am node

Internet of Things (IoT) has been all the rage the last couple of years, and I really don’t understand it. Let’s summarize some objections:

    Any 1 added feature to a [n]etwork increases the risks to it exponentially: n+(n+1).
    The connectivity is the feature and any security measures decrease connectivity so is at odds with it’s main purpose, which becomes an inherent security problem when there’s a plethora of new products and services which compete to be first to market.
    IoT turns our behaviours into data which can be mined without our own interests at heart.
    IoT further pushes the idea of a “citizen” as a “consumer” into a “consumer as product.”

Any 1 added feature to a network [n] increases the risks to it exponentially: n+(n+1)

If you add one IoT lightbulb to your home, giving it access through your own network, any mistake on the part of the manufacturer or nefarious activity targeting your lightbulbs services, exposes the rest of your network for potential attacks. Your lightbulb becomes the vector, and suddenly the rest of your IoT household and network can be attacked in ways which circumvents whatever gateway security you’ve setup at ISP or router level. And should your lightbulb get patched, that new firmware you download for your microwave oven is corrupted because someone got to their repository and now your oven is compromising your own network. The complexity of policing all these IoT services also increases exponentially.

One current example is the massive DDOS attack which squashed Twitter which used an IoT botnet.

The above example uses corrupted IoT devices to orchestrate an attack outward, but that usage is arbitrary from a security point – your hoover is no longer your friend.

ratta

The connectivity is the feature and any security measures decrease connectivity so is at odds with it’s main purpose, which becomes inherent security problem when there’s a plethora of new products and services which compete to be first to market.

The same market forces which govern regular product development, marketing, distribution and the inevitable ambition for hegemony, act on the development of IoT, but since the turnover and innovation cycle is getting ever shorter, and the main feature of IoT devices is their connectivity and user friendliness, security is not a priority and will always be lacking. Especially in the knockoff devices which try to compete with the bigger actors by lowering prices. Look no further than cheap USB chargers that keep catching on fire as an analogy — it’s not that the factories and engineers who crank out these crap chargers are incompetent, it’s just that their priorities don’t include “safety.”

IoT turns our behaviours into data which can be mined without our own interests at heart.

IoT allows for those who would like to leverage a deeper knowledge of us to further their own ends. The data that private and state actors mine to better track our habits and wants becomes more granular and nigh impossible to escape. Even if you live in a faraday cage, most of your friends probably don’t, nor will you be able to escape your own buspass or the facetracking software your store is using.

The brouhaha over surveillance fifteen years ago, when we had demonstrations against Echelon and city-wide video surveillance, seems like ancient history, but the same arguments still apply. Personal sovereignty is an important principle, and abuses which we historically have fought tooth and nail to curb are being implemented as features.

staycalmandserve

IoT further pushes the idea of a “citizen” as a “consumer” into a “consumer as product”

Today when you’re taking the train you are not a passenger but a customer. You are not a patient at a hospital but a consumer of health services. With the increased focus on identity politics in the social sphere we are not political actors but cheerleaders for our brand of conspicuous political consumption.

Going forward, you are the facilitator of a commercial transaction. You have become the programmed agent, being acted upon by machines with little loving grace but plenty of data points on how best to serve you –using their own definition of “serve” of course. You are become a node through which resources flow.

Of course you are still human, and you can choose to act outside the boundries of IoT and the network, but it takes increasing amount of work to do and as soon as these models are being used for our everyday infrastructure you’re being affected with or without your approval.

A free service is never free. The most apparent cost of “free services” is your attention for advertisements. But the way to think of these ads is not that this is what you put up with in order to use a free app — you as a user are the product that the software company is providing their real customers. (This isn’t new, this is how the newspaper industry has operated for more than a century). The difference with IoT is that the service that you are providing to the IoT company is an inherent feature of their products, and you are not even required to actively participate in providing work for them; you are a node, you are the “thing” in the term “Internet of Things”.

And I can’t for the life of me understand how this is a good thing.

Biohack conference 4th april, 2016

Bionyfiken put together Swedens first biomaker conference in Stockholm this spring, and of course I went. There was a mix of speakers and topics, and most of them were overviews of organisations rather than actual projects or knowledge-sharing. Overall the mood was more of a meet-n-greet for folks involved in related areas. The title of the conference was “biomaker” rather than “biohacker” which might be more inclusive; even though “hacking” has a better reputation today than ten years ago there’s still a stigma associated with it.

One can’t have everything one would like, but I missed more speculative ideas of what the movement is about – we speak of a “maker movement” and this has over time crystalized into an understaning of what fablabs are and what hacklabs are, and I guess it will get easier with time to see what people are actually doing and use that as a basis for defining the movement. But apart from a brief introduction by one of the hosts, there was very little overlap between the different presenters, outside of the fact that they’re all working with “biological systems” in one way or another.

For me, who’s not coming from a technical background, I would have appreciated a “state of biohacking” presentation. Legislation, economics, ambitions, open source or not, culture, etc – are all issues which could have been covered – and I hope they show up more on the next conference.

dragonfish

a few of the participants deal with quantified self – something which overlaps with the selling of pills or books about regiments – and although I don’t have the self discipline to participate in that part of the movement I appreciate that people are doing it, and it will likely provide a trove of data for later scientific analysis provided that there are control studies, that people are rigorous in their logging and that there are protocols which allow for accurate tracking.

Nevertheless, and intersting overlap with quantified self is the grinder community, and it’s overlapping mostly because it’s about modifying ones own body. In the presentation by Jowan Österlund from BioHax International he talked mostly about the technology of today and specifically NFC implants for managing access – but he envisioned that implantables will become more sofisticated and possibly have computing power and be able to interface with our bodies, and not only work as sensors. This would then overlap with the QS group in that they would have to come up with what they’d like these implants to do – at this point we will be more of the cyborgs as we’ve envisioned them in popular fiction, and we’ll have a more direct way of manipulating our bodies; not only through nootropics and other supplements working through the digestive or blood system, but perhaps stimulate a particular set of neurons directly.

Today though, I don’t really see the point of NFC implants beyond the apparent convenience of having your buss pass with you at all times. It ties into the Internet of Things movement, and considering how positive most people – even hacktivists who ought to know better – are to IoT, it’s not an empowering technology but rather one which turns you into a node, a Thing on Internet. Which I can’t for the life of me see as something positive as a whole, considering how the internet works and the obvious risks of exploits and nefarious uses, but also because of the unavoidable feature of being data mined by commercial and state enteties – or even just your neighbour. But that’s a different diatribe.

iGEM was represented by Gustav Edman from Gothenburg who gave the most technical presentation of the conference – unfortunately an overly technical presentation in parts – but that’s what you get from a mixed crowd and different expectations.

dj_heaven

I’ve been thinking about possible future scenarios a bit, and since no-one covered those topics in the first session I asked to put up a sign at the unconference after lunch, soliciting peoples’ ideas for “the unintended concequences of biohacking”. I had some interesting conversations, but I didn’t get a single submission. Not very surprising seeing as I was competing with people who had actual information and knowledge to share, and not just a questioneer soliciting speculation. Regardless, I’ll try to follow up if for no other reason than that such a collection of speculations would be an interesting document ten or twenty years down the line, when we could match our predictions with what actually happen. Part of the whole “unintended consequences” thing is that what is unintended is also exceedingly difficult to predict. Also, because I hadn’t prepared any material I was just assuming that poeple understood the question in the same way as I did: The road to hell is paved with good intentions.

Another thing: Because the DIY movement is relatively new within biology, there’s little talk of drawbacks or negative consequences (not that “unintended” has to be “bad” mind you) and there’s also of course a defensive posture of people who are working hard on their projects. I guess asking “so, how will your project fuck shit up?” isn’t the best conversation starter. People are more likely to start talking about the obstacles to their success, or what the prerequisites are, rather than what might go wrong – which they haven’t even predicted yet.

The Swedish memory champion – apparently memory sport is a thing? – did a presentation, but I can’t really recall what it was about. I thought it was cute that the company that he was working with (if I recall correctly) were selling over-the-counter nootropics, and proudly diplayed “No GMO’s” on the label. I don’t know if that raised any discussions at the conference, but I guess it ought to. A Pakistani researcher I spoke with was upset that the whole GMO/anti-GMO debate was so polarised in the EU, and that we have Monsanto on one side and enviromentalists on the other, with not enough in common to actually carry on a discussion.

fodelsedagsfest_tarta

Probably the most rewarding discussion was with Danielle Wilde who is running a university sponsored course in DIY bio in Kolding, Denmark. She teaches students how to set up a wetlab, about protocols, educating citizen scientists and engaging the city of Kolding. Hers was an interesting presentation and I’d love to be able to participate in something like that. Most of the course material is based on the Waag society curriculum for creating a biolab, and either of those places would be awesome to visit and study at.

There were people presenting trans cranial direct current stimulation – but no hands on presentation that I could find – and others doing simulated electronic body control; letting one person with electrodes on her arm control the arm of a test subject. That one had a live demo but the queue was more than I thought worth it. You can see a demo of it at TED, and it seems to be a straight-forward experiment.

One thing I was hoping to achieve with the conference was to get inspiration enough to continue exploring biohacking in Gothenburg, perchance even to meet someone to cooperate with. The latter didn’t pan out, but the conference was inspiring enought that I’m going to keep at it. At the moment, I’m starting up Laborator: Gothenburgs first biohacklab. Right now it’s just a Mailchimp list and a homepage, but we’ve had a few meetings and I’m setting aside a couple of hours each week to getting it up and running. Bionyfiken took three years from inception to first lab, and I’m hoping that by learning from their experience we can get going faster.