{"id":15598,"date":"2019-06-18T10:10:02","date_gmt":"2019-06-18T18:10:02","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/06\/18\/news-9347\/"},"modified":"2019-06-18T10:10:02","modified_gmt":"2019-06-18T18:10:02","slug":"news-9347","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/06\/18\/news-9347\/","title":{"rendered":"Smart cities, difficult choices: privacy and security on the grid"},"content":{"rendered":"

Credit to Author: Christopher Boyd| Date: Tue, 18 Jun 2019 17:17:08 +0000<\/strong><\/p>\n

All is not well in the land of smart city planning, as the latest major planned development<\/a> from Google’s sister company Sidewalk Labs continues to run into problems in Toronto, Canada.<\/p>\n

A groundswell of support?<\/h3>\n

Building a city \u201cFrom the ground up\u201d is apparently no longer a thing: at least some folk with a hand in digital urban design are saying it\u2019s \u201cFrom the Internet up\u201d now. The plan was to take Toronto\u2019s waterfront and transform it into an innovative smart city location. Sidewalk Labs got the contract to design a big chunk of Toronto\u2019s waterfront in 2017, with potential for expansion.<\/p>\n

New tech and an eye for environmentally-friendly design should have been the icing on the cake. Instead, continued delays over revealing what is happening is leading to complaints and protest groups like Block Sidewalk<\/a> who aren\u2019t happy with the direction things have taken.<\/p>\n

A bump in the road<\/h3>\n

As it turns out, planning something like a smart city is incredibly complicated, and things appear to be slipping behind schedule<\/a>. Worse, nobody seem to be able to tell the residents exactly what\u2019s coming<\/a> in this brave new world of digital connectedness. Google\u2019s Sidewalk Labs want to try and set a \u201cGlobal standard\u201d for how user data should be treated<\/a>, but there\u2019s still no real information available as to how this will work in practice.<\/p>\n

Interestingly, it\u2019s the data privacy concerns now primarily coming to the fore<\/a>, as bigger tech critics weigh in. It\u2019s no fun when your project is on the receiving end of comments like, \u201cA colonizing experiment in surveillance capitalism\u201d or \u201c\u2026a dystopian vision that has no place in a democratic society,\u201d especially if your main aim was to build some wood paneled houses and a functional drainage system.<\/p>\n

Various resignations<\/a> from the advisory panel and even the former privacy commissioner of Ontario, stating, \u201cI imagined us creating a smart city of privacy as opposed to a smart city of surveillance\u201d has definitely not helped to smooth out concerns.<\/p>\n

The clear signifier is that early buy-in is crucial in getting one of these projects off the ground. Without an early affirmation of what to expect, people will dig their heels in and say no regardless of what\u2019s on offer.<\/p>\n

Puebla, in East-Central Mexico, is a good example of this. They have 15 locations slated to become smart cities. Santa Maria Tonantzintla has essentially refused to go any further after a lack of information as to what\u2019s coming next. Demolishing some local landmarks certainly didn\u2019t help matters<\/a>. I would’ve linked to the 15 cities project, but the website is offline, which may or may not be very on brand for this kind of enterprise.<\/p>\n

What is a smart city?<\/h3>\n

Good question, and one we may take for granted. Defining a smart city can be an exercise in frustration<\/a>, but experts broadly peg them as one of two distinct flavours: top down, and bottom up<\/a>.<\/p>\n

Top down smart cities<\/h4>\n

These are major projects put together through a combination of governments, city councils, and major technology vendors. Ideally, an entire city is constructed from nothing, with the essential technology backbone required to make it all work in place from the outset.<\/p>\n

Someone, somewhere sits Wizard-of-Oz style with a large control bank ensuring every aspect of day-to-day living works seamlessly\u2014from trash collection and street lighting to traffic flow management and energy use.<\/p>\n

That\u2019s how it pans out in an ideal world with no need to worry about things going wrong, anyway. As you\u2019ll see shortly, things tend to go wrong quite a bit. For now, let\u2019s look at the next style of smart city.<\/p>\n

Bottom up smart cities<\/h4>\n

This is what people who live in a city get up to when left to their own devices (pun probably not intended). Crowdfunders, crowdsourcing, smaller disruptive organisations working with communities to make things work more efficiently; it\u2019s all here, and it’s as potentially chaotic as you\u2019d imagine.<\/p>\n

Piecing the puzzle together<\/h3>\n

Of course, it\u2019s usually tricky to slap a city together from scratch and be home in time for supper\u2014most of our towns and cities are already here with us. What we mostly have is a haphazard assemblage of council-led approaches bolted onto crumbling infrastructures while independent apps and community projects simultaneously do their own thing. The residents are by and large caught in the middle of this ebb and flow, and there\u2019s never a real guarantee any of it is going to work as expected.<\/p>\n

Smart city shenanigans<\/h3>\n

Despite their best efforts, projects can and do run into troublesome situations. Many of them aren\u2019t even strictly security related; you\u2019re probably more likely to fall victim to negligence or poor planning. Even so, the end result is still the same, whether or not someone hacked the Gibson, and a problem will still cause headaches. Below, we look at a few issues facing both top and bottom styles of smart city.<\/p>\n

Top down smart city problems<\/h4>\n

1)<\/strong> In the UK, Westminster ran into issues when the company managing the city\u2019s street lights went into administration. With nobody at the lightbulb wheel, residents were amazed to find some 8,000 street lights blasting away 24\/7 for an entire week<\/a>. The local council had to pay a \u201csmall fee\u201d to the new company administrators to get things resolved.<\/p>\n

While you\u2019d think a contingency plan would be in place for contract explosion at this level, it somehow ended up being missed. Nobody wants to go to bed with typically much brighter smart bulbs pouring in through the window, not to mention the power drain\/environmental impact. A simple but effective example of how sometimes top down gets it wrong.<\/p>\n

2)<\/strong> What if an entire neighbourhood\u2019s identity vanished from online maps to the extent that it\u2019s data-driven invisibility meant you might never find it<\/a>? That\u2019s exactly what happened to the community of the Fruit Belt, aka \u201cMedical Park,\u201d courtesy of bad data not only from Town Hall but also a variety of mapping startups, tech orgs, and data brokers.<\/p>\n

The residents\u2019 fight to reclaim both the name and the location\u2019s acknowledgement as a physical space is quite something. As with Westminster and their 24\/7 lights, we see another situation where defunct companies leave unforeseen problems in their wake with nobody to play clean-up.<\/p>\n

3)<\/strong> There\u2019s also the threat from hacks in a top down system; control the hub, control the city<\/a>. Exposed devices, default passwords, vulnerabilities, and critical flaws\u2014all ready and waiting for someone to come along and take advantage. You expect a street light to break or a pipe to burst. What you don\u2019t expect is people tampering with early warning systems<\/a> or road signs displaying random messages<\/a>.<\/p>\n

4)<\/strong> Sticking with that same theme, a lot of work has been done in this area by the Securing Smart Cities<\/a> project, which looks at ways companies, governments, media outlets, and more can work together to address these concerns. Amongst other things, they’ve done smart research on how CCTV systems can be a danger<\/a> from something as banal sounding as not covering up labels. They’ve also explained how bad actors could scale up attacks to (for example) knock out air conditioners across multiple streets<\/a> or an even bigger radius with the aid of some $50 equipment. That may not sound like a big deal, but in hot weather it could be potentially lethal for the sick or elderly.<\/p>\n

5)<\/strong> Hong Kong residents protesting the proposed extraction law chose to avoid using their Metro cards for travel for fear of being tracked by the government<\/a>. Instead, they opted for cash payments like tourists tend to do. This data has been used in the past<\/a> for law enforcement, so one can understand their apprehension. In a place where even advertising has been used to name and shame litterbugs via DNA<\/a>, this raises potent questions about where, exactly, power lies when so much of our day-to-day existence is at the whim of top down systems.<\/p>\n

Bottom up smart city problems<\/h4>\n

1)<\/strong> Tracking in the age of smart tech is something people are naturally concerned about. When I looked at the hacking simulation NITE Team 4<\/a>, I mentioned tracking someone\u2019s phone via smart billboards. I was particularly taken by this appearing in a video game, because it\u2019s a supposedly out-there concept that doesn\u2019t sound real but (shocker) it is.<\/p>\n

Wandering the streets, whizzing by in a car, walking around some shops? If your Wi-Fi is enabled, it\u2019s quite possible you\u2019re being tracked for marketing purposes<\/a>.<\/p>\n

2)<\/strong> What happens when your landlord and\/or building complex decides the time has come for everybody to receive smart locks whether they want them or not<\/a>? Chaos is what happens. Not everybody is a fan of taking control over basic functions like premises security away from the resident, and there\u2019s multiple compelling reasons for not having them installed.<\/p>\n

Case in point: What if there are potential security issues? What happens if the power goes down while there\u2019s an apartment fire? What if the locks just stop working while you\u2019re asleep? Who has access to the data? Before you know it, it\u2019s all gone a bit legal<\/a> and some people in suits are probably shouting a lot.<\/p>\n

3)<\/strong> Of course, we can\u2019t go on without the increasingly large mess that is IoT\/smart home technology and domestic abuse cases<\/a>. It\u2019s a chilling example of what can go wrong with too many random technologies are mashed together in real-world settings with a malicious actor in the middle.<\/p>\n

Quite often, there\u2019s zero chance of the abused person being able to figure out where bad technology things are happening, and it can be a challenge for tech experts familiar with these issues to find a decent starting place for their investigation.<\/p>\n

Sandcastles in the sea<\/h3>\n

We\u2019re scratching the surface here, but there\u2019s a lot to take in where constructing a smart city is concerned, whether government-led or people doing it themselves<\/a>. There are also some huge success stories in smart city land\u2014it\u2019s not all disasters, broken street lamps, and roadsigns yelling about zombie outbreaks.<\/p>\n

For example, Bristol<\/a> in the UK springs to mind as a great example of how to retool a city in a way that makes sense<\/a>. There\u2019s still a long way to go before we have other smart cities to rival Bristol though, and that probably applies to the somewhat embattled Toronto waterfront project.<\/p>\n

As these projects drag on, issues of data, privacy, and consent appear to be the places where the primary battle lines are drawn. Without some solid answers in place, generals may find themselves run out of town by a cheerfully tech-unenhanced community.<\/p>\n

The post Smart cities, difficult choices: privacy and security on the grid<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Christopher Boyd| Date: Tue, 18 Jun 2019 17:17:08 +0000<\/strong><\/p>\n\n\n\n
<\/a><\/td>\n<\/tr>\n
We take a look at Google’s Sidewalk Labs woes with a planned smart city build in Toronto, and explore some of the general concerns about making our living spaces 24\/7 Internet wonderlands.<\/p>\n

Categories: <\/p>\n