For 90 years, lightbulbs were designed to burn out. Now that's coming to LED bulbs.

E27_with_38_LCD

In 1924, representatives of the world's leading lightbulb manufacturers formed Phoebus, a cartel that fixed the average life of an incandescent bulb at 1,000 hours, ensuring that people would have to regularly buy bulbs and keep the manufacturers in business. Read the rest

Paper: an upright printer/scanner that uses a continuous roll of paper

animation (1)

Stuttgart-based industrial designer created "Paper," a novel concept for a printer/scanner/copier, as part of diploma thesis in UX- and Interaction-Design at the State Academy of Arts and Design. Read the rest

Tenant farmers: how "smart" agricultural equipment siphons off farmers' crop and soil data

800px-StateLibQld_1_123166_German_farming_family_and_farm_in_Fassifern,_ca._1890

The agricultural sector is increasingly a data-driven business, where the "internet of farming" holds out the promise of highly optimized plowing, fertilizing, sowing, pest-management and harvesting -- a development that is supercharging the worst practices of the ag-business monopolies that have been squeezing farmers for most of a century. Read the rest

Rebate for IoT thermostat requires that you give permission to your utility to read "all data"

ecobee31_B1.png

Aaron writes, "While filling out this seemingly great rebate for $100 for a recently purchased wifi-enabled thermostat, I happened to read the Terms and Conditions, which includes the fact that I must unwittingly agree to share all my thermostat data with my electric and gas companies (It was odd that they asked for my thermostat's MAC address). Because I have an ecobee3, this includes information on how often I'm in my bedroom, or when I'm home or out!" Read the rest

Eye-Fi orphans 14 products, which will therefore cease to function

eye-fi-kills-support-768x329

Eye-Fi makes clever wifi hotspots in the shape of SD cards; your camera sees them as SD cards but you can mount them on your network and automatically feed the images captured by your camera to a nearby laptop. But to make all this work with some models, you need an account on "Eye-Fi Center," a cloud service run by the company that sends configuration data to your card. Read the rest

Always-on CCTVs with no effective security harnessed into massive, unstoppable botnet

CCTV_Cameras

When security firm Sucuri investigated the source of a 50,000-request/second DDoS attack on a jewelry shop, they discovered to their surprise that the attacks originated on a botnet made of hacked 25,500+ CCTV cameras in 105 countries. Read the rest

One million machines, including routers, used to attack banks

ZyXEL_Prestige_600_series_20070304

Akamai's Ryan Barnett reports on two attacks against the service's financial customers last year: attackers used nearly 1m compromised systems to attempt to log in to users' accounts using logins and passwords from earlier breaches. Read the rest

Watch: Fascinating panel on legal and privacy concerns for Big Data and the Internet of Things

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1104

In "It's a brave new world: Avoiding legal, privacy, and security snafus with big data and the IoT" -- a panel from last week's Strata+Hadoop World conference in San Jose, Alysa Z. Hutnik, a lawyer who specializes in consumer protection in privacy, data security, and advertising and Kristi Wolff, whose legal practice is on liability in food, dietary supplements, medical devices, and emerging health/wearable technology and privacy issues, present an extremely digestable and fascinating look into the lay of the regulatory land for data-collection and user privacy. Read the rest

EFF fights order to remove public records documents detailing Seattle's smart-meters

animation (3)

Earlier this week, I wrote about the legal threats from Landis and Gyr against the Freedom of Information service Muckrock, which had received documents from the City of Seattle detailing the workings of Landis and Gyr's smart-meter system, which Seattle has purchased from them at public expense. Read the rest

Smart-meter vendor says that if we know how their system works, the terrorists will win

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1073

Phil Mocek filed a public records request to find out how Seattle's new smart meters -- supplied by Landis and Gyr -- will work. As Mocek writes, these meters are based on "unspecified and unverifiable sensors that monitor activity inside of private property and can communicate collected information in real-time to unspecified machines in remote locations, the workings of which are obscured from ratepayers, with interfaces used by [the city] that require specialized equipment and are thus completely unavailable to ratepayers for personal use or monitoring and verification of information communicated, is already shrouded in secrecy and seemingly proceeding despite repeated voicing of public concern and complete lack of public justification of expense." Read the rest

US Gov't survey: Half of Americans reluctant to shop online due to privacy & security fears

download (2)

A study by the Department of Commerce's National Telecommunications and Information Administration found that half of American Internet users are "deterred" from engaging in online transactions because of fears over privacy and security breaches. Read the rest

O'Reilly Hardware Podcast on the risks to the open Web and the future of the Internet of Things

apollo-1201-pic

I appeared on the O'Reilly Hardware Podcast this week (MP3, talking about the way that DRM has crept into all our smart devices, which compromises privacy, security and competition. Read the rest

Smart radiator covers let New Yorkers keep their windows closed

animation (1)

Becky Stern writes, "I recently investigated my building's new smart radiator cover installation and found a company bringing steam heat into the 21st century and allowing residents to keep their windows closed when the heat is on!" Read the rest

UL has a new, opaque certification process for cybersecurity

UL_Mark.svg.png

The idea of a "Cyber-Underwriters Laboratories mark" is really in the air; in the past six months, I've had it proposed to me by spooks, regulators, activists, consumer protection advocates, and security experts. But the devil is in the details. Read the rest

Google reaches into customers' homes and bricks their gadgets

1-st0n65XhOKDsjcd_fPvbTg

Revolv is a home automation hub that Google acquired 17 months ago; yesterday, Google announced that as of May 15, it will killswitch all the Revolvs in the field and render them inert. Section 1201 of the DMCA -- the law that prohibits breaking DRM -- means that anyone who tries to make a third-party OS for Revolv faces felony charges and up to 5 years in prison. Read the rest

The Car Hacker's Handbook: a Guide for Penetration Testers

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x980

The 2016 Car Hacker's Handbook expands on the hugely successful 2014 edition, in which the Open Garages movement boiled down all they'd learned running makerspaces for people interested in understanding, improving, penetration testing and security-hardening modern cars, which are computers encrusted in tons of metal that you strap your body into.

No Starch Press has taken on the task of turning The Car Hacker's Handbook into a beautifully produced, professional book, in a new edition that builds on the original, vastly expanding the material while simultaneously improving the organization and updating it to encompass the otherwise-bewildering array of new developments in car automation and hacking.

Author Craig Smith founded Open Garages and now has years of experience with community development of tools and practices for investigating how manufacturers are adding computers to cars, the mistakes they're making, and the opportunities they're creating.

The Handbook is an excellent mix of general background on how to do threat-modelling, penetration testing, reverse engineering, etc, and highly specific code examples, model numbers, recipes and advice on how to put a car up on a bench, figure out how it works, figure out how to make it do cool things the manufacturer never intended, and figure out how to understand the risks you face from people doing the same thing without your best interests at heart.

A lot of the advice is theoretical, but there are a bunch of highly practical projects, from improving and customizing your in-car satnav and entertainment system to tuning your engine performance. Read the rest

Hotel's Android-based lightswitches are predictably, horribly insecure

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x982

Matthew Garrett checked into a London hotel and discovered that the proprietors had decided that "light switches are unfashionable and replaced them with a series of Android tablets." Read the rest

More posts