Connect with us

Feature/OPED

Ericsson: Smart Home Privacy: How to Avoid ‘Data Paparazzi’

Published

on

Smart home tablet Data Paparazzi

The paparazzi are known for often taking covert photographs of celebrities and selling them to tabloids or gossip magazines.

In a similar vein, could the increasing number of smart, connected devices coming into our lives start acting like covert “data paparazzi”? And what can we do to avoid it? Find out here.

Today, our devices collect and forward information to all sorts of external parties: our home security alarm provider, our electricity supplier, our fitness watch vendor, our car manufacturer, our security needs to be good enough that it deters attackers and so on. Smart assistants listen to our voice commands and take that information to the internet to execute our orders.

But smart devices go beyond the obvious too – they can be anything from a connected toaster to a washing machine, sewing machine, or a toothbrush!

Data from one device may not be a problem, but combining data from several devices could create a pattern that may reveal unwanted information about a user or a business. And with more devices coming into homes, concerns around the way personal data is managed, controlled and used by devices and organizations are increasingly being raised.

Each new device may introduce a new security risk, if not properly managed through its life cycle. The security risks must be handled by all actors in the value chain, including the device owner, regardless if devices are used by consumers, industries, or smart cities.

So what will be important to think about to ensure that users benefit and get value from devices and their related services, but avoid adding security issues? Should we risk unintentionally becoming surrounded by data paparazzi with their viewfinder aimed at us?

In this blog post, we’ll bring some light on to what these factors mean for the device owner and what can be done to confront it.

Smart devices and privacy: the big picture

Many of us already interact with at least 3 to 5 devices daily – a smartphone or even two, a smart watch, a tablet PC, a work laptop, and maybe a smart TV. One estimate is that by 2030, each of us will own 15 connected devices. Some devices, like a connected car or smart meter, are connected by default and typically managed by the company the user is a customer of. They typically rely on cellular connectivity. For many other devices, the users themselves select and provide the connectivity, often Wi-Fi or cellular, and are personally responsible for the management of the devices.

Above all, the network infrastructure and devices need to be secure. It’s important for us all that we can trust how our devices operate and handle data. It will also be important to ensure device security through the life cycle of the devices. With the fast growth and wide of range of smart and connected devices from different brands – that come with different user interfaces and functions – it might be cumbersome to keep all devices up to date in terms of firmware and security status, for example, from the day the device is purchased until its recycled. However, this is a key requirement for enabling a secure and trustworthy IoT environment.

GDPR and similar efforts have raised more attention to privacy from the general public. As people become more informed and want to know how their devices and information are used and managed, there will be an increased need for tools that enable identifying, verifying, and controlling the data the devices are collecting and sharing.

The data paparazzi problem

Let’s now go into some issues that celebrities have to deal with, regarding paparazzi and stalkers, and how similar situations can also occur in the IoT world. We’ll also reveal if similar mitigation strategies can work for both regular, and data paparazzi.

Information availability

While the saying goes that “all publicity is good publicity”, many celebrities wouldn’t agree. They want to be in control of the information shared about them, to build a relevant public image but avoid revealing private relations, unattractive personal habits, or similar.

The same thinking is behind IoT security; information that’s needed to complete the intended tasks of an IoT device should be made available, while the rest of the information should be kept private. However, for IoT there’s often a more fine-grained approach as the information made available should in many cases only be made available to a restricted group of observers on a need-to-know basis.

The stalker problem

Many celebrities might also have to deal with stalkers – individuals who are overly interested in them and may try to gain as much information about them as possible, even using illegal means.

In the IoT space, the same phenomenon could happen to the average Joe. A smart home that doesn’t restrict access to the information it generates can easily become a lucrative target for an attacker; the information generated by the home can be used to gather different information about the inhabitants, which could later be leveraged to commit a cyber attack. Information about when various appliances are used, such as when doors are opened, lights are switched on/off, energy consumption fluctuates, can be a real treasure trove. This also means that potential attackers might not skip a house just because there’s some security applied, rather the security needs to be good enough that it deters attackers from trying, or stops them in their tracks.

Mitigation strategies

Celebrities tend to take precautions to hinder paparazzi and stalkers from invading their privacy. This can be in the form of living in gated communities or at least having access control to their property, through walls and gates for example. They might also apply surveillance measures such as motion sensors and surveillance cameras, and even security measures such as guards or guard dogs. When moving about in public, they might have a security guard with them to keep interested parties at least at arm’s length.

The same things need to be considered in the IoT world. For example, in smart homes, access to the internal network and the data generated and stored there should be controlled and protected, monitoring should be applied to pick up on suspicious behaviour, and reactive security measures, such as blocking and logging, should be taken when a breach is detected.

What has been normal for celebrities should now also become the standard for anyone in an IoT environment. When it comes to privacy, active measures should be taken to maintain it. While this might sound scary – and without proper actions, it would be – it’s not something that’s difficult to achieve. Rather it’s about having the right mindset and recognizing that security needs to be built in and considered more and more in the connected world, even for private citizens.

What to protect?

IoT is very much about the data generated and consumed by IoT devices. At first, this data may be seen as producing no risk, but even simple data in a certain context may be sensitive. For example:

  • Power consumption data recorded by a smart meter can provide a lot of information about what’s happening in a home. For example, based on the power consumption profile of TVs, switching on the TV will be visible from the data and if it’s possible to match the time the TV is turned on with the TV guide, that will provide a good indication as to what people at home are watching.
  • Any competent smart lock manufacturer will make sure that the communication with the lock is encrypted and its integrity protected. However, this might not be enough; by observing the traffic generated by a smart lock, one could potentially deduce whether the lock has been opened from the inside or the outside and thereby predict if there’s anyone in the house at any given moment. Other data generated by a smart home, including power consumption and light switch data, can be used to improve the prediction.
  • It’s inevitable that, at some point, an electric device will reach the end of its lifetime and will need to be disposed of. If the information stored on the device isn’t properly removed, a hacker who retrieves the device from a waste bin or who purchases it from a second-hand store could dig out data or credentials, as well as information about the services the device has been connected to. This is information that could be used to spy on the owner in a more efficient way, or even control or modify other devices belonging to the owner from the backend.

The question, therefore, shouldn’t be, “what do I need to protect?”, rather, “what don’t I need to protect?”, meaning “what do I actually need to share?”.

How to avoid unauthorized use of private data

There’s no silver bullet solution to this problem and the complexity is proportional to the number of devices and services that we as individuals interact with. Applying the best security practices is the responsibility of many entities. Device manufacturers and service providers need to provide secure devices/services, with proper control and maintenance for future proof device security.

But there are some rules of thumb that each of us can follow to minimize security and privacy issues related to our devices. By following these recommendations, one can build a system that will withstand a great deal of malicious intent, and deter the vast majority of attackers and opportunists. A few highly skilled and well-connected groups or individuals might be able to get past even the most secure systems, often through social engineering and phishing, that is, human weakness, rather than by technical security exploits. However, with the effort required, “average Joe” is maybe not the typical target.

End-user responsibilities include selecting suitable and secure solutions, and installing and configuring them in a secure way. Well-designed products should make this a relatively easy task, but it can also be done with the help of professionals. Furthermore, there are initiatives such as the Finnish Cybersecurity Label providing security labels for IoT devices, which aim to help consumers select products for which security has been verified.

Another important thing is to remember to update the software of the device.

And based on statistics regarding how a system’s security most often fails, a crucial task for the end-user is to remember to change the default password of all and any devices that are installed.

What can I do as a device owner?

  • Check whether the device manufacturer/service provider offers firmware/software upgrades in case of security issues.
  • Consider what data is generated and how it’s used and stored, for example, locally and/or in the cloud.
  • Check user terms and conditions to find out how data is used.
  • Remember to change the default device password.
  • Remember to keep device software up to date.
  • Remember to wipe the device before recycling.

And remember to consider the trustworthiness of a device and its services before purchase!

More reading

Read about Ericsson’s contribution to IoT security protocol standard OSCORE, which aims to optimize the computational strain on constrained devices, and keep a low overhead, while maintaining a high level of security.

Read our blog post on evolving SIM solutions for IoT. Such solutions allow the use of the well-established identity management features of mobile networks also for IoT deployments where manual SIM card handling isn’t feasible.

Explore Ericsson telecom security and security management.

Learn more about our research into the future of network security.

Click to comment

Leave a Reply

Feature/OPED

6 Ways Google and YouTube Can Help You Celebrate Ramadan

Published

on

help you celebrate Ramadan

Ramadan is a holy month that is observed by Muslims all around the world. It is a time for reflection, prayer, and community. With the help of Google and YouTube, celebrating Ramadan has become even easier and more enjoyable.

From Lagos to Nairobi, Accra to Johannesburg, Africans can access a wealth of information and resources to make the most of this special time. Here are 6 ways that Google and YouTube can help you celebrate Ramadan in Africa:

  1. Celebrate Ramadan’s Joy with Colors and Greetings: Simply search for “Ramadan 2023” in your language on Google, and you will have access to all the information related to this month, including prayer times, recipes, and more. You can also find articles on Ramadan etiquette, Ramadan recipes, and Ramadan greetings to help you navigate the holiday with ease. Additionally, you can access greeting cards online to share with your loved ones, and scroll through our Ramadan colouring book on Google Arts & Culture to engage your inner artist and colour beautiful artwork to share with family and friends.

  1. Set Reminders for Prayer Times with Google Assistant: With Google Assistant, you can set reminders for prayer times throughout the day, making it easier to stay on track during Ramadan. Simply ask Google Assistant to set a reminder for the next prayer time, and you’ll receive a notification when it’s time to pray. You can customise the reminders to fit your schedule so you never miss a prayer. Plus, Google Assistant can provide inspirational quotes and spiritual guidance to help you stay focused and connected during the holy month.

  2. Shop What You See with Google Lens: By using the camera on your phone, you can search for a delicious type of dessert you’ve tried at your friend’s house, or find your next favourite decoration item to buy during Ramadan. You can open the Google app on your phone, tap on the camera icon, and use Google Lens to snap a photo or screenshot. With Google Lens, you can easily find exact or similar results to shop from or explore for inspiration.

  1. Watch Ramadan-related videos on YouTube: YouTube is a great resource for learning more about Ramadan. You can find videos on how to prepare traditional foods, tips for fasting, and spiritual practices related to Ramadan. There are also numerous Ramadan vlogs and Ramadan routines videos, where you can follow along with the daily activities and experiences of content creators during the holy month.

  1. Use Google Maps to Find Local Mosques and Halal Restaurants: Google Maps is a valuable tool for finding local mosques and halal restaurants during Ramadan. You can search for mosques in your area or around you and get directions to join in community prayers. You can also search for halal restaurants near you to break your fast with delicious and authentic cuisine. Additionally, Google Maps can help you navigate through unfamiliar areas when you are travelling to different cities or countries during Ramadan. With Google Maps, you can plan your Ramadan activities and explore new places with ease. Plus, you can read reviews and ratings from other users to help you make informed decisions about where to go.

  1. Browse Our Shopping Guide for Inspiration: To help you prepare for Ramadan, Google has created a Ramadan Shopping Guide that collects trending products helpful during the holiday. When we analysed search and shopping trends, we found common themes related to home decoration, like Ramadan lanterns, which grew 20% year over year. You can browse through the guide for inspiration and find new ideas for decorating your home, preparing for Iftar, or giving gifts to your loved ones during the holiday.

We hope this Ramadan brings you and your loved ones joy — and that these tools help you find the information you need to make the most of this special time of the year.

Continue Reading

Feature/OPED

Flexible Power Technologies Will Make Africa’s Energy Leapfrogging a Reality

Published

on

flexible power technologies

By Marc Thiriet

Africa’s ability to leapfrog traditional power systems and adopt renewables on a massive scale is not a fantasy. In-depth studies from Wärtsilä have demonstrated that with the adequate support of flexible power technologies, ambitious renewable energy objectives in Africa are not only achievable, but they also represent the soundest and cheapest strategy for the successful electrification of the continent.

A new power generation paradigm perfectly suited for Africa

There has been much discussion about Africa’s ability to ‘leapfrog’ the way power systems have been built in the western world. For over a century, traditional power systems have been based on centralised power generation, with a limited number of large thermal power plants providing baseload electricity through a massive transmission network. This way of generating power is, however, coming to an end: the climate emergency is calling for a 180-degree paradigm shift in which renewables replace thermal power plants as the baseload source of energy.

This new power generation paradigm is, in many ways, a perfect fit for Africa. The continent enjoys some of the highest wind and solar energy resources on the planet, which means that the renewable energy plants built here boast some of the best productivity rates in the world. Almost anywhere in Africa, renewables are the cheapest power generation option available today by a significant margin.

Although relatively ambitious renewable energy targets have been set by most governments across the continent, there is still widespread scepticism that renewable energy, which is intermittent by nature, can provide a reliable source of baseload power. This scepticism is unjustified. With the appropriate deployment of grid balancing technologies like gas engine power plants or energy storage, huge amounts of renewable energy can be built into the system while at the same time ensuring a stable and reliable network. Energy experts at Wärtsilä, who have built 76 GW of power plant capacity in 180 countries around the world, certainly know a thing or two about that.

Building reliable power systems

Yes, renewables are intermittent, but it’s a challenge that we have long known how to solve, providing the need for flexible power capacity is not underestimated.

As intermittent renewable energy becomes the new baseload, the system will have to cope with a large amount of variable power that can disrupt the grid. Flexible power must therefore be available to ramp up production at the same rate that wind or solar production fluctuates but also to match the fluctuating energy demand within the day. System imbalances can be, at times, huge, but the system will stay safe as long as renewable energy deployment is matched with corresponding levels of flexible power capacity.

Flexible engine power plants are the only technology designed to work hand-in-hand with renewables, as they can efficiently cope with multiple daily starts and stops. They also offer the significant advantage of being able to run on different fuels, from natural gas and heavy fuel oil today to locally produced hydrogen and biofuels tomorrow, as they become competitive and broadly available. Thanks to this muti-fuel capability, not only do engine power plants provide a great hedge against fuel supply risk, but they are also the ultimate “future-proof” technology for energy leapfrogging, as the gas engines can simply be converted to run on green fuels like hydrogen to reach 100% renewables. Engine power plants offer a solid, long-term foundation on which African countries can build modern and resilient clean power systems.

Energy leapfrogging requires a tailormade approach

Delivering on energy leapfrogging is going to be a complex, multi-decade process. Each country in Africa features its own unique mix of natural resources, geographical opportunities and constraints, and population density, alongside a myriad of other parameters. Each country will therefore require its own tailormade and optimal power system expansion plan to accomplish its leapfrogging.

What would such a plan look like in practice? Let’s take Nigeria as an example. Using advanced energy system modelling techniques, Wärtsilä’s analysts have designed a detailed roadmap showing how Nigeria could proceed to build a 100% renewable energy power system and meet its 2060 net-zero targets.

According to our models, by 2060, Nigeria’s power capacity should consist of 1,200 GW of renewable energy and require a total of 283 GW of energy storage and 34 GW of flexible engine power plants for grid balancing purposes. On the other hand, inflexible sources of power like coal, oil or gas turbine power plants have now become the exception rather than the norm.

For this plan to succeed, Nigeria’s domestic gas must still play a crucial transition role: It will be mobilised as an inexpensive bridging fuel for engine power plants in support of intermittent renewable energy generation until these plants can be converted to run purely on green hydrogen in the early 2040s. 

This is the soundest power system from both an environmental and economic standpoint. Our research indeed shows that investing in renewable energy and flexibility from gas engines and energy storage is the most cost-effective way for Nigeria to reduce energy costs, increase energy access and improve grid reliability. For the plan to succeed, however, the country will have to greatly improve its power transmission infrastructure, develop a strong and dependable policy framework, and attract significant investment.

The global shift to renewable energy provides Nigeria and Africa, as a whole, with a unique opportunity to leapfrog the carbon-based power systems that have been the norm in the West. Delivering this opportunity would represent a giant step forward in the country’s development. But an adequate and carefully planned deployment of flexible power technologies to balance the intermittency of renewables is the sine qua non-condition for energy leapfrogging to succeed in Nigeria, as anywhere else on the continent.

Marc Thiriet is the Director for Africa at Wärtsilä Energy

Continue Reading

Feature/OPED

Misunderstanding the Nigerian Understanding

Published

on

Misunderstanding the

By Prince Charles Dickson PhD

“Misunderstanding the understanding” can refer to a situation where someone fails to comprehend or interpret a concept, idea, or situation correctly, despite believing that they have understood it. This can occur due to various reasons such as cognitive biases, lack of knowledge or experience, miscommunication, cultural differences, or preconceived notions.

For example, imagine a person from one culture trying to understand a complex concept or idea from another culture. Even if they have the best intentions and have studied the concept extensively, they may still misunderstand it due to differences in language, values, or beliefs. This can lead to misinterpretations and miscommunications that can create confusion and misunderstanding.

Another example could be in a professional setting where a manager provides instructions to an employee, but the employee may not fully understand the instructions due to different interpretations or assumptions. The employee may then carry out the task incorrectly, leading to errors and inefficiencies.

In order to avoid “misunderstanding the understanding,” it is important to maintain open communication, clarify concepts and ideas, and be aware of potential biases or assumptions that may affect the interpretation of information. Additionally, seeking feedback and asking questions can help ensure that everyone is on the same page and that there is a shared understanding of the information at hand.

We cannot do the last paragraph above because elsewhere the police say freeze when they want to arrest you, but in Nigeria, we say ‘hold it’. The people that say hold it is the same people that, by the time you are reading this, would have settled whether Vivor of Lagos is Igbo or Yoruba. They are the same group of people that will remind you that Murtala Muhammed was from Edo or one-time Vice President Sambo is from Agenebode.

If you understand the misunderstanding, one time, an Eboni man was told that he could not be governor in Enugu, the same way Bianca Ojukwu was once told by the family of Ojukwu she could not be a senator in Anambra state.

We are a people that are no different from our politicians, who are dealers rather than leaders, so it is difficult to understand the difference because we are consciously misunderstanding, no Minister’s kid is looking for a job, and no governor’s brother is jobless. No local government chairman has an issue with getting his sister a job.

The political class don’t know that there’s no electricity, because Rimi road, Adeoye crescent, and Mbakwe close all have houses powered by big generators.

While we battle our misunderstanding, the fact is that we don’t understand the pain of a family whose substantial monthly income goes to purchasing cooking oil (kerosene) or gas.

We believe that the earth is chasing us, so where did we put our feet while running? I was once told that the fowl on a journey inside the basket does not know where it will end.

You need to understand the misunderstanding that the Nigerian dream is that you steal much and even more because if you are caught, you need money to settle all the steps of the staircase, police, lawyers, and more. At the court, you seek a restraining order and restrain anybody from arresting or investigating you. You pay a handful to protest that you’re being persecuted because of your faith or creed…do you understand, or are you being misunderstood?

Stealing government money is no big deal; it’s a dream, after all, we have erroneously insisted it is everybody’s money. If you do not want to steal, your people will mock you, in fact, as you aspire, the past records of looting by your predecessor are packaged in phrases such as ‘see the house he built for his mother’, ‘how he buried his father’, and ‘he managed to build us a small clinic too’, ‘it is our turn’, ‘you must put our people in position’, and these are misunderstandings that must be understood.

The Nigerian dream is to have your cough treated in Germany, your kids’ school in heaven knows where, and get all sorts of awards and titles, from the Baba Adini of Adiniland to an honorary degree from a one-storey building college in Maputo, that is after being knighted by one of the numerous churches, countless lesser and higher hajj, and it is all ‘you either understand or you misunderstand’.

The United Kingdom has a Hindu prime minister of Indian descent and a Muslim mayor of London of Pakistani descent. Jeremy Hunt, who is currently Chancellor of the Exchequer, when was foreign secretary, referred to his Chinese wife as Japanese during a visit to Beijing to discuss post-Brexit trade deals between the UK and China. We do not understand that true diversity is about disrupting the status quo, not enforcing it with zeal. In Nigeria, it is a different story.

How do we understand the misunderstanding in Lagos, the Igbo and Yoruba drama, as in the real deal is our dichotomy is not a subject within the shores of this nation that one talks about without understanding; it evokes a lot of passion from the heated arguments which it generates, everyone holding dear to their values, and idiosyncrasies. A lot has been written on old perspectives, likewise, new viewpoints; after the elections, we go back into the cocoon, and the differences remain and are not tackled.

In our misunderstanding, we think of easterners, westerners, northerners, and middle belters, all depending on the turn of events. In our sensationalism, we have, in every sense, approached most problems sectionally, thereby creating all kinds of unnecessary petty-cultural-ethnic-religious-paranoia and bourgeois mentality in dealing with our national issues.

There is an ideology of hatred, one that props up again and again, Lagos in the West, Anambra in the East, North vs South, Muslims vs Christians. This is a factor that reactionary elements within the system use in battling the progressives. The misunderstanding in the understanding, which really borrows a lot from bourgeois theories, which essentially is directed at confusing our intellect, like we try to argue within the parameters of “anti-class theory”, “theory of development”, “take off theory”,, “theory of cooperation”, “theory of external push”, “end of ideology theory”, “convergence theory”, “the theory of the periphery in the periphery”.

Wonderful sociological concepts that do very little to help us shift in the way of progress because only a few theories work for us…” the theory of corruption”, “the theory of bad governance”, “chop I chop theory”, and “killing for god theory”, “WIKE”, “Obi, and Elu Pee theory”, “Balablu theory” and now the “BVAS theory”. Do you understand, or you misunderstood me?

Interestingly and constructively, when we fulfil the Nigerian dream-like stealing, we have no religion, no tribe, and no fights; all is good so long it ends well, we only fight when one attempts to out steal the other. It is the misunderstanding that we do not understand, and we never will until the ordinary Nigerian becomes the focal point, it will almost never work. The dream for a better, strong and virile nation lies in our hands. Sadly, we refuse to understand it and choose to misunderstand the difference, we continue in our wild goose chase till when—only time will tell.

Continue Reading
%d bloggers like this: