Hello and welcome to speaking of psychology of podcast produced by the American Psychological Association, I'm your host Kim Mills
Speaking of psychology is a podcast for anyone with an interest in the science of psychology
we talked to psychological researchers practitioners and educators about any and every aspect of
Psychology and its application to the world around us
Dr. John Blythe is research associate at the dawes Center for future crime at University College London where he works on the
consumer security index part of the petrous Internet of Things
Research hub the petrous Internet of Things research hub is a consortium of nine leading United Kingdom
Universities that are working together over three years to explore critical issues in privacy ethics trust
Reliability acceptability and security. Dr. Blithe previously held positions at the UCL Center for behavior change
the Department for Digital Culture Media and Sport and
pact lab at Northumbria University
His research focuses on exploring behavior change and cyber security
Thank you for joining us. Dr. Blythe Thank You Val Venis. So the Center for future crime
That's a kind of an intriguing name. What does that mean to study future crime? So the son of a future crime we seek to
focus essentially on horizon scan and what are the crimes that may arise from technological change or societal changes of the future and try to
design a design out these risks for
Policy and regulation. So your research looks at security issues around the internet of things
Could you explain for people what the Internet of Things is certainly so the unit of things is essentially
everyday objects with the ability to connect to an exchange data over the Internet and includes many different objects from
Fitbit's to Amazon. Alexis smartwatches
All the way up to connected dishwashers connected thermostats
it's essentially the ability to use these products via the internet and it gives us many different affordances such as in the case of
thermostats it would be
personalized heating services based on our behavior and habits
Why should we be concerned about the security around the Internet of Things these devices are in our home?
they may be connected to a boiler that may be connected to a
critical function in our house such as a small burn alarm and if these are interconnected
It means that a hacker can potentially exploit that device
So you think about the boiler example?
It contentiously be hacked and the fire could be caused that could potentially lead to loss of life. So it's no longer just
Thinking about security in the privacy of our personal data
But it's also well-being and potential life as well that can be exploited by these inherently insecure devices
And so what can be done to make them more secure so the minutes?
manufacturers simply aren't given enough consideration to the security of
IOT, they are shipping these products out with essentially market failures an example of some of these market failures
Are that a lot of these problems can't be updated?
so a vulnerability may be found in a product but a large portion population may already purchase that product and
Something that consumer can do about that. They now have a product that can't be updated anymore
And that's an example of one of the market failures and what we call it in
chrome studies as a crime harvest which is where an innovation is an abuse tint Society and
There's not given adequate consequences of the crime
So the same thing happened when we started using vehicles vehicles were designed, but they weren't designed with crime in mind
So what happens is that the criminals will start to leave the crime hops?
They recognize the potential opportunities that can be afforded by the lack of security of the innovation
And then what then happens is that we recognize the potential crime consequences and then try to design out that crime
And what incentives do manufacturers have to make these?
Products more secure at this point if this fund has very little incentive for manufacturers to take this seriously
Which is why we're not really seeing
Manufacturers actually ship these products with security and built or in the UK. We call it security by design
Making sure other security big dinner the products before you ship it out to consumers
What manufacturers are doing is to put all the burden on the consumer?
Especially the consumer to protect the device to change lots of passwords to change all the settings to essentially
Make the consumer type the product rather than them shipping it and with better security in the first place. I
Understand that some of the research you've done is around labeling. Can you talk about what what that means?
How should these products be labeled?
So the labeling scheme
which is called a consumer security index and our project is it's part of the UK government's initiative to
Improve the security of these products
So March this year the UK government specifically the Department for digital culture Medan sport or in charge of the sub security policy
announced their secured by design for
consumer IOT report which outlined the government measures for improving the security of these devices
primarily this was a court of practice that
Manufacturer should follow to ensure these products occur by design
but a supplementary measure was to explore the rule at the labeling scheme to first get consumer choice because of the minute if
You were to go and buy a smart device for example a smart kettle from from a store
There's no way for you to make a distinction between a secure product and insecure product
so the label would help you make that choice in that decision the
Second intention of the label is to actually incentivize manufacturers to actually ship these products for security in the first place
otherwise potentially risk reputational damage
Do consumers have any idea at this point how insecure these products are?
So a lot of research lately has suggested that the main barrier to adoption of the net of things is security and privacy concerns
We know that people are concerned about how they did and may be used from these products in how that may be shared with third-party
Companies, but it's people aren't readily protecting themselves
so recently there's some stats by Cisco which found that
50% of people see the value in IOT
Only 10% of them actually think their data is secure the 42% would continue using the products anyway
And it's what's called in the research of privacy paradox people value their privacy
But they don't readily take any action to protect it and there's a number of reasons for this botnet called the murari botnet
Which was essentially hundreds and hundreds of thousands of exploited IOT devices that took down Netflix and Twitter and disrupted
Service access to these to these products, so it's not really happening to consumers so much at this point
They're they're targeting major
corporations from what you're seeing mainly being used in what we would call a strategic risk where they're being used to take down a
Company or a service provider not so much. We haven't seen many attacks against consumers themselves
What should consumers be worried about I mean, I'm just imagining and I've said this before to my friends and colleagues
You know you had a smart TV you watch it it watches you back. Yeah, what's it doing with this?
So the Smart TV example, I am a couple of years ago. It was announced. Well, it was revealed. Actually that governments were potentially
Well, the secret agencies of the government would potentially could potentially take sensitive data from the microphones and your Smart TVs
Which could reveal quite private conversations that you need to have my family members?
So that there's that aspect to it the privacy side of of your life
But also like I said earlier that the safety side as well if it's a children's toy
That's kind of the Internet in a predator can potentially talk to your child. You know, that's very that's very concerning
Well, it sounds like there are implications for a law enforcement
You know where they might start asking if they can get records from these corporations
You know say you're suspected of some kind of a crime
I mean is this what consumers should be thinking about right now as they're purchasing these these items?
Yeah, and the that has that has happened
there is an example of this in America where the
They have used data from um from a guy's Fitbit to show that he committed his the murder of his wife. It's scary stuff. Yeah
Are there particular?
devices that we should be
Leery about and I'm thinking we want one device that's out there right now
that kind of I have to say gives me the creeps is the
Amazon is distributing this lock system that you can you supposedly can watch the delivery person arrive at your house
But basically that person can go in your house to leave a package is that the kind of thing we should be concerned about?
Yes, I think there's the concerns in terms of what what is the kind of device is it linked to something?
that's safety critical for example your
girlfriend or is it linked to something that maybe have a heating element such as your boiler or something that me and
You've security-related such as your security cameras
I think people should be concerned about potentially was it was a device linked to what might it reveal about your house your your
Occupancy for example smart thermostats can let somebody know whether you're in the house or not and that can be used to facilitate
burglaries and other crimes as well
What are the next steps for you in terms of the research that you're doing?
So we're looking to work with the UK government to develop a labeling scheme
It's going to be called designed with forth experts and consumers
because we need so the consumer side of it is working with consumers to
Understand their preferences around what they want communicated unavailable. Do they what value do they seen a Levin scheme?
Would it actually influence their their behavior?
but also work with my experts to actually identify the underpin and technical content of the label because we're assessing
Objectively what security means so all of our workers a lot more on the technical side of that
We'll also run a series of experimental studies to look at the design
Aspects of the label and whether that nurtures people's behavior and whether it would actually lead to them purchasing a more secure product
because ultimately what we want the label to act as a market leader and as a market differentiator so that people
Would be imaged to find a more secure and private device and a wallet. That isn't
But your work is focused on the UK, right? So again, as far as the United States, are we doing anything similar here?
so the UK government is in talks in collaboration with the USA because
Recognizing that actually these products are built across a global supply chain. They're not made primarily in the UK. They made across the world
it's very important that
Governments do collaborate the UK government are looking at consumer IOT and have released reports on this
What Internet of Things?
Products do you have in your home? I don't own any
Yeah
You would know
Yeah, I don't want to I mean I've been moving negative here
I don't want to scare people and to not buy in these products
But there is some huge potential crime risk associated with shoelaces and particularly
Not I mean the major manufacturers like Apple Amazon. They do take security seriously
so if you're gonna buy an IOT device
Maybe go for one of the bigger providers rather than a cheaper one by a manufacturer who don't who don't have a common
c2e2
understand security and be
bigger than another product
Given what's happened recently with Facebook, for example
Can we trust these manufacturers? I mean, that's one of the biggest corporations in the world and yet yeah, you know though their data
Who knows where it went? It's not. Yeah, I don't want to say don't don't trust these companies
I think people I think what needs to happen is that
There needs to be a better way for people to understand what's happening with our data and not to rely on people to reach champion
conditions because
It's just impossible to expect people to read that people just took the box and then they move on so how people are ever going
to really be be able to m to protect themselves with their personal deal if we're relying on people to
Read those terms and conditions in the UK in the EU. We have the upcoming
GDP our legislation
Which is really good piece of legislation is going to put more
Power back to consumers around how their personal data is used and hopefully that will start the attraction towards privacy being taken more seriously
As we are more internet connected anything else you'd like the public to know about the work that you're doing
ultimately, we want the label scheme because they've got because governments aren't regulating, you know things they're not enforcing manufacturers to
Actually ship these products with security built in the UK government have said that of money they all given manufactures the opportunity to address this
Through dec at the court of practice in the UK government and if they aren't going to address it
Then they might they might look a regulation for some manufacturers to do it
but in the absence of that we need for example the labeling scheme to
Actually help people make a distinction between a secure and secure product. Otherwise
There's no way for people to actually me
Product choice and that's gonna go out and research the security of the product which the average consumer probably won't do. All right
Well, you've given us a lot to think about. Yeah. Thank you very much for joining us today doctor very much
Speaking of psychology is part of the APA
podcast network which includes other great
Podcasts such as APA journals dialogue about the latest and most exciting psychological research and progress notes
Which discusses the practice of psychology?
You can find all APA podcasts on iTunes stitcher or wherever you get your podcasts. You can also go to our website www.cpsc.gov
It
For more infomation >> Hisbollah droht Israel: "Wenn ihr Krieg wollt, seid willkommen – Wir werden gewinnen!" - Duration: 1:40. 
For more infomation >> Kinh Nghiệm 10 Năm.Cách Cắt Tỉa Trái Mít Thái Siêu Sớm|MTPL - Duration: 16:08. 
For more infomation >> Wild new roller-coaster coming to Canada's Wonderland - Duration: 3:15. 
For more infomation >> Canada's Wonderland announces new roller coaster for 2019 season - Duration: 1:22. 
For more infomation >> Record-breaking dive coaster coming to Canada's Wonderland - Duration: 4:14. 
For more infomation >> Deadline for Maine's Deer Lottery Due Today (8-15-18) - Duration: 1:04. 
For more infomation >> Render New Yamaha Xabre / MT-15 Facelift 2019 | Mich Motorcycle - Duration: 2:06. 
For more infomation >> World Record Roller Coaster and WinterFest Holiday Event Coming to Canada's Wonderland in 2019 - Duration: 6:51. 
For more infomation >> Tips Raih Kesuksesan Hakiki Tony Robbins 🎧 - Duration: 6:04. 
Không có nhận xét nào:
Đăng nhận xét