txt

With the recent Apple Watch and iPhone announcements, a couple of things stand out. There’s a pronounced way our behavior is being molded by these products.

Apple Watch Series 4 comes with the ability to take ECG measurements. While this sounds immensely useful, my wife pointed out this would potentially contribute to self-diagnoses and anxiety.

“Do you wind up catching a few undiagnosed cases? Sure. But for the vast majority of people it will have either no impact or possibly a negative impact by causing anxiety or unnecessary treatment,” says cardiologist Theodore Abraham, director of the UCSF Echocardiography Laboratory. The more democratized you make something like ECG, he says, the more you increase the rate of false positives—especially among the hypochondriac set.

THE NEW ECG APPLE WATCH COULD DO MORE HARM THAN GOOD

Another annoying outcome is the death of the small phone; Apple seems to have all but given up on the SE series, which in hindsight, was the perfect size for a phone. We’re left with a slew of devices that are clumsy and awkward to hold and use.

And not just hands. Bigger phones take up more pocket and purse real estate. They strain your thumbs and stress your jeans. They’re more frustrating to run with. They demand both hands to operate. They also arguably require more mental space; the larger the screen, the more you do with it, and the more easily it becomes the locus of your daily life.

THERE ARE NO MORE SMALL PHONES

Some interesting insight from Gemalto’s 2017 Data Breaches and Customer Loyalty Report:

• Of the 10,000 consumers interviewed, only 27% feel businesses take customer data security seriously
• 70% would take their business elsewhere following a breach
• 41% fail to take advantage of available security measures available such as multi-factor authentication
• 56% use the same password for multiple online accounts

While consumers are rightfully skeptical of the security hygiene of businesses they interact with, there is certainly a role for consumers to play here.

Brian Krebs has some interesting insight into this past weekend’s DDoS attack on Dyn, an internet infrastructure company that provides services for some of the web’s biggest destinations including Twitter, Amazon, Reddit and Netflix.

At first, it was unclear who or what was behind the attack on Dyn. But over the past few hours, at least one computer security firm has come out saying the attack involved Mirai, the same malware strain that was used in the record 620 Gpbs attack on my site last month. At the end September 2016, the hacker responsible for creating the Mirai malware released the source code for it, effectively letting anyone build their own attack army using Mirai.

Mirai scours the Web for IoT devices protected by little more than factory-default usernames and passwords, and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users.

…

The wholesalers and retailers of these devices might then be encouraged to shift their focus toward buying and promoting connected devices which have this industry security association seal of approval. Consumers also would need to be educated to look for that seal of approval. Something like Underwriters Laboratories (UL), but for the Internet, perhaps.

Until then, these insecure IoT devices are going to stick around like a bad rash — unless and until there is a major, global effort to recall and remove vulnerable systems from the Internet. In my humble opinion, this global cleanup effort should be funded mainly by the companies that are dumping these cheap, poorly-secured hardware devices onto the market in an apparent bid to own the market. Well, they should be made to own the cleanup efforts as well.

The upside here is that IoT manufacturers and vendors will now have to wisen up to the fact that they have more to gain from secure devices and a lot to lose from a repeat of this weekend’s events.