The Listening Television

I finally took the plunge and bought a new TV today. Using a mass of Nectar points accumulated from food shopping over the past decade or so, I managed to get a good deal on a new low-end model. To be honest, I rarely watch the TV. Any viewing that I do have time for inevitably tends to be on the laptop these days. But the difference between the two models, old and new, is pretty significant. If nothing else, I have no idea how to get the old TV down the stairs – it’s that heavy.

But the whole experience of buying a new piece of tech – as exciting as that invariably is for anyone with geek-tendencies – was tempered by the story in the back of my mind about the recent Samsung Smart TV. These once-simple appliances have become completely different propositions these days, as Michael Price in Salon pointed out late last year (‘I’m terrified of my new TV: Why I’m scared to turn this thing on – and you’d be too‘).

We’re suddenly in a world where so-called Smart TV’s record our activities and choices, retaining the power to send such information on to marketers and other third parties to do as they wish. The decision to be made by many consumers is in many ways an unfair one: disable many of your all-singing all-dancing new TV’s features or accept one further encroachment into your privacy.

As you might remember, the worrying issue with the Samsung Smart TV was the fact that it had voice recognition. Or, more accurately, because of the voice recognition features that it employs, the Privacy Policy for the TV shows that in fact anything you say in the vicinity of the television may in fact be recorded and transmitted to a third party for analysis. When that’s a marketing company, it’s little more than irritating perhaps. But there’s no guarantee that the data exchange stops there.

One of the biggest issues is the fact that Samsung is sending the customer’s voice searches and data in an unencrypted format. Think of the potential for hackers and snoopers to literally listen in.

Yeah, it was a lot simpler the first time I bought my TV. Even if it weighs about the same as my fridge and is almost as attractive…..

Bitcoin & Anonymity

As I hinted at yesterday, the big news of today was undoubtedly the launch by Coinbase of the first licensed Bitcoin Exchange in the US, whilst the Winklevoss twins were left trailing in the wake of the Coinbase juggernaut despite announcing the support of an unnamed US bank for their Gemini Exchange.

This marks a major inflection point on the road to acceptance of Bitcoin by those within the established financial industry. But the battle is still far from over within the Bitcoin ecosystem between those who are pushing towards mainstream acceptance at any costs and those for whom anything short of the wholesale destruction of the existing financial system is ideologically unacceptable.

So as the question of toeing the line versus ignoring the line comes to the fore again, I thought it was worth revisiting a particular area that often provokes vehement responses from both sides – that of anonymity. A week or so ago, Adam Ludwin of Chain wrote the best blog post I’ve read recently on the topic so I thought it might be useful to summarise the key points here.

Don’t Confuse Anonymity & Privacy

An anonymous transaction is where no-one knows who you are. A private transaction is where no-one knows what you purchased (or for how much). To put that in context, you can have:

  • Private and anonymous (barter)
  • Private but not anonymous (museum donation)
  • Not private and not anonymous (credit card)
  • Anonymous but not private (Bitcoin)

So Bitcoin’s Anonymous?

In theory, yes. In reality, no.

It’s pseudonymous. The blockchain itself is a record of every single transaction that ever takes place. It simply contains thousands of random-looking strings (actually the hash of your public key) which is used as your identifier. No names.

But if you buy bitcoins via any form of public exchange, you’ll be asked to leave identification documentation so that the Exchange doesn’t fall foul of money laundering regulations. Your identity is then linked to your transactions from that point on.

You could avoid this by buying bitcoins face to face, receiving them in exchange for a good or service you provide or as a mining reward. But (as explained below) this still doesn’t prevent your identity being associated with those bitcoins (addresses) in the future.

How is Anonymity Breached?

There are two ways that this tends to happen:-

  • someone analyses the blockchain and uncovers transactions that are likely to be controlled by one party before connecting these with a real identity; and/or
  • someone analyses a relevant IP address in a transaction and is able to uncover a real identity.

A. Transaction Graph Analysis

Bitcoin’s big advantage is the public nature of the ledger of every transaction that ever takes place. But when it comes to anonymity, that’s also its weakness.

If someone knows you’ve used a particular bitcoin address, they can simply go online to check the blockchain and clearly see every transaction coming in and going out of that particular address. What’s more, they can trace the history of each one. Definitely not private. As a result, you should only ever use each address once. And if you receive change in a transaction, that change should also be returned to a new address (this generally happens automatically these days).

Because addresses are free to use and unlimited, there’s no excuse not to do this. But even if you do, your identity is not secure. There are still ways of analysing the blockchain which, after all, remains open to anyone to inspect at all times. And these analysis techniques are becoming increasingly powerful as they enable someone to bundle likely activity together by association before they uncovering a ‘real world’ identity.

There’s three main ways this analysis can be done:-

  1. Any transaction with more than one input must be controlled by the same person. By this I mean if you buy something for 4 BTC and you only have 2 BTC and 3 BTC, you have to send the full 5 BTC (two outputs) to the recipient. Analysts can then look into the history of either of those input addresses if they have been used previously and connect further transactions with the same person.
  2. If just one output address has not been used before, it’s highly likely to be the change address (i.e controlled by the sender).
  3. If there are two outputs to two different addresses, with one being a ‘whole’ number (i.e. either 2 BTC or an amount of BTC that is the equivalent to a round number of pounds, dollars or whatever), it’s likely the output of the uneven number of Bitcoins is the change going back to the sender.

Mixers & Tumblers

You may have heard of services that work to obscure the origin of your bitcoins. You send them your bitcoins, they swap them for different bitcoins (with different transaction histories) and return them to you (after deduction of a fee, of course). However, whilst in demand by those who want to use bitcoins for illegal ends as well (as those simply concerned with ensuring privacy for legitimate means), these services have certain limitations:-

  1. When you give them 100% control of your bitcoins, you have to trust them to not simply steal them.
  2. Analysis can identify addresses controlled by mixing services – so you could highlight your transaction as being potential illegal.
  3. It’s hard to swap very large sums of money unless someone else is doing the same.
  4. Some services are easier for investigators to unravel than others.
  5. If they are operating legally, the authorities or hackers can access the records of all transactions that the service is required to keep.
  6. You might receive bitcoins that have a tainted, illegal history – try explaining to the authorities how you came to control bitcoins that were received as payment in a kidnapping, for example.

Linking Transactions with a Real World Identity

After investigating on the block chain, someone can then investigate further in the ‘real’ world. Obvious ways of linking identities with addresses include:-

  1. People who place addresses on their websites/business cards/forum signatures
  2. Retail outlets that use a fixed address (perhaps on a QR code next to the till)

Once you know one address, you can investigate further. If I say that I bought something yesterday using bitcoins and you can find out the merchant’s address, you just need to filter those results for a likely transaction that involved a payment from me. If you knew what I bought (and therefore the likely value) together with the date or time of day, that may not take long at all. Similarly, it’s not too hard for me to use that information to tell where someone has physically been by simply compiling a trail of his or her transactions.

B. IP Adress Anonymity

To simplify, the first computer (node) that broadcasts a transaction to the network is likely to be in the location that the transaction originated. It gets easier to identify if multiple transactions are relayed from the same IP address. If you use TOR, you may be able to minimise the risks but you then have to protect your identity in many other ways.

Remember: Anonymity today does NOT mean anonymous tomorrow

The press continue to warn about anonymous bitcoins that facilitate crime. The reality couldn’t be further from the truth. Bitcoin enjoys significantly less anonymity than cash which surely must remain the token of choice for illegal activities for the near future.

The key takeaway here is that whilst your transactions may not be linked to you directly today, there is every possibility that they may be in the future. It only takes one disclosure of identity in some way at some point in the coming years (by either you or somebody else) and all of your linked transactions would be identifiable – even if they were twenty years old.

We’re in the early days at the moment and it’s clear that there’s a battle for power going on here. And for many who have no illegal intent whatsoever, the lack of privacy available at present could be problematic. That’s the reason that so many people around the world are working hard on developing increased privacy (check out Darkcoin, Darkwallet, stealthcoin, CoinJoin and Zerocoin for starters).

The big question now, as the financial industry starts to wake up to the potential, is whether Bitcoin’s code itself will be developed in order to protect privacy – or to facilitate regulation. For many people, they’ll continue to develop alternatives until they finally create a digital currency that can be just as anonymous and private as hard cash.

Drones and Regulation

All the signs are there that this is going to be a breakthrough year for drones when it comes to bursting into the public consciousness.

The Federal Aviation Authority in the U.S. was expected to bring out regulations on drones in December but it appears that they might be struggling with some of the complexities. As it stands at present, there is a general ban on commercial drone flight in the U.S. (subject to certain strict exemptions). It is believed that the new regulations will restrict drones weighing under 55 lbs to flying no higher than 400 feet, only during daylight hours and staying in sight of their operators (who may also be required to get pilot’s licences).

In the UK, it’s slightly different. The Civil Aviation Authority restricts flights for drones weighing over 20kg (44 lbs) and they are certainly viewed as aircraft, as opposed to simply the preserve of hobbyists.

I was listening to the Exponent podcast recently to a fascinating discussion around some of the regulatory pressures that will inevitably build up around this young technology. Let’s dig in to a few of the issues.

If we start with the risks, you don’t have to think too hard to come up with some challenges that the industry, and more widely, society will have to address. Put simply, the opportunity for misuse is significant. Drones represent the physical manifestation of a person’s intentions – and in this way, they fundamentally alter the existing equation that broadly says, if you wish to do harm to someone, you will have to put yourself into harm’s way. There is almost nothing that can be done to prevent an individual who is willing to give up his or her life in order to carry out a suicide bombing, for example – yet arguably with drones, the barriers to carrying to same actions out become lower, potentially opening the activity up to a far wider pool of motivated individuals. It’s far easier to sacrifice the ‘life’ of your £1,000 drone  instead.

Some examples: drones spotted flying over nuclear power plants in France, the recent drone flying a flag over a racially-charged football match and the recent arrest in the U.S. of an individual who boasted of his intent to load up a drone with a bomb and to then fly this drone into a school.

Drones also change the equation when it comes to the targeting of high value assets – in other words, assassination attempts. Yes, it’s conceivable that the police or military could – if they were lucky – shoot down a drone carrying a grenade that’s flying, perhaps at speeds upwards of 60 mph, towards a politician. But if there were five? Ten? No chance.

By removing the presence of a human from an equation and introducing a technology that could also conceivably be pre-programmed, there is even the prospect of one individual leaving drones around the country and carrying out a co-ordinated, simultaneous attack in a number of cities in the future.

So that’s the terrorist angle. You have to also factor in unbalanced individuals, before you can even get to the hobbyists who just make a mistake. Flying a drone too close to the engine of a descending aircraft to get a good video and bringing the plane down would certainly fall into this category but there are many others that you could imagine. And then, last but certainly not least, there’s the privacy aspect. If drone usage becomes far more widespread and you end up with them buzzing outside bedroom windows, it’s not hard to imagine some form of retribution being dished out (justified or not) .

With that huge list of potential doomsday scenarios seemingly just around the corner, surely the answer is to regulate heavily – or indeed to introduce a total ban?

Although it’s far from clear cut, I can’t believe that that’s the right way to go – for a number of reasons. In this case, I have a lot of sympathy for the argument that says the only people who will follow such regulations are the ‘good’ people – the so-called ‘bad’ people aren’t the ones that will be checking sub-section 54(7)c of the legislation before carrying out a terrorist attack. So – in the absence of a complete ban, in which case all drones can be shot down out of the sky on sight – what good is regulation really going to do?

One of the reasons that technology is so valuable is because when you have advancements in something that can be replicated repeatedly and in significant numbers, it has by definition the potential to drive massive disruption throughout society. This invariably brings challenges but it’s critically important to be able to separate genuine threats to health and society from the resistance that comes from incumbent powers-that-be who want to protect the status quo. I see so many parallels with what is happening with Bitcoin/Blockchain innovations here – even although there is no specific incumbent being displaced by these drones as such. Perhaps we are simply entering into an age where air logistics are being decentralised.

It’s a common (and often truthful) criticism of technologists that they are too optimistic about the future. Yet there are a couple of key points here. In exactly the same way as any other technological innovation, from the motor car to the blockchain, once the invention happens, the cat is out of the bag. That toothpaste ain’t going back in that tube no matter how hard you might try.

But the second point is, I believe, critical when it comes to innovation. When a technology is invented, it is often far easier to focus on negative use-cases – because you are using existing reality as your reference point. A reality that, by definition, is about to be disrupted as a result. The true value of innovations usually comes in use-cases that have not yet been imagined. There is an inevitable time lag before people’s individual concepts and mental models evolve to reflect such breakthroughs. At the moment (similar again to Bitcoin), there’s an assumption that the value is only there for hobbyists and early adopters – what possible use could you have for a drone unless you’re simply having a laugh (in which case, let’s regulate for safety) or intending to break, or stretch, the law (in which case, let’s regulate for protection). Yet think of how different that conversation inevitably becomes once the population has grown to expect first response emergency healthcare to be delivered by drones, for example.

Now I’m not saying that zero regulation is the way forward. It’s a complex and nuanced topic. Protections no doubt will be required and I’m certain that a reasoned and open discussion at this point will be far more valuable than in the future in the immediate aftermath of a high profile drone incident. However it’s important to adopt a balanced approach (don’t stifle the innovation that has yet to take place).

I’d love to know your thoughts on this – please leave a comment if you have a view. There’s no doubt that opening up the discussion further on these sorts of topics is crucial to the debate. And that’s why I’m happy that this year looks like being the breakout year for drones.

Glenn Greenwald: Why Privacy Matters

As we approach the end of 2014, a year in which privacy, surveillance and data protection continue to be ever-present themes below the surface of every Bitcoin conference and talk that I’ve been to, I’m finally now getting around to reading ‘The Snowden Files: The Inside Story of the World’s Most Wanted Man‘.

As we all know, regardless of your views, it’s an astonishing story. I’ll be sharing my thoughts on various aspects of the story more fully on this blog in the future – but in the meantime, here’s a recent TED talk given by Glenn Greenwald, one of the key journalists that broke the Snowden story eighteen months or so ago. If you’ve ever struggled with any variation of the “only people with something to hide crave privacy from surveillance” line of thinking, you’ll find it useful I think.

Greenwald quotes Rosa Luxembourg: “He who does not move does not notice his chains”.

How true.

How Much Does Your Car Know About You?

A week ago I wrote about the Future of Digital presentation on Business Insider. One of the trends that stood out to me is the projected growth in connected cars (i.e. cars with internet access). With predictions that the global market will grow threefold within five years, I believe that it’s going to be an interesting area if only for the simple reason that many technophobes still buy new cars – and will therefore get exposed to the technology, whether they like it or not.

Revenue Forecast for Connected Cars
Revenue Forecast for Connected Cars

However, as Forbes recently pointed out, the introduction of these cars will have to get over some significant obstacles first:-

  • The development cycle for new cars is significantly longer than normal consumer electronics products (such as mobiles)
  • With mandatory eCall systems embedded within cars in Europe that automatically send details of any accidents to emergency services, a controversy has already developed around whether the technology can be used by others to track locations without consent.
  • Car dealers will need to up their tech skills to sell the benefits of the vehicles effectively (and honestly).
  • It’s not clear whether the cars themselves will have inbuilt systems or simply rely on tethering via the driver’s mobile.
  • Car purchases usually involve just one payment. Now consumers have to get used to recurring payments for connected services post-purchase.
  • How high will the hurdles be to getting apps in expensive hardware accepted that address quality and driving safety standards?

Despite all of the obvious benefits, as with all significant advances in technology, there are serious privacy considerations to be addressed as the car becomes your best friend. According to the British Insurance Brokers’ Association, some 300,000 cars in the UK are already using telematics devices that capture details of our driving behaviour (such as the speed with which you take corners). And the payoff for letting someone else keep an eye on you? Reduced insurance premiums.

When it comes to tracking, we’ve already seen issues, even at this early stage. A couple of years ago, TomTom faced a backlash when it sold SatNav data to the Dutch police that helped them to place speed traps. Google’s acquisition Waze announced it was trading user data with local governments, passing across the incredibly accurate second-by-second location tracking that it gets from pinging each user’s mobile phone every second in return for updates from each city’s traffic systems. The information is of course supposed to be anonymous in this case.

In recent weeks, two US-based organisations that represent some of the world’s biggest car manufacturers have unveiled an agreement on privacy standards for securing the data that the connected cars will generate. You can check out the principles here. Interestingly, initial commentary views them as falling short of what would be required in Europe were they to apply across the Atlantic.

There’s no doubt that we can look forward to yet another battle to find a balance between valuable consumer products and privacy in the near future.

Why Google Glass Is Only The First Step


Ready For Take Off
Ready For Take Off

The Start of Something Big?

On the week that the first Explorer editions are being shipped to developers, I’m hardly alone in my excitement about just how important  Google Glass could turn out to be. Not only for the applications that we can imagine here today, in April 2013. But more importantly for the potential that this type of technology brings for advancements across areas that we haven’t yet considered.

If you view it as a building block for the re-imagining of almost every daily activity, from work, sport  or just basic methods of human communication, we can have no idea at this stage of how significant this next move into mobile computing/augmented reality will prove. However, I’m betting on it being a huge jump forwards.

I’m sure there will be issues with version 1 but we’ve got to be careful not to have unreasonable expectations. Bleeding edge products always lack the initial crucial customer feedback that can only come once you’ve let third parties loose on your product. And it’s precisely in that area, where people start to see how the technology could be used in their every day lives and make the necessary adaptions, that will drive a steep growth in its popularity.

…Or The Green Light For Conflict?

But putting the optimism to one side for a minute, it’s obvious that the path towards widespread adoption is not going to be straightforward. Moving past the geek-attraction phase (ooh, it’s shiny, I want one of those…), the technology unearths a whole raft of issues that will inevitably cause tension between different groups.

By far the best article that I’ve read recently about the impact of Glass is by Jan Chipchase, Executive Creative Director of Global Insights at Frog. It’s well worth taking the time to read through this, particularly given the calibre of the author. For a product that’s both “on your face and in your face”, he argues that Google is the right company to bring this technology to market as:-

[a business with] a recent record of genuine innovation that stretches/defines social and behavioural norms with a strong revenue stream and deep enough pockets to have a fighting chance of medium to long-term success.

Privacy And The Invisible Impact

Positions are starting to be taken on either side of the privacy debate around Glass. Yet amongst such high profile posturing, few hold solid research about how the human condition will be affected, consciously or otherwise, when we become acutely aware of someone wearing technology which can record our every move. How many of us would think twice before making a statement in the future if we knew that it was to be recorded and retrievable by a company whose goal was to index that data for the purposes of serving ever-more relevant advertising to you? As Chipcase writes:

Any idiot can collect data. The real issue is how to collect data in such a way that meets both moral and legal obligations and still delivers some form of value.

An Argument For The Wider Public Good?

One way to ease the widespread adoption of Glass is to enable anyone to access on demand the video feed being recorded by others around them. Transparency of information will no doubt help ease a few concerns whilst crowd-sourcing views to make them collectively useful is likely to convince people of the wider public good in certain situations, with emergency situations or entertainment events being the most obvious.

Regardless, It’s Happening

The issues surrounding the introduction of Glass – whether in terms of privacy, the ownership of data, legislation or the evolution of basic body language in a social setting – are only just now starting to be considered. But I for one can’t wait to see how things move forwards. There are bound to be mistakes but progress demands failures along the road.

You may not agree with Ray Kurzweil et al about his predictions about the approaching singularity – the point when technology and humanity are will no longer be separate (current predictions point to 2040). But this looks very much to me like a significant jump forwards along that path. And, one way or another, whether in Google’s hands or elsewhere, it’s going to happen. And it’s going to be a helluva ride.

photo credit: vyxle via cc