Saving Lives With the Internet of Things: school lockdowns

Continuing with the meme of this morning’s post, that the real test of the IoT will be if it allows us to do something that we couldn’t do before, how about saving children’s lives as a good example of a new paradigm courtesy of the IoT?

I don’t believe in the NRA’s bizarre position that the way to avoid more school tragedies is to arm teachers (come to think of it, I don’t believe in anything the NRA proposes — if you do, sue me, I guess…) so it’s great to see that the Internet of Things (even better, a Massachusetts firm!) has stepped in with a non-violent solution allowing teachers to act immediately, without waiting for police, to protect their children.

This kind of solution is a particular passion of mine, since long-time readers of this blog know that I pioneered (as in October, 2001) using mobile devices for personal preparation for, and response to, terrorism and disaster situation.

According to Fast Company, Elerts has created Lock It Down™ and ELERTS Campus™, which allow teachers to trigger a lockdown from a smart phone or iPad app.

Among other features, Lock It Down™ includes great features for these high-pressure, instant-reaction situations:

  • Sharing: Transmits bi-directional information in seconds
  • Action: Can initiate a Lockdown with the press of a button
  • Options: Also offers Shelter in Place and Evacuate commands
  • Reporting: Text message, photos, and GPS map add context
  • Speed: Police see reports on their devices and can respond faster
  • Status: App includes “SkyWriter” for personal safety updates

Sweet!

ELERTS Campus™ is designed for colleges and larger campuses, and offers:

  • Reporting: Drop-down menu makes Report Type selection easy
  • Crowd-Sourcing: Message, photo, GPS map inform Security Dispatchers
  • Broadcast: Warnings can be broadcast to all students who use the app
  • Administration: The ELERTS EPICenter web console manages Reports
  • Alerts: ELERTS EPICenter allows 2-way chat with sender of original report
  • Virtual Monitoring: Users can activate “Escort Me” by pressing a button

These are just the kinds of tools that I dreamed of creating ten years ago, when all we had were the early Palm Pilots. What a great use of smart phones and the IoT!

The two programs are meant to be used in conjunction with the ALICE Training, as in Alert, Lock-down, Inform, Counter, and Evacuate.

Download the apps:

ELERTS Campus™ for iOS
ELERTS Campus™ for Android

 

 

 

Shodan: maybe this will get people to take IoT privacy/security seriously!

Wired has an article this week about Shodan, the “IoT search engine,” which I hope scares the bejesus out of enough companies and government officials that they’ll finally realize how absolutely critical it is that we make security and privacy THE top public policy/corporate management priorities regarding the IoT.

Shodan’s homepage proudly proclaims that it will let you “EXPOSE ONLINE

Shodan

DEVICES: webcams, routers, power plants, iPhones, wind turbines, refrigerators (there’s that meme again!), VoIP phones.” Anyone out there who isn’t covered by that list? If so, stay in your cave!

As for everyone else, maybe you’d be more properly attracted by the CNN story about Shodan several months ago: “Shodan: the scariest search engine on the Internet.” Got your attention yet?

Here’s what Shodan can do, according to CNN:

“It’s stunning what can be found with a simple search on Shodan. Countless traffic lights,security cameras, home automation devices and heating systems are connected to the Internet and easy to spot.

Shodan searchers have found control systems for a water park, a gas station, a hotel wine cooler and a crematorium. Cybersecurity researchers have even located command and control systems for nuclear power plants and a particle-accelerating cyclotron by using Shodan.”

Command and control systems for nuclear power plants? Sheesh!

Reminds me that while the Obama Administration remains abysmally ignorant of the IoT (and, remember, I’m a fan of them in general …) one official who was all in was former CIA Director David Petraeus:

“‘Transformational’ is an overused word, but I do believe it properly applies to these technologies,’ Petraeus enthused, ‘particularly to their effect on clandestine tradecraft.’

All those new online devices are a treasure trove of data if you’re a ‘person of interest’ to the spy community. Once upon a time, spies had to place a bug in your chandelier to hear your conversation. With the rise of the ‘smart home,’ you’d be sending tagged, geolocated data that a spy agency can intercept in real time when you use the lighting app on your phone to adjust your living room’s ambiance.

‘Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters — all connected to the next-generation internet using abundant, low-cost, and high-power computing,’Petraeus said, ‘the latter now going to cloud computing, in many areas greater and greater supercomputing, and, ultimately, heading to quantum computing.’

Petraeus allowed that these household spy devices ‘change our notions of secrecy’ and prompt a rethink of’ ‘our notions of identity and secrecy.’ All of which is true — if convenient for a CIA director.”

Sufficiently alarmed yet?

Let me be clear: I am convinced that security and privacy are the two issues that have the greatest potential to stop the Internet of Things dead in its tracks — and I felt that way even before Edward Snowden was a household name.

Snowden, ooops, Shodan, has revealed shocking indifference to security on the part of countless organizations (and, BTW, don’t forget that 85% of the U.S.’s critical infrastructure — power plants, pipelines, chemical factories, etc., is in private hands):

“A quick search for ‘default password‘ reveals countless printers, servers and system control devices that use  ‘admin’ as their user name and ‘1234’ as their password. Many more connected systems require no credentials at all — all you need is a Web browser to connect to them.

In a talk given at last year’s Defcon cybersecurity conference, independent security penetration tester Dan Tentler demonstrated how he used Shodan to find control systems for evaporative coolers, pressurized water heaters, and garage doors.

He found a car wash that could be turned on and off and a hockey rink in Denmark that could be defrosted with a click of a button. A city’s entire traffic control system was connected to the Internet and could be put into ‘test mode’ with a single command entry. And he also found a control system for a hydroelectric plant in France with two turbines generating 3 megawatts each.

This is as scary as the Vanity Fair article last year about how a miscreant could use an iPhone to kill you!

The 85% of critical infrastructure in private hands number should be a stark reminder: the only way we can possibly address IoT privacy and security is through collaborative government/private sector action — with strong involvement by you and me.

If you are involved in the IoT in any way, you simply can’t duck this issue!