|
Dead Reckoning posted:No idea. It doesn't really matter though; even if we assume that the premise of higher development leading to slightly sub replacement population growth will 100% hold into the future across all demographics, if your solution is to have everyone on the planet live the way people in the developed world live now, (with the commensurate increase in life expectancy, ) presumably under the heel of the global regime that would be necessary to make such a thing feasible, hoping that the population will slowly taper off as (to circle back to the point of the thread), the number of people that can meaningfully contribute labor continues to shrink, then brutality and runaway global warming are features of your proposal. So you're saying we should ignore the data and just assume it's going to be bad? Raising the standard of living in the world is the solution to all the problems you seem to think are unsolvable. The data shows that violence, population growth and every other metric that matters becomes better as the standard of living improves(access to healthcare, housing, food etc). Also we have yet to see a first world country collapse due to efficiency increases. In the short term sure some jobs are lost but overall total job growth is still up in every modern county, we didn't all become jobless due to the invention of factories, or with outsourcing, automation won't do it either, we'll figure out some way to force people to work. My preferred solution is less working hours and mincome, but I imagine people will just do more service jobs.
|
#
¿
Mar 18, 2017 19:13
|
|
|
|
| # ¿ May 2, 2024 22:04 |
|
|
Blue Star posted:I dont think so. Cars still cant drive themselves and robots still fall over all the time. In order to automate jobs, we need to create robots that can be as flexible as humans and thats at least 50 years away, probably a lot longer. Maybe in 30 years we'll have cars that can drive in the rain but thats it. In the meantime, climate is getting worse and we're running out of valuable resources. Technology cant save us. We're going to take a huge step back this century, best case scenario. Cars can and do drive themselves every day, and there are plenty of robots that don't fall down. You are wrong, technological advancement is only speeding up. In less than a decade we went from having flip phones to having computers less than a quarter of an inch thick with more processing power than a desktop or laptop of the same era. The incandescent bulb took many decades to see any improvements at all. In fact we've basically replaced the incandescent bulb with led bulbs in the last 10-15 years if you haven't noticed. You're taking for granted the massive improvements in technology. In the year 2000 processors had a single core and they used tons of power and produced tons of heat. Now in your phone you probably have 4-8 cores and you produce such little heat that you don't need a large heatsink or a fan. The internet as we know it wasn't a thing until the 80s/early 90s, now it's the primary way that financial transactions happen (and that's just scratching the surface). Technology and the speed of technology growth is so mind bogglingly fast nowadays that it really does feel like the sci-fi future I saw in movies and tv as a child.
|
|
#
¿
Mar 26, 2017 05:58
|
|
|
A baby ate my dingo posted:This is only physical automation too, automating software and informational services is even easier and will cut into professional middle-class jobs. Exactly, a big part of my job is specifically to automate systems. In the years I've been working I've seen operations teams go from rooms full of people to just a handful for the same amount of workload.
|
|
#
¿
Mar 26, 2017 06:45
|
|
|
A Buttery Pastry posted:At developed world levels? I know famine and poo poo is just a question of distribution, but what if everyone is trying to get say, a German lifestyle? In any case, what is true today in this regard might not be true in a few decades, given the challenges associated with climate change and the possible shift in resource use that might force. We can only extrapolate from comparable changes in history. History shows us that automation and other advances in technology (improved crop yields, hydroponics, etc) have only improved availability and reduced costs with massive surpluses. I don't see any reason to believe there's an upper limit, it's not like we're anywhere close to running out of ways to produce goods, it's only getting better.
|
|
#
¿
Mar 28, 2017 18:08
|
|
|
call to action posted:As long as you ignore the ecosystems that support this system to begin with, sure, no reason it could ever end! Yeah, if you imagine a scenario where there's unbridled consumption in the world you'd be right. However, you could look at the data and see that you're wrong. Agricultural land and water usage is lower than ever and falling while production is higher than ever and growing. https://ourworldindata.org/land-use-in-agriculture/ But maybe you're just fear mongering for no reason with no data to back up what you're saying. Technology and automation is good for the world and humanity, and there's nothing that shows we can't sustain our current population or significantly more especially as technology progresses.
|
|
#
¿
Mar 28, 2017 20:46
|
|
|
call to action posted:I'm no scientist but I'm pretty sure land use extent and total gallons of water consumed aren't exactly great indicators for the health of the environment, nor its ability to sustain anything in the future. I get that you believe it's an unqualified social good that Chinese pigs are smashed tighter than ever before as they're loaded with antibiotics of last resort, but to me, that's not a good thing. Well let me clarify the science for you, land and water usage is a major indicator of impact to the environment in agriculture.
|
|
#
¿
Mar 29, 2017 00:21
|
|
|
call to action posted:Yeah and "total land use" is an unbelievably lovely proxy for "land and water usage". Turns out that subsistence farming with hand tools and modern agribusiness don't use an acre of land in the same way. Yeah, good point, I'm sure you'll be first in line to become a subsistence farmer. I'm sure your family won't mind the endemic hunger and famine conditions that are prevalent with that model of agriculture. But hey, maybe you won't notice how hungry you are since all your time will be spent farming, or you'll die from starvation after the first famine. Personally I'm against regressing our modern society to an agrarian society where people die of hunger regularly. I suppose to you it makes sense that the average person would have at least an acre of land to feed a family of about 4, as long as they move to a climate that has fertile land and access to clean water. Mozi posted:"The study, a National Bureau of Economic Research working paper published Monday, used data on the number of robots from the International Federation of Robotics (there is no consistent data on the monetary value of the robots in use.) It analyzed the effect of robots on employment and wages in commuting zones, a way to measure local economies." If I understood it correctly I think they're saying the jobs lost to automation don't create new jobs that the people who lost their jobs would be able to do. I don't think that's what people are saying when they talk about creation of jobs through automation though. It's not like a factory worker is going to just become a robotics engineer overnight, the idea is that their kids will become the engineers. Those people go on to do menial jobs, but the younger generation takes the more skilled work as it's created. So the old jobs die out, and new ones replace them. If this weren't the case wouldn't we see a pretty direct correlation with unemployment and automation? Wouldn't we see the number of jobs dropping instead of growing essentially in tandem with population growth?
|
|
#
¿
Mar 29, 2017 19:55
|
|
|
Paradoxish posted:First, employment growth actually isn't following population growth. There's a small but significant decreasing trend in prime age labor participation over the last couple of decades. We are losing people from the labor force. I'm not going to make the claim that the drop is being caused by automation, but it is happening. I don't know where you're getting your data from but I don't see anything that backs up your claim. According to all the data I'm seeing the employment to population ratio actually seems to be growing... probably due to more women entering the workforce than ever before. Wikipedia has a nice table, but you can look up the sources from the bureau of labor statistics and other sources yourself. https://en.wikipedia.org/wiki/Employment-to-population_ratio#Employment-to-population_ratio_in_the_world Paradoxish posted:Second, and more to the point, long term unemployment isn't actually an option in our society. Nobody wants to be out of a job for long if they aren't independently wealthy, so people who lose their jobs for any reason and can't get another one are going to eventually fall back work that doesn't pay as much. If you want to look at employment and automation you have to look at specific sectors, like manufacturing, and not the economy as a whole. The point where the unemployment floor is permanently increasing is the point where we're already hosed. The data shows despite increases in efficiency and automation employment is increasing, so I don't think we're seeing an excess of long term unemployment (employment to population ratio does not adjust for types of unemployment unlike unemployment rate). Certainly it may be the case that previously well paid employees are having to fall back to lower paid work, but I wouldn't blame automation for that, that's just a feature of capitalism. I think the best solution is to reduce working hours for employees and increasing the pay rate, that way we can transition to a less work focused society gracefully.
|
|
#
¿
Mar 29, 2017 21:51
|
|
|
Paradoxish posted:I'm assuming we're talking about the US, in which case: Go back farther, you're showing us a bubble in one generation. A single peak and valley doesn't make a trend. https://data.bls.gov/timeseries/LNS12300000
|
|
#
¿
Mar 30, 2017 07:10
|
|
|
BrandorKP posted:Now if bread gets cheaper because of all this, demand will probably rise for it. But likely not enough to keep the same staffing level in the whole industry. Also supply and demand doesn't work that way.
|
|
#
¿
Apr 12, 2017 19:09
|
|
|
BrandorKP posted:Edit let's put it this way, did the industrial production of soy beans eventually affect demand for soybeans? Yes, the industrial production of soy beans did have an effect on demand. But saying demand increases as supply increases is incorrect. As production becomes more efficient products become cheaper because there is an excessive supply, as a product becomes less scarce its demand drops. Decreases in prices are a response to reduced demand, not an increase in demand. Anyway, I think we're getting off on a tangent, there are plenty of people in this thread explaining how improved efficiency leads to job losses. Like asdf32 said, the real problem is that the types of jobs that dominated the past are now becoming obsolete, who knows if the service industry will be able to keep everyone employed.
|
|
#
¿
Apr 13, 2017 03:18
|
|
|
Cockmaster posted:Exactly. The only thing obstacle to guaranteeing a smooth transition for anyone replaced by a robot is the fact that one of our major political parties has some quasi-religious objection to using tax money to help people in need. The problem isn't the tool, it's the users. I think it's our society's obsession with work. People honestly say poo poo like "lower the minimum wage so that more people can work", they seem to think the problem is that people aren't working enough as opposed to not earning enough.
|
|
#
¿
Apr 14, 2017 02:20
|
|
|
Ormi posted:There are plenty of reasons to be skeptical that this will actually end up replacing front-end jobs in the medium term at least It already works and regardless of your personal anecdote lots of businesses are moving that direction, here in Seattle most retail stores from Home Depot to Safeway you can buy whatever you want and never interact with a human. Also since you clearly don't understand how business works they don't show off technology to impress investors, they save/make money to impress investors. The fact that it's becoming more common means it's an investment that is paying off, it's not just for show and your assumption that people prefer a human is wrong. ElCondemn fucked around with this message at 18:10 on Jun 25, 2017 |
|
#
¿
Jun 25, 2017 18:07
|
|
|
RandomPauI posted:I think we have different concepts for kiosks. I'm picturing something like a touchscreen that apes a companies app, with a way to accept payment and a way to print receipts. Established technologies. The screen could even be a tablet that can be swapped out if it gets broken. This will be an added expense, not every restaurant would want the hassel, but it wouldn't exactly be hand-made bespoke devices. This already exists, services like square even send your receipt to your email without having to sign in or anything. Places like Red Robin or Olive Garden around here use this service kiosk called "ziosk" at every table. You no longer have to interact with your waiter to pay and tip and you can even order beverages and food through them, so you could theoretically run a sit down restaurant with only bussers and no actual wait staff. The kiosks at places like McDonalds and other fast food places work too, they wouldn't be used and continue to be expanded if they were negatively impacting business. This isn't a long term strategy, it literally only exists because it's a way to save money. I have a feeling that the people who have negative experiences are not the average user, either that or they're trying to find excuses for why the technology can't work. Or they just haven't been exposed to systems that work well, which in my city are used pretty ubiquitously.
|
|
#
¿
Jun 26, 2017 05:31
|
|
|
Cicero posted:Eventually we're run out of jobs, I think it's impossible to predict exactly when though. We won't know it until it's already been happening for a while. I don't think there will ever be a lack of things to do, I know the "everyone will be vloggers" thing was a joke but I honestly believe more people will move to the arts or research as traditional jobs become less popular. It's already happening, with the rise of youtube and other social platforms people are making a living just loving around online and that's pretty great. I still think there is a large portion of the population that isn't as outgoing or interested in becoming a youtube star so there's going to have to be some other avenue for that type of person. Personally I'm in favor of a mincome in addition to basic shelter and food for all.
|
|
#
¿
Jun 26, 2017 19:37
|
|
|
Paradoxish posted:This really isn't happening. Yes, there are people who do stuff like this full time, but the reality is that the vast, vast majority are unable to make anything close to a decent living off of it. It's really a very small cadre of superstars that are able to actually make a living off of "loving around online." And that's a poor description of the ones who do as well, since most of them are working far more than full time when you consider the time needed to record, edit, market, deal with their community, etc. The same goes for things like podcasts. The best podcasters have professional level quality because they are professionals with professional skillsets. I'm not saying it isn't work, I'm saying people have other options for work if they want it. I'm not implying that the solution to the problem is youtube. I don't know why you people keep quoting me but cut out the part where I say mincome, housing and food should be the standard. I'm just saying in a post work society people can still have their capitalist dream by doing things like becoming a youtube star, or inventing something, or going into academia, or countless other options that right now aren't really feasible as normal paid work. I'm saying it's already happening, people are being paid to do what might be considered by some not worthy of pay. The only reason I say this is because people are pretending like there won't be anything to do once automation eliminates the vast majority of jobs, as a society we will just shift to things like entertainment, the US already owes a pretty massive portion of its GDP to entertainment. ElCondemn fucked around with this message at 23:02 on Jun 26, 2017 |
|
#
¿
Jun 26, 2017 22:58
|
|
|
Volkerball posted:everything Totally agree with your point of view, people treat technology like it's static but it just takes time and incremental change. Automation doesn't happen over night, it's more like a river just slowly eroding the soil until the resulting canyon seems like it was always there. I think certain industries are more automation proof than others as well, certainly food production is one of them but it'll get there eventually. Dead Reckoning posted:A few people can make a living as a YouTube Superstar. Do you think all the people driving port trucks and scrubbing toilets are doing it because they don't have access to a webcam or lack hustle? Right now we live in a narrow window where a few artists can sell their wares to the entire global middle class at once, but as well paying middle class jobs continue to get squeezed out of existence, that window is going to close. We can't all be tipping each other for amusing listicles or fast talking youtube vids. UBI isn't going to happen because there is no reason for the wealthy to go along with it. I do believe that people scrubbing toilets don't know that they could make money in other more creative ways, yes. Though I'm not saying it's because they aren't good workers or whatever, they just lack the freedom to peruse skills and entertain ideas that aren't related to making money (they would be at risk homelessness or starvation if they did otherwise). Do you think your parents would even consider being a "youtube star" as a viable career path? How many kids growing up today see it as viable? My whole point is that right now you can see way more people than ever before earning money this way, and I think it'll continue to grow. Hollywood used to just be this small thing that only a select few could be a part of, now anyone with a webcam or microphone could potentially be signing production deals with Netflix or whoever shows up next. There is really no limit to the number of people that can find a niche and earn money catering to that niche. I don't disagree with your point about the window closing, we are definitely in a time where even casual artists are able to make money with few barriers. However, I was just using youtube etc. as just an example of what the future might look like if we were to continue down this path. I can't predict the future so I can only assume we'll continue the trend of moving towards a more service and entertainment driven society, I think at least for the time being humans excel at that. I don't agree that the wealthy have no reason to be in favor of UBI, regardless of a rich person's tax contribution the buying power of a population with only disposable income still vastly outweighs the actual contribution that would be required by that individual. Companies will grow but just like today most will fail, those remaining companies will still earn way more than they pay out. The alternative is no consumption or growth at all and I don't think the average corporation would be in favor of that. ElCondemn fucked around with this message at 03:52 on Jun 27, 2017 |
|
#
¿
Jun 27, 2017 03:49
|
|
|
Dead Reckoning posted:Assuming we're heading towards a situation where a large fraction of the population are NEETs, or worse, LP superstars, and contribute nothing of inherent value to society that others are willing to pay for, why would corporations and their shareholders have any interest in a system wherein the government expropriates their money via taxation, then turns around and gives it to said useless lumps so that they can buy things from said corporations? I'm sure the wealthy can come up with more amusing means of lighting money on fire. What I described isn't any different than normal taxation, so if you want to think of it that way... yes, corporations are currently paying "useless lumps" to consume. In the simplest terms wealth is only built by moving money around plus steady inflation, so I'm failing to see how a UBI would impact that process negatively. If anything it allows for more growth since all individual income would be disposable instead of going to necessities like food and housing. I think the thing you're misunderstanding is how the the investment actually works out, it's not like company A is paying customer A 10 dollars to buy a widget for 10 dollars. It's more like Companies A-Z are paying $10 per widget and they sell it to N customers for $20 per widget. Companies F-Z go under after investment dries up and Companies A-E are now rich and they earned more than they individually contributed. You also have to remember that companies A-Z are also in constant rotation and they're paying each other and employees (aka. customers) so the money doesn't just go away when they fail. Plus there are many ways that wealth is injected into the cycle other than inflation, foreign investment, improvements in efficiency, discovery of new methods or resources, licensing, etc., all essentially create money out of nothing and I don't see how a UBI would stop any of that. Paradoxish posted:A less cynical (and apocalyptic) view is that everyone is capable of contributing to society, but the labor market as it exists is just really inefficient at helping people to do that. Something like a UBI theoretically frees people up to do volunteer/community work that traditionally wouldn't be enough to live off of, but that's still socially valuable. The same goes for artistic endeavors. A government that's actually interested in the welfare of its citizens should support policies that improve lives and help people to contribute in ways that they find meaningful. Exactly, and lots of countries are actually moving in that direction. America is seemingly moving further from that at the moment, so we'll see how it pans out for us.
|
|
#
¿
Jun 27, 2017 21:06
|
|
|
call to action posted:So, those of you who are having kids: what's your plan for them, in our automated future? It sure seems like everyone is going to be jobless or working gigs except for the absolute "best" amongst us. Will your child be more grist for the mill? I don't believe the future looks bad, I think automation is only a good thing and will inevitably lead to a post scarcity economy. Ideally the concept of work will change over time and in the future the idea of not working won't be stigmatized. I believe it's already happening, what people value is changing. Value is a human concept so really anything can be seen as valuable, it just happens that at the moment value seems to be tied pretty heavily to wealth. In the future I imagine novelty and complexity will become the standards we use to determine value. Owlofcreamcheese posted:If you want to name a future common job name a current ultra elite job that only a few super special people can do. Computer programming is the next blue collar job, in some countries it practically already is.
|
|
#
¿
Jun 28, 2017 19:09
|
|
|
Paradoxish posted:edit- In a way, software development is undergoing the same transition as a lot of other industries where the middle is being hollowed out and replaced by lower end, cheap developers at one end and highly educated, highly skilled developers at the other. That's basically all I'm saying about it turning into blue collar work, most programming work is done today is by low skill workers while the architecting and core libraries and SDKs are done by the more skilled workers. Certainly it can and will be automated in the future though, maybe with smaller time scales than say fabrication or carpentry since in the tech field advancements move a lot more quickly.
|
|
#
¿
Jun 28, 2017 20:42
|
|
|
Rastor posted:Automated robo police car with 360-degree cameras that “scan for wanted criminals and undesirables” https://www.youtube.com/watch?v=A9l9wxGFl4k
|
|
#
¿
Jun 29, 2017 18:37
|
|
|
Dead Reckoning posted:Instead of automating it, companies will just shift programming chores to anonymous teams in India and Pakistan with an American front man who will take the fall if they gently caress up. Since programmers produce nothing but code, they are ripe for offshoring. This is how it works in many companies today.
|
|
#
¿
Jul 3, 2017 18:03
|
|
|
ColoradoCleric posted:As someone in the fast food industry I'll tell you you're right on the part about needing fewer cashiers, however this has instead lead to better paying jobs for the remaining employees as they now have to handle more responsibilities. In our stores we now tend to have about as many hourly managers as we do employees who have to handle everything from meal prep during rushes to handling customer complaints. Protip: call your employees managers and they'll gladly do lots of extra work for just a few cents more per hour.
|
|
#
¿
Jul 7, 2017 21:59
|
|
|
Owlofcreamcheese posted:I agree it'd be bad if iot devices are extremely poorly programmed but again I'm not exactly clear why I'm supposed to hold this fear specifically about this compared to anything else? It's not a big deal most IOT devices don't even use wifi, they run their own protocol specific networks like zigbee and zwave. People freak out because they imagine a voyeur watching them through their security cameras or listening to what they're saying. In reality the biggest threats are things like smart tvs and set top boxes that use technologies like UPNP to open ports and make themselves directly accessible to public networks. These hubs that control your lights and stuff are quite a bit harder to exploit since they're not directly accessible. You'd have to hack the service provider and then also find an exploit that would give the hacker a way to execute arbitrary code on the devices since that's not how the hubs normally work. But also like you said, having your lights not work properly is pretty minor compared to your bank credentials being captured and used. I wouldn't trust the opinions of most of the people in this thread, they've watched a few too many singularity YouTube videos and see themselves as automation experts.
|
|
#
¿
Jul 10, 2017 17:28
|
|
|
Tei posted:We had recently a huge DDoS that affected half the internet because these devices uses telnet for access and default passwords like admin and 12345. There are million of these. First off the "huge DDoS that affected half the internet" didn't do poo poo, it was a minor blip and most people didn't notice a thing, because these kinds of attacks are happening constantly on the internet. Secondly, this wasn't caused by "IoT devices", unless you consider home routers and security cameras IoT now. Your connected toaster problem implies that by hacking it you will then be able to turn on the toaster and make it heat up past it's normal operating parameters, care to explain how that will actually happen? The mirai exploit didn't do poo poo that isn't already being done to insecure linux systems on the internet today. It's not like these "hackers" did anything interesting or exceptionally nefarious, they didn't cause any havoc that a normal DDoS as we see every day does. Even if you're talking about something with actual impact like a car you're still way off base, it's just you have a fundamental misunderstanding of how these computers work and what they can and can't do. Mozi posted:I got Hue lights and an Echo and all I do is tell the Echo to turn the lights on or off, which works less well than flipping the switch. Communicating with the Echo just drives me up the wall; anything I'd want to do is easier on a computer. The cool stuff happens when you add in sensors and smart remotes and stuff, I don't have to even think about lighting in my house anymore and I save money doing it too. Also talking to echo to do unit conversion is exactly what IoT stuff is all about. ElCondemn fucked around with this message at 20:15 on Jul 10, 2017 |
|
#
¿
Jul 10, 2017 20:12
|
|
|
Tei posted:By ignoring the temperature? checks that are done in the firmware will be ignored. We don't live in the perfect world where this is imposible. Again you're just so loving wrong about how these systems work. How do you make that happen? Explain how you write code and get it onto a single device which you don't have any physical access to? How does your connected toaster turn itself on?
|
|
#
¿
Jul 10, 2017 20:21
|
|
|
Guavanaut posted:What's the use of IoT devices that can't be told to do things remotely? a) The software you use to control the toaster is not the same software that is used to actually "make the toast". There's a level of abstraction there, the toaster "chip" has all the functions built in like how to turn the toaster on and off (which for a toaster is literally the only thing it does). To make a toaster heat up beyond it's specifications you'd have to somehow force a hardware voltage regulator to heat up the heating element hotter than its hardware was designed to do. If there is nothing in the toaster and it's on for 12 hours it will not keep getting hotter until it sets the home on fire, it only gets as hot as its hardware was designed to. b) I doubt that toasters will have access to the "on" function, since that is usually a spring loaded mechanism that requires manual setting. Certainly a connected toaster could spring your toast but I would seriously doubt any time in the near future we'll have toast machines that can load the toast, toast it and remove it without human interaction. There would literally be no point in adding a connected "on" button unless it can do the whole process end to end on its own. c) Most IoT devices are low power devices that respond to a limited set of commands, to make them perform any action outside of those commands would require writing new firmware. To install firmware to a device you either need physical access to connect to specific headers on the board, or you have to have an online update process. In either case your firmware is going to have a chip that contains a public key on it, and only software signed with the private key will be allowed to be run on that hardware. Remote code execution is more of a concern for the connected software part of the code, since it typically includes binaries that aren't signed and that are designed to run arbitrary code (like a linux kernel running a web server). But again, there isn't much concern there unless you're afraid of your router being used to DDoS people or spy on you, which can be easily mitigated by not running a web server and using technologies like websockets and message queues to trigger actions on these IoT devices (which most of them do).
|
|
#
¿
Jul 10, 2017 20:57
|
|
|
Tei posted:You download the firmware from SmartToasters.com.tw , then use a deassembler to get the assembler code. That you read. There you find theres a default password 12345 and you can connect to it trough POST commands in port 80. Assuming your toaster runs a web server instead of a client that opens a socket to smarttoasters.com.tw like most IoT devices do. Most of these devices are behind a NAT or firewall and it doesn't make sense to run a web server at all, again the big fear people had was over routers and ip cameras that are running web servers and explicitly open up access to the public internet. Tei posted:Theres also many buffer overflows. Because the code seems programmed in C or other language withouth memory handling, and the manual memory handling is bad. Again, you're assuming there's a server running somewhere to be exploited. A client doesn't accept connections remotely to be overflowed. Tei posted:You don't find this toasters on the internet, because don't actively open ports. But you have other attack vector inside some poorly programmed smart TV or home router that you use to find automatically toasters like this one. So once a toaster is found, you use the buffer overflow and the admin password to run some code that force the toaster to load a new firmware you made. Yes, if your TV runs a web server and opens ports externally and has the ability to run arbitrary code and has network access. How many hoops do we jump through again? Tei posted:The newfirmware ignore temperature checks, you can activate "infinite maximum heat" and once is feed some bread, it will continue heating it forever at maximum temperature. Ok, so assuming you somehow found a way to install firmware remotely that can turn off a temperature check feature, chances are you still wont be able to turn it on remotely but even if you do you're assuming that these toasters have heating elements and power supplies that catch fire if they're left on at max temp forever. I would argue that there we have consumer testing companies that do things like "leave the toaster on at max temp for days at a time" to ensure that won't happen today. Tei posted:Oh, SmartToasters Taiwan has closed doors. Now your job is even easier, you buy the domain SmartToasters.com.tw, and you can directly upload your new firmware to the 4 million toasters in the world made by STT. Again these types of devices use a client with a limited protocol, but say you own the domain and you know the command you need to send to force it to download new firmware... did you forget that we have signed software? Did you forget that these clients have a client cert and only trust the CA for smarttoasters.com.tw that's been signed by the same cert? They are designed this way to prevent man in the middle attacks, whats stopping you from pointing your DNS to your own web server today to hijack your own device? Give it a try and tell me how much luck you have doing that! Tei posted:The firmware is "digitally signed", but is some retarded CRC sign by blocks, and theres a bug in the firmware, and only checks the first block. Now you can cause small fires in 4 million homes. So if you somehow own the domain, own a valid cert, know how to make the client download firmware from your host and find a bug that allows you to exploit CRC to install firmware that hasn't been signed by an authorized CA... well then you got me man, you are a 1337 hacker and have proven that running any connected device is insecure and a bad idea... that is unless you look at the effort required and compare that to actual exploits in the wild... Locks on your front door don't protect your home, they just increase the amount of effort it takes a criminal from entering your home. The same is true of software security.
|
|
#
¿
Jul 10, 2017 21:18
|
|
|
Guavanaut posted:There is no hardware voltage regulator in a toaster, the element just has a resistance designed not to draw more than a certain current, like an electric fire. So if it could be kept on for more than the designed time, pumping heat into the toaster space at a constant rate, it's feasible that it could overheat the toaster beyond the materials spec. I'm not a toaster expert but it seems like a problem that's been solved in the 100+ years toasters have been around. Either way I think a toaster is just a stand-in for whatever scary device that's in everyone's home that could go nuts and kill you, I'm just trying to point out how it's an irrational fear. Like I think we're both saying it doesn't make a lot of sense to have a solenoid controlled on button on a toaster since it opens itself up to catastrophic failure, while a bimetallic strip is a simple low tech solution that prevents that poo poo. Guavanaut posted:Why do we want bidirectional control of a toaster over the internet again? One that makes something else beep so I can tell when it's done from another room would be cool enough. But it'll get hacked! Do you really want some shady hacker to know how dark you like your toast?
|
|
#
¿
Jul 10, 2017 21:46
|
|
|
Owlofcreamcheese posted:IFTTT doesn't have any toasters yet but looking at ovens the most popular scripts all seem reasonably useful and some of them are actually super clever like "turn on the vent hood fan", "turn off the oven if your smoke alarm is going off" and "turn off the oven if you leave the house" as well as various alerts. These are really cool and I'm sure your oven won't catch fire if it's left on all day. What they most likely did was just add a computer to this thing and wire up the control interface to the computer, that way they can control it via the physical interface or a virtual one. I doubt there's even any way to update the firmware that operates the actual oven, what could they possibly update in the possibly non-existent firmware to improve an oven that can't be done via the connected computer?
|
|
#
¿
Jul 10, 2017 21:55
|
|
|
Solkanar512 posted:Why is it that folks are claiming that IoT toasters are more secure than the Iranian centrifuges that were hit with Stuxnet? Because the two devices are inherently different, they run different software and are designed totally differently. Again this is just a fundamental misunderstanding of how these systems work. Stuxnet worked as an exploit for any system that was running windows, the centrifuges just happened to have their control software running on windows. These IoT devices however are not connected to the internet or even your home network the same way those centrifuges would be. They work more like an arduino or other lower power single thread micro-controller, they are not designed to run arbitrary code and can't be exploited in the same ways.
|
|
#
¿
Jul 10, 2017 22:45
|
|
|
Guavanaut posted:I thought Stuxnet was a two level thing, one part worked as a standard virus, spreading across Windows machines, the payload part affected certain very specific Philips or Siemens or something industrial controllers if you updated the firmware from an infected Windows machine. The security concern part of Stuxnet is the root remote code execution. The PLC issue isn't an exploit as much as it's just a hack to make the software send harmful commands to the connected devices. This is possible on pretty much every platform except for platforms that are specifically designed to protect memory, and even then when you're root it's trivial to bypass any protections that might've been in place. Guavanaut posted:That kind of thing could start becoming an issue if/when IoT controllers start using more powerful control units, but only if they had some sort of crossover that is also present in something that these state level actors are likely to want to target. If someone wants in there's always a way in, I think because of the power limitations we've made most of these devices pretty dumb and secure because of that fact. In the future or even today with devices that are connected to your wall there is definitely a possibility that they're running a full-size modern kernel that can run arbitrary code, but again it's only a concern if you allow direct access to your devices or you're being targeted by people with the resources to get in. Guavanaut posted:So it's not like someone would deliberately target all the light bulbs, but there could be something that inadvertently bricks them if updated from a compromised machine. It's going to be interesting to see what inadvertent effects things like that have. Maybe, but the way it works right now it doesn't seem like to happen that way. Unless you're talking about some future bulbs that run linux or something?
|
|
#
¿
Jul 11, 2017 00:03
|
|
|
Guavanaut posted:It probably is going to end up that way, if economies of scale keep working like that. It wasn't too far back that people were saying "why would you put a microcontroller in a washing machine when a handful of 74 series logic can do the same thing?" or mechanical switches, or a big rotary dial with the right PCB traces behind it. There's a certain level, maybe not for lightbulbs, but a level where a lot of things are going to be SoC devices capable of running arbitrary code because they're useful enough elsewhere. I think it's going to be the same security concerns of yesterday, as long as we don't run services that face publicly out of our home networks I think we'll be ok. The Mirai attacks are really no different than the usual worm in the wild, and even in the future that'll probably be the way things work since these types of things go after easy targets with the most impact.
|
|
#
¿
Jul 11, 2017 00:41
|
|
|
dont be mean to me posted:With this they can burn (a sizable statistical fraction of) everyone's house down at the same time. From their porn station. When you use big words it almost sounds like you know what you're talking about, it's too bad that this theoretical toaster that burns down houses doesn't and wouldn't exist, otherwise you'd have a point. Solkanar512 posted:Instead of being dismissive, take these issues seriously and address them. I addressed all the concerns and tried to explain how the technology works but all you hear is "it's fine, you're a Luddite". I'm not really sure what you want, other than to have confirmation that your fantasy apocalypse scenario isn't just in your head.
|
|
#
¿
Jul 12, 2017 05:33
|
|
|
Solkanar512 posted:Stop being so loving obtuse! Do you not understand that many appliances in the kitchen, even when operating normally, can present a danger if operated without someone there to supervise? Have you ever used a kitchen before? Do you understand that ovens are hot, and gas ranges produce an open flame? Modern kitchen appliances are designed to not burst into flames when unsupervised, even toasters. Solkanar512 posted:Seriously, do you not understand this? If I can remotely turn off a gas range, it means it's possible to remotely turn on a gas range. This is not true, the mechanics required to turn on a flame are entirely different to turn off a flame, I can see them adding the ability to turn off a flame but not turn one on. To do both would require extra effort and honestly just open them up for more liability so I doubt they'd do it unless they had a compelling reason and/or it was engineered to fail "closed". Solkanar512 posted:You even showed the scripts allowing for an oven to start preheating. Why do you keep ignoring this poo poo when people keep bringing it up in a clear and direct fashion? An oven preheating has been deemed safe because these devices are designed to operate for hours/days at full power without bursting into flames. Why are you assuming they're just dummies hooking a computer up to a device but also smart enough to build in the features that allow these devices to surpass their mechanical/engineered specifications? Lightning Lord posted:People have already disabled and hosed around with cars through hacking. Luckily, they were white hat hackers trying to demonstrate security flaws to the automotive industry and technology journalists. I used to work for a company that provided the means to update firmware in cars, I can assure you that all the hacks that have been promoted in the media require physical access to the hardware to perform any action that is deemed unsafe. Some guy earlier made the claim that the connected entertainment consoles in cars are hooked up to the car computer and that's just blatantly and incredibly false... it's a shame you guys don't bother to research how these things actually work. There are standards that car manufacturers have to follow and I assure you they don't let randos just hook a PC up to the gas pedal in your Nissan. You might think you have direct internet access but all the connected services transmit over a private APN with proxy software to route api calls... Lightning Lord posted:I'm not saying rip all the computers out of cars, I'm saying treat car computers like any other computer and get some security. Manufacturers already are starting to do this but the concern is that it might escalate before they have a full handle on it. We know the issues, and people are taking it seriously. That's why the computer that controls your car is a custom built device that has hard-coded logic built in. Meanwhile your entertainment console is a totally different computer that has little to do with your cars normal functions. call to action posted:Unexpectedly turning on 100,000 toasters at once in an area would probably cause a power disruption, too, especially if it were done in the middle of a hot day That is if you jump through a lot of hoops to do it, your toaster isn't running a web server/admin interface that can be exploited like the security cameras and routers that were exploited by Mirai. But I can't convince you guys because you all know exactly how this future toaster will be built and why it's no different than a home router. Tei posted:My mother use to have stuff inside when the oven is off. Why are you assuming you can add 30% over maximum? It just doesn't make sense that you would be able to surpass the hardware limitations of these devices. Tei posted:One problem is when the people that buy the device and the person that suffer the device flaws are different people. So you buy a IP camera to watch your baby from your workplace. Nice. But you buy the cheaper one,and it uses a default password. Ugh. It gets hacked, and used has part of a DDoS by some mafia to force companies to pay money, or have their website closed. Ungood for these companies, good for that mafia, you may only notice the video stream of your baby is not has good as used to be at first, but nothing else. Is other people that pay the price of having a "unhealty" device connected to the internet. IP cameras have been around a long time, you know what's been around even longer and has a much bigger attack surface? PCs. Your PC is a better candidate for a botnet than any IP camera, if your point is that any connected device can be used nefariously I'd argue that a) you're wrong but b) even if you're right how is that different than running a PC or running a web server or running any fully featured operating system with unrestricted network connectivity. call to action posted:That doesn't make any sense, any psycho could just stab you, why would it make a difference how difficult a gun is to use What are you arguing? If a psycho has to kill people and one way is really easy and the other requires probably years or decades of skills and potentially resources... how many psychos are going to build a robot to kill you over just stabbing you?
|
|
#
¿
Jul 12, 2017 20:22
|
|
|
Mozi posted:I look at what's already happened with IoT devices and how well security is being handled by such things as, say, nuclear installations, and I choose to not invite the internet into my oven or fridge. Just so you're clear, instead of calling everything an IoT device just call it a "networked computer" and suddenly it's no different than your laptop, phone or ipad... which all have a much larger attack surface and have the same security concerns that we've always had.
|
|
#
¿
Jul 12, 2017 21:23
|
|
|
Owlofcreamcheese posted:your appliances already have computers and software in them if they are newer than like 30 years old. The hackers could have hacked into the oven factory already and altered the microcontrollers to work as time bombs if you are doing anything but cooking over campfires. Woah there, are you calling these computer experts luddites or something?
|
|
#
¿
Jul 12, 2017 21:26
|
|
|
Mozi posted:I don't want my fridge to be a networked computer. There are vastly different expectations. You are free to do that, but devices that you use every day already have the same if not bigger security concerns than a fridge that counts your eggs. I will continue to adopt these technologies because I understand how they work and I while there are some aspects I wish I could control better in general I trust the companies providing these services and products. I use these devices every day and they improve my life tremendously, especially since having a kid. I am able to keep my new born son's bedroom at the exact temp and humidity it should be. My home automation system controls fans, cooling and heating and also alerts me if something out of the ordinary happens like unexpected movement at night or flooding. Not only do I have all this automated control I can keep tabs and control everything in my home even when I'm away. It'll even tell me if there's a fire or something at my home and I can take appropriate action with that information. People have been using security cameras and burglar alarms for ages, I just have a custom built one that does way more than just give me peace of mind, it's actually useful and all of this happens via the local network with no direct public access to any of these devices. ElCondemn fucked around with this message at 21:52 on Jul 12, 2017 |
|
#
¿
Jul 12, 2017 21:49
|
|
|
Kerning Chameleon posted:I (and about 4.5 million other people) had my SSN, along with my name and birth date, leaked in a breach of a fairly large multistate Job Seeking program. That's enough information for an attacker to basically ruin my life six ways from Sunday without even trying very hard. Four months later, no action has been taken, and all I've been told was "Here, have some free credit monitoring (which is only free for a year, and your SSN being on the darknets means you have to be vigilant for life now), put a credit alert on (which must be manually renewed every 90 days, and since you don't have evidence your information was actually used in identity fraud you can't get a police report for free credit freezing), and basically it's entirely your responsibility to watch your bank account and credit history like a hawk for the rest of your life. Have fun!" No lawsuits, no real help from law enforcement, nothing but anxiety waiting for some rear end in a top hat Ukrainian to open a loan in your name out of the blue one day for always and eternal now. Any security you think you had before this was all meaningless anyway. Your social security number and other information was probably already out there and being used, the IRS knows this and so do credit card companies and banks. Our financial system only survives because the amount of money being made dwarfs all the fraudulent activity in the system. The only reason you're not constantly being hit with bills or whatever is because banks, the IRS, etc. match your details with other data to separate the "actual you" from whoever else might be using your information for their own purposes. You shouldn't worry too much about it, if something looks fraudulent on your credit report (Which you should get a free one at least once a year) you can just call them up and have it removed. It's all pretty painless.
|
|
#
¿
Jul 27, 2017 16:52
|
|
|
|
| # ¿ May 2, 2024 22:04 |
|
|
Cicero posted:Have there ever been serious suggestions/whisperings of a law that mandates compensation if a company leaks your personal information/gets hacked due to poor security? There are HIPPA regulations that have fines associated with mishandling of PII data, and some others like COPPA etc. but in the US there isn't really much regulation about data privacy. Honestly what keeps most companies accountable are credit cards. To accept credit cards your business is required to be PCI compliant. The requirements vary depending on your "level" but in general they stipulate how data can be accessed, stored, and collected. There of course aren't any fees associated with it (that I know of) but it opens you up to a law suit and/or revocation of your merchant account if you break those terms.
|
|
#
¿
Jul 27, 2017 17:09
|
|