I don’t want to be friends with my bank—after all, I’m a typical consumer so I hate banks—but I do want to be friends with my bank account. Why can’t Barclays let me friend my current account so I can see its status updates like “Premium card fee £10.00”, “Direct Debit British Gas £37.85” and “Counter Credit £5.00” and so forth?[From Friends and relations]
This is a point that I amplified in Retail Banker Interactive, finishing up with plea.
So a plea to my account, card and service providers: I don’t want to be friends with you, because you are corporations and not mates, but I do want to be friends with my stuff: my money, my cards, my phone. How hard can it be?[From Social media is not just another communication channel – Blogs – Retail Banker Interactive]
A discussion about this continued over drinks, and I am indebted to David Harris from salesforce.com for bringing a fascinating example to my attention. Apparently, Toyota are going to have a system whereby you can be friends with your car, which is a great idea.
For example, if an EV or PHV is running low on battery power, Toyota Friend would notify the driver to re-charge in the form of a “tweet”-like alert. In addition, while Toyota Friend will be a private social network, customers can choose to extend their communication to family, friends, and others through public social networks such as Twitter and Facebook.[From Toyota USA Newsroom | Salesforce.com and Toyota Form Strategic Alliance to Build ‘Toyota Friend’ Social Network for Toyota Customers and Their Cars]
So your friends could be friends with your car too. You might wonder why anyone would want to do this, but consider this: my sister has borrowed my wife’s car for a couple of days while she goes looking for another car, so it would be great if my sister could be friends with my wife’s car (and it would make sense for me to be friends with my wife’s car and vice versa) for a time.
What I’m not sure about is if I would want these connections to be in my hilariously-entitled “real name” or via a network like Facebook. I’m not paranoid, but I don’t want to be bombarded with crap all the time because Facebook has noticed that one of my brake pads is wearing a little thin and has sold this information to a hundred different brake pad companies around the world. And I’m sure it will only be a matter of time before some guy tracks down and murders his ex-girlfriend because she forget he was friends with her car so knows where she is.
There’s a layer of infrastructure missing here and I hope that the Cabinet Office’s Identity Assurance Programme that we were discussing yesterday is going to take this into account. They’ve finally got a budget so I hope that some of the input from the Working Groups can now be acted on.
Cabinet Office minister Francis Maude has earmarked £10m for implementation of the government’s Identity Assurance (IDA) programme,[From Government earmarks £10m for Identity Assurance and targets over £500m savings – 10/31/2011 – Computer Weekly]
So what has being friends with my bank account got to do with the Cabinet Office? We need an identity infrastructure for things as well as for people. I need to delegate permission to access my wife’s car to my sister just as I need to give permission for my sister to be friends with my wife’s car for a while. Right now, there’s precious little security around people, but even less around things, largely because the “internet of things” wasn’t designed with security in mind.
Typically, the person who designs the embedded software system for a car or a power grid system or a generating system are engineers who learn programming maybe as part of their engineering course, but they are not trained computer scientists or computer engineers. The point is that someone whose primary job is understanding control theory is not someone who knows anything about software vulnerabilities.[From The internet of things | Interviews | Opinion, News, Analysis | BCS – The Chartered Institute for IT]
If this sounds esoteric, it isn’t. It’s a real issue that should be taken seriously as input to the deployment of devices right now. Here’s a straightforward example from Rob Bratby.
The deployment of smart meters is one of the most significant deployments of what is often described as ‘the internet of things’, but its linkage to subscriber accounts and individual homes, and the increasing prevalence of data ‘mash-ups’ (cross-referencing of multiple databases) will require these issues to be thought about in a more sophisticated and nuanced way.[From Watching the connectives | A lawyer’s insight into telecoms and technology]
So I should be able to make friends with my electricity meter and under some circumstances I might need to be friends with my father’s electricity meter but I don’t want burglars and ne’erdowells to be friends with it. It seems to me that we already sort of know how to do this sort of thing: we understand public / private key pairs, tamper-resistant stores for private keys, certificates, selective disclosure and everything else. But we’re going to end up using Facebook Connect, because it’s all too complicated for the marketing people to understand and we haven’t yet found a way of explaining it to them.
These are personal opinions and should not be misunderstood as representing the opinions of
Consult Hyperion or any of its clients or suppliers