|
|
Log in / Subscribe / Register

The Internet of scary things

The Internet of scary things

Posted Feb 2, 2017 11:49 UTC (Thu) by NAR (subscriber, #1313)
Parent article: The Internet of scary things

I never understood the problem with the Gimp name, but that Fing project definitely needs a name change.

Anyway, I do think this is a space where some regulation should be used. I mean electrical devices are (or supposed to be) checked for correct shielding, etc. before they go to the shelfs. Every year there are news that some kind of gadgetry (usually Christmas lights) is banned from shops because it is not safe. These checks should be extended to include basic security tests (default passwords, open ports, etc.) and the bad devices should be banned, manufacturers or importers fined, etc. It's hard to do with stuff privately imported from China, but would still keep the worst offenders out of supermarkets, where the most clueless could buy them.

to post comments

The Internet of scary things

Posted Feb 2, 2017 17:48 UTC (Thu) by felixfix (subscriber, #242) [Link] (15 responses)

It's laughable to think that any bureaucracy can keep up with changes in this field, let alone a bloated government one subject to the whims of vote-hungry politicians and political appointees more interested in covering up and postponing discovery to their successors. The US Veterans Administration has had years to eliminate internal fraud on eligibility and wait times; to trust any new bureaucracy in something far more complicated and new-fangled is a pipe dream.

The Internet of scary things

Posted Feb 2, 2017 17:57 UTC (Thu) by Cyberax (✭ supporter ✭, #52523) [Link] (13 responses)

FDA does a good job keeping dangerous drugs off the market. FAA does a pretty good job making sure planes do not collide in mid-air. Try to operate an unlicensed radio station and you'll get a visit from FCC guys pretty soon.

Thinking that government can't do _anything_ right is stupidity.

The Internet of scary things

Posted Feb 2, 2017 19:10 UTC (Thu) by felixfix (subscriber, #242) [Link] (12 responses)

The FDA is an excellent example, I'm glad you brought that up. There are quite a few drugs which were approved in the EU, but the FDA took so long to approve them for the US that thousands of people died who probably would have lived if they had been able to use the EU-approved drugs.

Just because a dim-witted bureaucracy follows rules and eventually ends up correct does not make it a sterling example for other areas. The IoT is a particularly poor fit for such slow processing; if an FDA for computers (FCA?) had been around, we'd be 10-20 years behind where we are now, waiting for it to approve IPV6 probably, and adding who knows what bureaucratic claptrap to the spec just because they wanted to mark their territory.

It's been 36 years since the first F-22 requirements. Its electronics have been redesigned 3 times, I think, because the hardware industry kept advancing so much that they could no longer make the existing hardware design. And now that the hardware is stable, the software is still incomplete. Is that really the model to follow for the IoT?

The Internet of scary things

Posted Feb 2, 2017 19:18 UTC (Thu) by Cyberax (✭ supporter ✭, #52523) [Link] (1 responses)

> There are quite a few drugs which were approved in the EU, but the FDA took so long to approve them for the US that thousands of people died who probably would have lived if they had been able to use the EU-approved drugs.
FDA uses weighted approach on drugs and if it's a lifesaving drug for unmet needs then it's approved quickly, especially if it's approved in Europe. And can you provide examples of such drugs, by name?

> if an FDA for computers (FCA?) had been around, we'd be 10-20 years behind where we are now, waiting for it to approve IPV6 probably, and adding who knows what bureaucratic claptrap to the spec just because they wanted to mark their territory.
If an FDA for software existed, our IPv4 would have never existed and we'd have skipped straight to IPv6 (probably called differently).

The Internet of scary things (IPv6)

Posted Feb 3, 2017 1:27 UTC (Fri) by faramir (subscriber, #2327) [Link]

Just a quick comment about scanning for vulnerable devices. It's really only
easy when you scan IPv4 space. IPv6 is much bigger. It might be security through
obscurity, but setting up your IO(S)T devices so they only communicate over IPv6 might not be such a bad idea. If they actually work on IPv6, that might also be some indication that the vendor had some clue as well.

The Internet of scary things

Posted Feb 3, 2017 15:18 UTC (Fri) by anselm (subscriber, #2796) [Link] (3 responses)

There are quite a few drugs which were approved in the EU, but the FDA took so long to approve them for the US that thousands of people died who probably would have lived if they had been able to use the EU-approved drugs.

In the 1960s, the FDA held off approving thalidomide (a drug used to counter, among other things, morning sickness in pregnant women) in the USA although the drug had been licensed and marketed in many other places including Germany, the UK, and Canada. The pharmacologist in charge, Frances Oldham Kelsey M.D., resisting considerable pressure from the pharmaceutic industry, said that thalidomide had been insufficently studied – which was appropriate given that it turned out that for many of the women taking it, the drug caused their children to be born with malformed limbs or other organ deformations. The FDA's non-approval of thalidomide, in spite of its being approved for and marketed to pregnant women elsewhere, very probably prevented thousands of similar cases occurring in the USA. So, sometimes, taking longer is actually a Good Thing.

The Internet of scary things

Posted Feb 9, 2017 9:59 UTC (Thu) by Wol (subscriber, #4433) [Link] (2 responses)

Note also, rather importantly, that the thalidomide *as* *tested* for safety, was *NOT* the thalidomide as sold in the market. The test thalidomide was made in small batches and was pretty much pure L-Thalidomide - WHICH IS SAFE.

Unfortunately, when they scaled up to production the new process produced racemic (equal quantities of L and R) thalidomide, and it was R-Thalidomide that did the damage.

One of those things unfortunately, an "unknown unknown" which should have been caught but nobody thought of it.

Cheers,
Wol

The Internet of scary things

Posted Feb 9, 2017 17:13 UTC (Thu) by sfeam (subscriber, #2841) [Link] (1 responses)

That turns out not to be the case, although it was bruited about as a rationalization for many years. There are two stereomeric states of thalidomide that can be separated in the laboratory, but they interconvert in vivo. So the biological effect of both forms come out the same. The underlying point remains the same - speeding up the approval process has risks as well as rewards.

The Internet of scary things

Posted Feb 11, 2017 19:59 UTC (Sat) by ssokolow (guest, #94568) [Link]

Here's a citation for that, in case anyone is interested:

Thalidomide. The role of water in the mechanism of its aqueous racemisation.
0000-0002-8635-8390
http://www.ch.imperial.ac.uk/rzepa/blog/?p=8246

The Internet of scary things

Posted Feb 10, 2017 1:49 UTC (Fri) by geek (guest, #45074) [Link]

so your better proposal is what?

The Internet of scary things

Posted Feb 11, 2017 20:16 UTC (Sat) by ssokolow (guest, #94568) [Link] (4 responses)

Unfortunately, it *was* effective. These days, it's become pretty corrupt.

https://www.youtube.com/watch?v=Nr8IthJVx4g
Big Banks and Big Pharma Just Scored A Huge Payday From The Dysfunctional FDA
Published on Sep 23, 2016

The Internet of scary things

Posted Feb 11, 2017 20:40 UTC (Sat) by Cyberax (✭ supporter ✭, #52523) [Link] (3 responses)

FDA is effective. In this video they're talking here about Sarepta - the FIRST drug for muscular dystrophy (a genetic disease). It has passed toxicity tests and indicated some efficacy in preliminary tests.

And you can't really have it both ways - in this case FDA decided to approve a drug that might not be effective but it also might be helpful for some patients that have NO ways to treat their disease. If FDA denied their approval I'm pretty sure the same RT would have launched an article: "FDA is KILLING people by refusing to approve a LIFESAVING drug!111!!!"

If this drug turns out to be ineffective or dangerous, FDA can withdraw their approval (see: Vioxx).

FDA sure has warts - priority review vouchers is the most prominent one. Or companies that perform "trials" for well-known off-label use of existing drugs and get monopoly on them. Fixing them will take an act of Congress, though.

The Internet of scary things

Posted Feb 12, 2017 1:22 UTC (Sun) by ssokolow (guest, #94568) [Link]

Please don't try to point fingers at the RT logo on that video. The only reason I chose that particular source is because it condensed the most solid points into the least amount of time.

I could just as easily have chosen any of a bunch of other sources.

The Internet of scary things

Posted Feb 12, 2017 1:24 UTC (Sun) by ssokolow (guest, #94568) [Link] (1 responses)

Oh, and you never addressed the part about how the decision was made by focusing on the drug company's studies and ignoring conflicting results from other studies, nor the resignation in disgust as a result.

The Internet of scary things

Posted Feb 12, 2017 2:37 UTC (Sun) by Cyberax (✭ supporter ✭, #52523) [Link]

Again, FDA balances several conflicting concerns. This is a case of a drug for a disease that does NOT have any effective cures available and toxicity studies have shown no significant ill effects. Had it been a new painkiller or blood thinner you can bet they would have kicked approval application all the way to Greenland.

And are you saying that FDA is corrupt because it approves drugs? Really? Do you know that 90% of drug candidates fail the FDA-mandated trials? About 70% fail the Phase II trial and 50% of drugs fail the Phase III trials: http://www.appliedclinicaltrialsonline.com/phase-iii-tria...

Does that look like an agency that is at beck and call of pharma companies?

I recommend reading blogs of actual pharma scientists ( http://blogs.sciencemag.org/pipeline/archives/2017/01/23/... is a good place to start) to at least start to appreciate what FDA does.

The Internet of scary things

Posted Feb 3, 2017 9:39 UTC (Fri) by nim-nim (subscriber, #34454) [Link]

It is pretty easy to set up and mission a competent bureaucracy that checks products sanity. You only need to give it genuine general goals (that are stable over time) and not technical specifics (that are quickly obsoleted). And of course fund the result.

Of course politicians and lobbies passionately hate this kind of regulation setup. It strips them of the power of doing backroom deals that authorise the reverse of what they publicly claim, by playing on technicalities the general public has no patience to check.

The Internet of scary things

Posted Feb 2, 2017 18:20 UTC (Thu) by farnz (subscriber, #17727) [Link]

In the UK, at least, we should be able to apply the existing legislation on satisfactory quality by having the courts agree that an insecure IoT device is also not safe. That's enough to permit the buyer to reclaim all losses that they incur as a direct result of the device being insecure from the vendor (e.g. a supermarket).

If this right was widely used against vendors of IoT devices in the UK, shops would not stock devices unless they were confident that those losses would not happen.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds