The KIT ─ Knowledge & Information Technology
No. 126 - 15 Aug 2014
Was this forwarded to you?
In This Issue
Clarification on IIC
Surprise: IoT Devices Are Not Secure
Big Data: Google's Mesa
Computing on Encrypted Data for Cloud Security
Seen Recently
CB photo

Consulting Services
  • IT Strategy
  • Enterprise Architecture Roadmap 
  • Business Process Modeling & Analysis 
  • Enterprise Software Selection 
  • IT Innovation Briefings
  • IT Due Diligence
  • Executive IT Seminars
  • Cloud Computing
  • Security Maturity
  • Software Process 
  • Knowledge Strategy
  • Technical Communities
  • Knowledge Capture
  • Taxonomy development 
  • Enterprise Social Media 
Contact Us:
c�b� IT and Knowledge Management

+1 281 460 3595
Twitter: @cbaudoin 
Forward this newsletter to colleagues and friends: use the "forward email" link below at left, rather than "Forward" in your email software, to preserve your privacy, give the recipient more options (their own unsubscribe link, etc.) and to give us better click-through data from ConstantContact. Thanks!
Clarification on Industrial Internet Consortium
In the last issue, we decried the proliferation of organizations working on standards for the Internet of Things. The chairman of the Industrial Internet Consortium (IIC) asked us to clarify that his organization is not about creating standards. We're happy to set the record straight and quote the organization's Web site, which defines the IIC as "... the not-for-profit organization that catalyzes, coordinates, and manages the collaborative efforts of industry, academia, and the government to accelerate growth of the Industrial Internet. IIC members represent a broad range of leading companies and entrepreneurs who are working side by side to set the direction and enable the development and rollout of the Industrial Internet."
Surprise: IoT Devices Are Not Secure
You may be able to say you read it here first (starting with Issue 114), but now some big names support our warning: most "Internet of Things" devices suffer from basic security vulnerabilities. What's new is that this is the result of an in-depth technical study by a research team at HP, cited by Michael Kassner in TechRepublic.

We applaud the warnings, but we will only be reassured when the efforts to authenticate devices and servers to each other, and encrypt the traffic, become as intense as the efforts to provide connectivity and cute mobile apps to open your garage door or set your thermostat.
If It's August, It Must Be SIGGRAPH Time
At the annual conference of the ACM's Graphics SIG, held in Vancouver, Universit� de Montr�al researchers presented a new system, Hyve-3D, that enables "3D collaborative sketching."

In other SIGGRAPH news, Nick Brazzi reports that a number of demos were based on the Oculus Rift virtual-reality headset. While the Oculus market is primarily computer games, there are clearly potential business applications in fields as diverse as telesurgery, defense, architectural design, and petroleum exploration.
Big Data Tools: Google's Latest Lab Work
SAP had its HANA appliance for large in-memory databases, Google now has a big data architecture, named Mesa, that incorporates several other technologies to manage and process multiple petabytes. This IDG News article describes the project (warning: risk of acronym overload).

The article cites a database consultant who cautions that Mesa may not have much of a commercial future. We agree, but not for the reason mentioned in the article, which is that too few companies require the kind of performance that Mesa provides. That argument reminds us of the famous (but unverified) 1943 prediction by IBM's T.J. Watson that the world had a need for about 5 computers. Instead, the main reason may be Google's habit of trying things out, even releasing them as "beta" services, and then pulling the plug (remember Buzz, Wave, and the just deprecated tilde sign in Google searches?)
Unimpressive Summary of the Month
"The Frontier project will develop mechanisms to help make the cloud as secure as possible." Does that make you comfortable? Right. This is the oddly-phrased summary, in the Aug. 8 edition of ACM TechNews, of a project to tackle a small but real issue with cloud security. We talk about securing "data at rest" and "data in motion" through encryption, but what happens when the data needs to be decrypted in order to be processed, and before the results are encrypted again? Fortunately, this Northeastern University article on Frontier is better written and explains how the researchers hope to be able to transform programs in order to process encrypted data directly.
Seen Recently...

"#computerworld: moving servers from your own data center to a colo is not 'cloud computing'."

-- Bernard Golden, responding on Twitter to an InfoWorld article about
the State of Wyoming moving its servers to a "colocation center"
where "It will continue to manage its own physical servers."

Editor's pet peeve: in addition to the journalist being clueless about what the cloud really means, the word is really "collocation" with two Ls.