Is there any promise that the data coming out of your ass belongs to you alone? Or is it sold to other parties?I can find no terms of use or privacy policies on their website <https://kinsahealth.com>, but maybe I’m missing them.BTW, one reason I got a Withings scale, years ago, because they said the data it generated was mine alone, and that they didn’t ever see it. Also they said (as I recall) this was in compliance with French law, and since they were a French company…Now I get regular emailings reminding me of what I weigh and telling me what I should do about it. I’m not a happy camper about that.DocOn Mar 16, 2016, at 10:50 PM, Adrian Gropper <agropper@healthurl.com> wrote:My kind of IoT:and the article it came from:Adrian_______________________________________________On Tue, Mar 15, 2016 at 7:26 PM, Salvatore D'Agostino <sal@idmachines.com> wrote:Hi John,
Yes that seems to make sense. Funny I was just looking at the latest ones http://www.pcmag.com/article2/0,2817,2398080,00.asp and one of the features in the table are parental controls controls. Beware I am sure the link hits you with multiple cookies… ;-). I do think the mfgrs have a trust and culture hill to climb.
I mentioned the reverse proxy acting as web app/IoT application as a service in an email to Adrian.
Another approach would be to do something with something like Cisco IOS http://www.cisco.com/c/en/us/products/ios-nx-os-software/index.html
My experience is that you bring a big deal to the table and they might listen otherwise tough to get bandwidth (no pun intended but it does work ;-).
The combination of these things; little device, UMAaaS, OEM UMA is why I think the future is bright and eventually the pushme-pullyou will get it there.
Sincerely,
Sal
From: John Wunderlich [mailto:john@wunderlich.ca]
Sent: Tuesday, March 15, 2016 7:02 PM
To: Salvatore D'Agostino
Cc: wg-uma
Subject: Re: First IoT Project Builder
Sal;
What you suggest seems likely for early adopters and particylular use cases. In terms of mass user adoption following up on that I think the most likely vectors are as a feature IN the router, not a new box to be purchased, or a service provided by some one the consumer is dealing with like an ISP or email cloud service provider.
On Tuesday, 15 March 2016, Salvatore D'Agostino <sal@idmachines.com> wrote:Hi John,
So we have some thoughts about this. Current working premise would be to have the AS as a reverse proxy sitting in between you wireless router and ISP box and that the device might be a Pi akin to some of the example Adrian mentioned. Alternately someone could provide UMA as a service, again possibly as a reverse proxy much like some other web application security as a service do today. Not quite out there but again given the benefits and nature of some of the deployment progress I wouldn’t be surprised to see one pop up. It could also be part of other services.
Cheers,
Sal
From: John Wunderlich [mailto:john@wunderlich.ca]
Sent: Tuesday, March 15, 2016 3:19 PM
To: Salvatore D'Agostino
Cc: wg-uma
Subject: Re: [WG-UMA] First IoT Project Builder
Sal;
I was looking for a drop dead simple and easy way for a newb to build UMA and security into an IoT implementation. Especially for resource constrained devices that will be installed somewhere and forgotten about for their lifespan.
Sincerely,
John Wunderlich
@PrivacyCDN
Call: +1 (647) 669-4749
eMail: john@wunderlich.ca
On 14 March 2016 at 21:52, Salvatore D'Agostino <sal@idmachines.com> wrote:
Minor rant on link, IoT and Pi you can stop here is you like.
I don’t get the uniqueness here, you can put a full Linux distro on a Pi and do quite a lot, we certainly do.
We prototyped one some time ago doing physical access control based on UMA. Works very nicely actually. Access control server is the AS (could be a Pi), door controller is the RS (also a Linux distro but usually an ARM could be a Pi, but most mfgrs have to go through UL and other things so typically build their own or get and OEM modules such as http://www.mercury-security.com/ <- when it is up… ), enterprise is RO, client is person getting in the door with tokens on either smart card or smart phone. Need a few other sensors connected to the RS to make it work and typically a network connection between AS and RS but not necessarily as the UMA use case can support distributed authorization, that’s the cool thing.
Not trying to promote anything but just as an example of what we actually use Pi’s for (an appropriate discussion for 0311416) in terms of an initial offering it is focused at technical automation for IoT, our plans for UMA follow on from there. In case anyone is interested short description is we connect the Linux distro (in some cases a Pi) to real world physical security systems and provide quite a lot of information about the devices in much the same way that modern IT scanning tools do, the difference is that we provide a UI that can be used by an electrician at the push of a button and we have worked with manufacturers to make sure that their implementations actually adopt IT standards so the monitoring of the devices is efficient and fruitful. Its one of the tricky things with IoT to get standards properly implemented let alone securely. Managing the lifecycle of these devices and making sure they get installed properly is the value proposition. There is new story every day, e.g. http://www.theregister.co.uk/2016/03/14/cctv_insecurity_rife/?utm_source=dlvr.it&utm_medium=linkedin <- and fwiw we could do this exploit every day and have been showing it to vendors as part of our security practice for almost 10 years…
And don’t worry, there’s nothing on our web site (it’s ancient, not really about this, though it will shortly be upgraded) certainly nothing you could click that would track you.. ;-)
Cheers,
Sal
From: wg-uma-bounces@kantarainitiative.org [mailto:wg-uma-bounces@kantarainitiative.org] On Behalf Of John Wunderlich
Sent: Monday, March 14, 2016 3:54 PM
To: wg-uma
Subject: [WG-UMA] First IoT Project Builder
UMA on Raspberry Pi? Cool idea, but trying to sign up for this leads to data tracking hell. Can’t ‘register’ even though whitelisted in Ghostery and turn off uBlock origin. Who knows what kinda crap is going on in the backend. But if you’re curious, consider yourself warned:
Sincerely,
John Wunderlich
@PrivacyCDN
Call: +1 (647) 669-4749
eMail: john@wunderlich.ca
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
John WunderlichFat fingered from a mobile device
Pleez 4give spelling errurz!
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma
--Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma