University at the festivals

Science Festival Interview with Paul Patras

Paul Patras, Lecturer in the School of Informatics, gives insight into the privacy risks posed by internet connected wearable devices when he presents the BCS Sidney Michaelson Memorial Lecture, Wearables That Snitch on Us.

Paul Patras

Please can you give us a glimpse of what the audience at your talk can expect to learn?

The audience should expect to gain understanding of how third parties may be able to track and potentially learn personal details about owners of digital gadgets that communicate wirelessly. This includes devices such as fitness bands, smart watches, and smart glasses, which are becoming increasingly popular. I will discuss open-source software that can be used to discover wearables present at a given location, as well as attempt to intercept data these transmit. We will also explore practices users can follow to reduce the risk of privacy leaks and some technical measures vendors could take to boost user confidence in wearable technology.

Why is now a good time to be talking about security and privacy in connected devices?

The cost of networked devices has dropped sharply over the recent years and industry anticipates billions will be shipped over the next decade. Wireless devices are already becoming pervasive around us and we are relying increasingly more on digital technology to improve our efficiency and quality of life, whether at work, at home, or while travelling. Despite the growing popularity of personal devices, the technology is still young and often vulnerable. This is confirmed by the frequent security and privacy weaknesses and their consequences reported in the media. Such reports raise legitimate concerns about the trustworthiness of emerging Internet of Things devices. In my view, the potential and societal impact of these devices can only be fulfilled when users not only recognise their utility, but also feel confident that they cannot be exploited for malicious purposes.

Can you give an example of one simple change people might make in order to use these devices more securely?

One simple thing people should do is to try to understand the potential risks they may be exposed to when accepting the terms of use associated with the connection to Wi-Fi networks deployed in public spaces, cafés, or hotels. I am certainly not suggesting that the majority of Wi-Fi hotspots may be malicious and should be avoided. However, there may be instances where users could be required to install a trusted digital certificate, which if accepted would allow the owner of the wireless router to intercept user traffic and extract potentially sensitive personal information. Understanding this risk can help making informed decisions about the implications of using such wireless infrastructure. 

What do you see as the main challenges in the development of secure wearable devices, as public demand for these items grows?

There are several challenges facing the development of secure devices. Performing strong data encryption on tiny gadgets with limited computing capabilities is one of them. Overcoming the shortage of skilled developers and engineers that have good understanding of embedded systems, programming, and security is another. Nonetheless, at the price of delaying the launch of new products, I believe security should be a key element of new system designs, rather than an afterthought. Since we also talk about a growing demand while our planet has limited resources, it is important that policy makers oversee the sustainable development of new devices.

What do you get out of engaging with the public at events such as the Science Festival?

I get to reach out to a broad audience, talk about my research in less technical terms outside the academic community, and hopefully inspire the next generation of young innovators in science and technology. I look forward to the Science Festival!

Wearables That Snitch On Us is at 8pm on Monday 3rd April at Summerhall.  Buy tickets here.