foe romeo: Identities for things Archives

20 February 2005

Uncanny toys

When I first came to understand RFID, at the Digital ID World conference in 2003, I became excited about how it could be used to create things that tell you stories. I was mostly thinking about books and other items that people collect, and some way of communicating the lifecycle, or social life, of those collectables. What I didn't think about at all, and certainly wouldn't have expected to see so soon, was RFID's use in mass-market toys. WorldChanging reports on two new toys that bring the uncanny world of animate toys closer:

Naoru-kun, a new doll by Bandai... speaks 150 phrases and responds when it's shaken hands, hugged, petted, etc. But when Naoru-kun gets sick, kids have to use one of the items including "syringe," "candy" and "medicine." The doll reads RFID tags embedded in these items and responds accordingly.
Little Tikes has a series of toy kitchens full of interactive technology. The MagiCook Kitchen, for example, comes with pretend food embedded with electronic tags that can be read by sensors on the stovetop which then respond with the appropriate comment.

Freud taught us that "children do not distinguish at all sharply between living and inanimate objects" and that "children have no fear of their dolls coming to life, they may even desire it", so seemingly animate toys make a lot of sense. Do you think they're more likely to be broken by children following that "first metaphysical stirring" described by Charles Baudelaire in The Philosophy of Toys:

The child twists and turns his toy, he scratches it, shakes it, bangs it against the wall, throws it on the ground. From time to time, he forces it to resume its mechanical motions, sometimes backwards. Its marvellous life comes to a stop. The child... finally prises it open... But where is its soul?

textually.org on StuffBak: uniquely numbered labels for portable items that could get lost

Bruce Sterling on 'spime', in Wired magazine

Adaptive Path: User Expectations in a World of Smart Devices

Posted at 03:25 PM in Children and teens, Collecting, Identities for things, Mimicry, Toys | Permalink | Comments (1) | TrackBack

20 March 2004

New animism

Mike Kuniavsky has written a wonderful essay on user expectations in a world of smart devices (via Usability News):

When we don’t have a good functional model to explain how things work, we anthropomorphize them. And when enough things around us recognize us, remember us, and react to our presence I suspect we’ll start to anthropomorphize all objects.
In other words, because we have no other way to explain how things work, we will see the world as animist. Animism is, in its broadest definition, the belief that all objects have will, intelligence, and memory and that they interact with and affect our lives in a deliberate, intelligent, and (in a sense) conscious way. When this happens, we’ll stop expecting our tools to be mechanical and predictable and will begin to expect more complex, intuitive capabilities from all of them, even the dumb ones.

I love the new design questions Mike identifies, e.g. 'Under what circumstances do people trust or mistrust objects?' and 'What kinds of communication between objects are appropriate, acceptable, or desired?'.

Posted at 01:42 PM in Identities for things | Permalink | Comments (0) | TrackBack

03 January 2004

Why people hoard things

The New York Times article, So Much Clutter, So Little Room: Examining the Roots of Hoarding (found via boingboing), offers an account of the motivations behind hoarding. Apparently hoarders tend to be "unusually intelligent" and see more connections between things, so value them more.

It also suggests that they attach emotional significance to a wider variety of things. And that for some, it is all about preserving their identity; they believe that what comes into their ownership becomes a part of them, so if they throw too much away they'll lose themselves. Finally, throwing something away can make hoarders feel unsafe because their clutter offers a sense of home, or nesting.

See also: The Social Psychology of Objects

Posted at 10:15 AM in Collecting, Identities for things | Permalink | Comments (3) | TrackBack

16 December 2003

Google and the nature of things

According to CNET, Google has also tweaked the way it displays search results for specific products. When I search for the Garmin Geko 301, for instance, listings from Froogle will display above Google's regular search results. This isn't crude, though: if you search for a generic product category (e.g. GPS device), a brand (e.g. Garmin) or even a product group (e.g. Geko) it doesn't deliver the Froogle results. If, however, you're searching very specifically (e.g. for Garmin Geko 301), it does.

This is good.

Google understands that sometimes you want to find a specific product to buy; that other times you want to find the parcel that's wending its way to you; and that occasionally you might want detailed information about a very specific patent. And if you already have its full name, or numerical ID, some search results should be considered 'primary'.

(Oh and no, Matt, you're not getting a Garmin Geko 301 for Christmas but wasn't it exciting - just for a moment - to think that you were?)

Posted at 12:17 PM in Identities for things | Permalink | Comments (3) | TrackBack

12 December 2003

Google by ID

Google has introduced a search by number facility:

Parcel tracking IDs, patents and other specialised numbers can be entered into Google's search box for quick access to information about them. For example, typing "fedex" followed by a space and a FedEx tracking number will return the latest information on your package.

(Found via the Google Weblog)

Google's also taking suggestions for other number-based quick searches. ISBN would be top of my list for now.

See also: my earlier post on the social life of objects

Posted at 12:40 PM in Identities for things | Permalink | Comments (0) | TrackBack

20 November 2003

'Stop RFID'

TechWeb reports that many consumer, privacy and civil liberties groups - including the EFF and Privacy International - have endorsed a position statement on the development and use of RFID.

In this position statement, they identify the following threats to privacy and civil liberties:

Hidden placement of tags

The creation of a global item registration system in which every physical object is identified and linked to its purchaser or owner at the point of sale or transfer

Massive data aggregation, which could be linked with personal identifying data

Hidden readers

Individual tracking and profiling, without transparency or consent

And recommend the following minimum guidelines:

Openness, or transparency... Labeling must be clearly displayed and easily understood.

RFID users must give notice of the purposes for which tags and readers are used.

The collection of information should be limited to that which is necessary for the purpose at hand.

Accountability. RFID users should be legally responsible for complying with the principles.

There must be security and integrity in transmission, databases, and system access. These should be verified by outside, third-party, publicly disclosed assessment.

Finally, they suggest the prohibition of these practices:

Merchants must be prohibited from forcing or coercing customers into accepting live or dormant RFID tags in the products they buy.

There should be no prohibition on individuals to detect RFID tags and readers and disable tags on items in their possession.

RFID must not be used to track individuals absent informed and written consent of the data subject.

RFID should never be employed in a fashion to eliminate or reduce anonymity. For instance, RFID should not be incorporated into currency.

Found via RFID Privacy Happenings

Posted at 01:59 PM in Identities for things | Permalink | Comments (0) | TrackBack

09 November 2003

RFID privacy happenings

The MIT Media Lab and others have set up a blog and workshop (on 25 November 2003) to address the privacy implications of RFID and the 'digitally named world'. The papers already available are a good read.

Rakesh Kumar's Interaction of RFID Technology and Public Policy is a clear introduction to the technology, issues and ethics - and includes The RFID Bill of Rights (by Simson Grafinkel, of the MIT Auto-ID Center):

The right of the consumer to know what items possess RFID tags
The right to have tags removed or deactivated upon purchase of these items
The right of the consumer to access of the data associated with an RFID tag
The right to access of services without mandatory use of RFID tags
The right to know when, where and why the data in RFID tags is accessed

RFID Privacy Using User-Controllable Uniqueness (by Sozo Inoue and Hiroto Yasuura) explores 2 methods for handing control of the IDs over to end users.

For more on RFID, see:

RFID Journal

Future Now

Posted at 11:37 PM in Identities for things | Permalink | Comments (2) | TrackBack

26 October 2003

DIDW: A physical key

The Sandström family from Espoo, Finland, found their neighbour smiling from their TV because they'd failed to change the default password on their receiver.

Devices are network endpoints too, so must have identities of their own. Nico Popp (from VeriSign), speaking at Digital ID World, suggested that a range of credentials - and perhaps combined credentials - is required. He also argued that it makes sense to embed existing authentication methods in devices (e.g. smart card technology or USB in mobile devices) and combine management of access to networks with access to the physical world.

And what he proposed was not just an authentication device but a device with file encryption and signature capabilities, a personal data vault (Flash RAM), and physical access (RFID) as well.

My notes from his DIDW talk follow...

Nico Popp, A Physical key for a digital world

Identity theft:

Threat network effect

Aim is to reduce risk to physical theft (second factor)

Federated networks:

Strong SSO

Strong identity to address (third party) ‘trust’ issues - dependency, liability

Proliferation of devices (and rogue devices):

Not just people; devices are network endpoints too

Wi-Fis compound problem (no perimeter security)

Must give identity - and therefore access rules - to a device

What defines the strength of an identity?

Strong verification

Strong credentials

Identity service provider security policies and best practices

Identity provider reputation (audit and compliance)

Expensive to create, so economies of scale.

Universal strong authentication:

Increasing network interaction requires stronger authentication. Blurring of public and private networks, all converging to IP (wired & wireless)

Proliferation of devices

People and devices

Cheaper, better, everywhere (no more static passwords)

Must support range of credentials, and perhaps combined credentials.

Embed existing authentication in devices (e.g. smart card technology or USB in mobile devices).

Offline and online (from web SSO to passport visas) - combine management of access to networks with access to physical world.

Propagating strong credentials requires industry collaboration (between chip & device manufacturers; platform vendors e.g. .NET; applications; integrators and customers).

Goals: ubiquity, interoperability, accessibility

Open technical blueprint:

Starting with a device. Flexible security device with combined authentication methods (OTP, PKI, SIM)

Common protocols framework. Network access apps, business apps and software platforms (authentication protocols: EAP and WS protocols)

Unified validation and provisioning architecture – legacy integration (e.g. LDAP), unification, federation

Key concept 1: All-in-one devices

Multi-mode/multi-function devices (OTP-PKI-SIM mobile devices, smart cards and tokens)

Unplugged mode (one time password)

Plugged mode (USB or else)

Versatility use-case WIFI roaming (SIM), VPN (certificates)

Not just an authentication device – file encryption and signature capabilities, personal data vault (Flash RAM), physical access (RFID)

Key concept 2: 802.1X Everywhere

One architecture for both wireless and wired networks

One strong credential for every device (desktop, servers, printers)

One 802.1X client on every device

One protocol (EAP-TLS because certificate is ‘natural’ device credential)
Access rule for identity and device combination.

Key concept 3: Built-in and activated on-demand

Device-embedded credentials and clients (at time of manufacture)

Universal strong authentication in the context of federated identity
Assume identity assertion interoperability gets solved

Liberty/WS-federation standard convergence

Technical bridges
Trust remains key issue. Identity federation created dependency and liability issues. These issues drive the need for strong identities that can be shared.

Steps from identity management to federated identity management
1. Directory and identity management
2. Strong identity – stronger credentials
3. Best practices – security, ops and privacy best practices
4. Certification, compliance, audit and identity security services

Posted at 12:45 PM in Identities for things | Permalink | Comments (0) | TrackBack

17 October 2003

DIDW: The social life of objects

I find RFID infinitely interesting and exciting (and am considered something of a freak by my more privacy-concerned colleagues), so I enjoyed Mark Roberti’s RFID: Platform for change. All of his examples were situated in manufacturing and retail and the military, though, and what really interests me is how RFID might attach history and bring sociability to objects – particularly books (or other artefacts that are collected).

Books already come with an ISBN number - e.g. "0-43-253422-0" - which is a unique machine-readable ID. It references information about the cover art, title, author, and category. But this number only identifies a specific product, not every physical instance of it.

This is where BookCrossing steps in to give us 'a simple way to share books with the world, and follow their paths forever more!'.

The "3 Rs" of BookCrossing:

Read a good book (you already know how to do that)
Register it here (along with your journal comments), get a unique BCID (BookCrossing ID number), and label the book
Release it for someone else to read (give it to a friend, leave it on a park bench, donate it to charity, "forget" it in a coffee shop, etc.), and get notified by email each time someone comes here and records journal entries for that book. And if you make Release Notes on the book, others can Go Hunting for it and try to find it!

This is a lovely application of identities for things but not as automated or rich as it could be... with an injection of RFID. I'm very keen on the idea of user-initiated RFIDs for objects with emotional investment (like books and vinyl LPs) that can be killed or blocked by a recipient if they value their privacy more than the game.

This is a really interesting, emotive 'supply chain'.

And while the RFID investment required by a Boots, which ships millions of lipsticks a year, is probably still prohibitive at $0.50 per tag, an individual with an abiding interest in natural history books or Motown vinyl or Australian stamps would likely be prepared to invest $0.50 in a cherished object’s future. Particularly if it allowed them to connect with future and past owners/collectors of that object, track its travels and recall forgotten details or annotations some time later. They are interested in the social life of objects.

Imagine a book that can say ‘I have been read by 36 people before you - in 3 cities (London, Sydney and Helsinki) - and all of them paused on page 132. I once spent 5 days in the lift at the British Library, just travelling up and down, after being released by a BookCrosser.’

Imagine a book that can tell its own story as well as the one contained within its pages.

:-)

AURA

Auto-ID Center