Get started Bring yourself up to speed with our introductory content.

CES 2018: The five words I heard most frequently

AI. Overwhelmed. Alexa. Autonomous. Robots.

As in the past few of my now 20 years of attending CES, the question I most hoped to avoid was “Did you see anything cool at the show?” I bristle at the query each year as it is an unfair question.

The question might have been appropriate when the story of CES could be characterized by the debut of the portable computer, HDTV or the flat screen TV. To ask what technology I “saw” at the event reveals misunderstanding that technology today is really more about what cannot be seen — AI, cloud, data analytics — than devices. And, I must say, everything there is cool — from GPS collars for pets to the smart bed, which senses your heart rate, breathing rate and movement and adjusts its firmness accordingly.

This year I felt like I “saw” less of the show than ever, so I listened carefully to comments to gain an essence of the show. What did I hear?

AI. Artificial intelligence, or at least the early implementations of it, was, by far, the most talked about topic. At my company, People Power, we talk about it regularly as the big differentiator that will transform the clutter of smart devices at home into seamless, personalized, intelligent systems that will elegantly and quietly improve security, convenience and economy at home. It seems that most of the industry either understands the transformative potential of AI, or understands that the term better appear in their marketing literature, else their offerings be perceived as “simple technology.”

Overwhelmed. This is a feeling I get every year, and I heard enough people agree. It’s not just the endless sprawl of the show that is overwhelming, but the extent by which microchips and radio waves have penetrated almost every single object and occupation of life. To perceive the current state of technology by attending CES is akin to understanding the depth and breadth of the seven seas by weekending at the beach. One can no longer get their head around technology, and to say that it has permeated “everything” is no exaggeration.

Alexa. Amazon’s voice technology, for the third straight year, is perhaps the most revolutionizing force in the tech world. In three short years, the monolithic towers have transformed to elegant home art items, fueled by respectable competition from Google Home. Now the technology is embedded in cars, thermostats and appliances. With Google Home pushing, the two are accelerating widespread adoption into nearly 25% of internet-connected homes. Apple’s delay in this space may have cost it the opportunity, as these two competitors have driven voice interface technology past the chasm. People Power and many other smart home systems are benefitting from hands-free control.

Autonomous. Few tech power houses have not already made massive investments in autonomous driving technology. Sony, for so many years the king of entertainment devices, dedicated much of its city-block-sized exhibit to demonstrating line-of-sight intelligence required for safe autonomous navigation. Given that some tech giants, such as Intel and Microsoft, suffered greatly by failing to capitalize on the tectonic shift to mobile at the turn of the century, many unlikely players are racing to claim a large stake in autonomous transportation.

Robots. Much of the chatter was about the many offerings of free-standing, human-impersonating robots. While these devices are so far from being replacements for humans or pets, their functionality is impressive. The lack of incremental improvements in these devices from 2017 CES offerings, however, is a reminder of how complex and difficult it is to create versatile, flexible and reliable robotics. Never before, however, have so many companies offered a concept of how robots will, at some point, master certain functions from cleaning floors to surveying secure premises to simply offering companionship.

A final impression of CES is that the pervasiveness of technology, with truly amazing functionality and very low prices, has far outstripped demand cases for electronic products in every part of our lives. We have now entered a time where smart devices that we never thought required intelligence will surround us everywhere we go, at prices that we cannot refuse to try. 2018 will be a very interesting year in consumer electronics.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

First, I did NOT exploit the site. I identified vulnerabilities.

While some may have overblown the security concerns, I believe my concerns are valid. I have not identified just a single security issue, but many issues. On their own, each of these issues may seem benign; but the large number and nature of the issues suggest the people who built the site did not seriously consider security implications of their design and implementation decisions.

The password reset issue that was fixed was only part of the problem. Given people's names and email addresses, the system allowed automated collection of data by returning the following (all connected to a single person) without an authentication: usernames, password reset codes, and security questions. While this didn't permit direct access to accounts, it unnecessarily makes the work of attackers too easy. None of the steps that permitted this should be possible without any form of authentication.

I've also observed many other issues with security implications, including:
1) For many weeks, the email verification system was useless at fulfilling its purpose. People could create and activate accounts without access to a valid email address.
2) The site returns Java stack traces to the browser on error. This has potential to reveal information on the internals of the system that could be exploited.
3) Under error conditions, I've seen the system send data over the internet without encryption.
4) Usernames and password reset codes are transmitted together over unencrypted email.
5) Password reset codes don't change. Once compromised, one will stay compromised.
6) Users are not notified of changes to their email address. (Notifications go to the new and not the old address.)
7) Usernames and password reset codes and answers to questionnaires were sent to 3rd party analytics companies.
8) Everything a user has entered to validate their identify and to apply for insurance is returned to the browser at login. This includes social security numbers and dates of birth and addresses and family relationships. Although I've not yet been able to complete an application, there are fields in the data that suggest is also contains income and criminal history and income and disability and other personal information. This is much more information than is typically available about people in online public forums. While this data is only returned to an authenticated user, it increases the potential harm (and value to identity thieves) in the case that an account is compromised.

Given that there are so many obvious mistakes that should have been prevented or caught in testing, I am concerned about what vulnerabilities exist that I do not see with my passive security testing -- vulnerabilities that may be found and exploited by those not bound by ethics and the law.