VDA 5050 is an open protocol devised by the German association of car manufacturers (Verband der Automobilindustrie), it is meant to become the common language that AGVs (autonomous guided vehicles) use to exchange information with a controller. To get an idea of what it looks like - imagine a fleet of robots moving pieces and materials from one spot to another on a factory floor. A controlling server sends instructions, telling each robot where to go, which checkpoints to drive through, what actions to perform and with what settings (e.g. "pick up this specific box and bring it over there, place it on the second shelf").
VDA 5050 uses MQTT to transmit JSON payloads to several purpose-specific topics. In the screenshot you can see several windows, each displaying the data arriving to these topics.
Un mic exercițiu de reverse-engineering - de unde preia datele aplicația iBus? Ofer aici un rezumat a pașilor întreprinși pentru a găsi răspuns la întrebarea dată. Explicația nu conține ilustrații sau instrucțiuni exacte, e superficială, dar suficient de detaliată ca un om care știe să „conecteze punctele” să poată replica pașii fără dificultate. Informația este oferită cu un scop exclusiv didactic, ce faci cu ea - e doar responsabilitatea ta.
Metoda prezentată aici nu este neapărat optimală, e doar calea pe care am parcurs-o, având la îndemână instrumentele pe care le aveam la moment.
Recent am contribuit la un proiect open source menit să ajute oamenii în timpul pandemiei COVID-19. Esența acestuia constă în "conectarea" persoanelor blocate în case (de exemplu vârstnicii, bolnavii), cu voluntari care sunt dispuși să aducă produse alimentare și medicamente.
Contribuția mea constituie un Telegram-bot care informează voluntarii despre misiunile pe care trebuie să le îndeplinească (cum Tom Cruise în "Collateral", avea un gadget care-i spunea ce are de făcut ;-). Poți face click pe imagine pentru e vedea acest bot în acțiune:
Fiind întrebat despre motivațiea mea de a participa în acest proces, am zis că îmi place să fac ceva care are impact pozitiv asupra societății, și că nu e prima oară când mă implic în astfel de inițiative. Versiunea completă a răspunsului este redată aici:
De data aceasta voi evalua aspectele de uzabilitate și securitate a mesajelor de tip ”extras de cont” care vin regulat pe email, de la Fincombank (FCB) și Victoriabank (VB). Scenariul evaluat este găsirea răspunsului la 2 întrebări: „câți bani am în cont?” și „ce tranzacții am efectuat luna aceasta?”.
Înainte de a porni la drum, trebuie să clarific un detaliu - un email poate fi interceptat în timpul transmiterii de la un server la altul. Există diverse nuanțe tehnice care trebuie luate în considerație, dar pentru a simplifica lucrurile: ceea ce expediezi sau primești prin email nu este confidențial.
Notă: acest articol este publicat într-o formă redactată.
Din data de 25 mai 2018 a intrat în vigoare GDPR (General Data Protection Regulation). Voi explica în termeni simpli, în baza unui exemplu, care sunt câteva din cerințele fundamentale, care trebuie satisfăcute pentru ca afirmația dată să fie justă. Ceea ce urmează, e bazat pe experiența mea de cercetare în domeniul usable privacy for IoT (Internet of Things) în cadrul proiectului Privacy&Us.
Înainte de a porni la drum, te atenționez că nu sunt un jurist. Povestirea mea e mai degrabă una inginerească, adresată programatorilor sau altor oameni care au tangențe cu elaborarea sistemelor software, care într-un mod sau altul "ating" date personale. În același timp, mă adresez și omului de rând, care vrea să fie informat despre ceea ce se întâmplă în societate. Pentru a verifica independent veridicitatea afirmațiilor mele, ești încurajat să consulți textul propriu-zis.
The novelty of the Internet of Things (IoT) as a trend has not
given society sufficient time to establish a clear view of what IoT is and
how it operates. As such, people are likely to be unaware of the privacy
implications, thus creating a gap between the belief of what a device does
and its actual behaviour. The responses collected in our online survey
indicate that participants tend to see IoT as computer-like devices, rather
than appliances, though there are some important misconceptions about
the way these devices function. We also find that privacy is a primary
concern when it comes to IoT adoption. Nevertheless, participants have
a propensity to keep using IoT devices even after they find out that the
device abuses their trust. Finally, we provide recommendations to IoT
vendors, to make their products more transparent in terms of privacy.
Let there be LITE: Design and Evaluation of a Label for IoT Transparency Enhancement
We present a “privacy facts” label, which aims at helping
non-experts understand how an Internet of Things (IoT)
device collects and handles data. We describe our design
methodology, and detail the results of our user study involv-
ing 31 participants, assessing the efficacy of the label. The
results suggest that the label was perceived positively by
the participants, and is a promising solution to help users in
making informed decisions.
Transcribing audio or video recordings is a very time-consuming task. Depending on your experience, a 15min interview could take 40min. Once upon a time I wanted to produce subtitles for one of my lectures - the first hour of the video took me around 3 hours to process. I gave up.
If you're lucky and the voices are clear, speech recognition could help - you can see this in action by trying out some videos on Youtube. However, if the transcription is a part of an anonymous user study, you cannot use Youtube or any other online tool, because you'll be sharing the data with a third-party service, thus violating the privacy of your participants!
The best way to handle it is to avoid the problem altogether, by not signing up for the job. However, if you have no choice, you can tweak your workflow and make the process less painful:
I leverage VLC's ability to adjust playback speed, reducing it to 0.75x or 0.5x, depending on the interviewee; this is adjusted by pressing [ or ] on the keyboard
I configure VLC's global hotkeys feature, it enables me to control playback without switching to VLC itself. The hotkeys you need are Play/pause, which I set to Ctrl+Alt+Space, and jump back/forward, which I set to Ctrl+Alt+z/x
Once you do this, you can type the text as you listen to the interview, pausing and resuming it without having to switch to the media player. If you miss an audio fragment, you can rewind or fast forward without getting out of the text editor. The reason I intentionally slow down the speech, is to make it more likely that I can type as I listen, in one pass (i.e. without having to rewind). If you leave the playback speed untouched, you'll catch yourself going back more often, thus spending more time overall.
I am currently evaluating a privacy label for IoT (Internet of Things) products, the process includes a user study that consists of a questionnaire (both sides of an A4 paper) and a follow-up interview (with audio recording).
Here are some notes for my future self, or anyone else who happens to deal with the same challenge. Note that this is not meant to be an exhaustive list - these are just some observations I made after reading other people's checklists and books about conducting such studies.
BEFORE YOU START: working with people is interesting and maybe you've always dreamed of running usability studies or other studies that bring you face to face with people, I get it. However, such studies will produce a lot of data, and the data will require a lot of time for analysis. Conversations will require transcripts, handwritten notes have to be digitized and kept in a spreadsheet. It takes a lot of effort to organize these materials and prettify them into a form that your software can digest. This process will not be fun, it will be boring and exhausting, you'll have to listen to some conversations over and over in order to figure out what it is that they're saying. At some point you'll regret that you wanted a user study and you'll wish you could go back and re-think your strategy.
Before you run this type of a study, make sure that you really need it and that there are no easier ways to achieve the same goal.
In my exploration of the realm of privacy, usability and the Internet of things, I shall take a moment to discuss mental models.
They are formed as a result of one's interaction with a system, they represent a person's belief about what is going on inside as they do so.
For practical purposes, you have to be familiar with these concepts (others will be revealed later):
system image - what the system does, de facto
user's mental model - what the user thinks the system does
conceptual model - what engineers want users to think about what the system does
When they are aligned - users are happy because the systems are predictable and people always get what they want.
An inaccurate user model causes friction - the system doesn't do what users want or it does it somewhat differently, another possibility is that the system works, but with some undesired effects.
Continuing the theme of privacy and behaviour, there is another experiment that may give us a few hints about our choices to share data excessively.
This time I am asking you to think about theft. Have you ever stolen anything? What was the last item someone stole from you?
Theft means different things to different people, and depending on the circumstances one can justify their actions to themselves in a way that doesn't make them look bad (at least not when they look in the mirror).
A series of experiments conducted by Daniel Ariely established that an average person is unlikely to take/steal dollar bills, but they are likelier to do that with non-monetary items such as office supplies. Here is a relevant quote:
"Ariely and his students went around and left six-packs of Coke in randomly selected dorm refrigerators all over campus. When he checked back in a few days, all of the Cokes were gone.
But when he later placed plates of six loose dollar bills in those same refrigerators, not a single bill was missing when he checked back."
