Wake Up Sleepy Head - The Internet of Things That Go Bump In the Night

This post takes us from the Quantified Self to the Quantified Driver, and the Internet of Things to the Botnet of Fridges. We've been hearing a lot about the Quantified Self movement, and how in years to come our gadgets (that other thing we hear a lot about - the Internet of Things) will be quietly collecting information about us to help us plan our routines, sleep, diets, exercise regimes, and so on. A landmark interview with Stephen Wolfram a couple of years ago put this onto a lot of people's agendas. This might sound like science fiction, but we can get a glimpse of that future right now if we know where to look, particularly around fitness tracking and what I suspect my Californian readers would describe as wellness monitoring. In this post I'll look at some of the tech which is out there now, including some surprisingly well established systems, and give you my own tale from the edge…

(Apologies to Charlie Stross for borrowing his meme for the title of this post!)

Passive vs Active Data Gathering

Gadgets in this space have already had some low key successes, like the Nike FuelBand, the Fitbit, the Moto Actv (see my blog post: Tiny Robots: Hacking the Google Smartwatch) and the Jawbone UP. It's quite inspiring to see just how much can be achieved with the combination of a few sensors and the phone/tablet tech you already carry around with you every day. Here's a nice marketing video from the Jawbone folk that will be quite eye opening if you weren't already into this stuff:

But the devil is in the detail, as always - gadgets like the Jawbone and the Fitbit don't know what the ingredients were in that artisanal sandwich you had for dinner, for example. If you want to track this sort of info then you will have to keep updating the app with the details of your meals by hand. It would be nice if upcoming gadgets like the HapiFork could do this, or the Beam or Kolibree smart toothbrushes could automatically detect cavities. Not yet. The OrCam promises a lot in this area (perhaps too much?) whilst being pitched principally as assistive technology.

Another impressive gadget that requires a bit less interaction is the Withings Smart Body Analyser. On the surface this is "just" a pair of connected weighing scales, but then you realise that it is automatically checking your heart rate, indoor air quality, calculating your Body Mass Index (easy if you know someone's height, admittedly), and even "knows" which member of the family just stepped on the scales...

Wake Up Sleepy Head

But this post is really about what happens when your journey into the realm of the quantified self is a bit more... involuntary. A couple of weeks ago I was diagnosed with sleep apnoea (or apnea for my American readers), which is when you briefly stop breathing during your sleep, typically due to your airway collapsing. This results in you not getting enough sleep, feeling run down and generally requiring industrial strength doses of food and drink to get you up and running in the morning – only to be followed by you nodding off on the sofa, during meetings, and so on. The symptoms can seem comical to a bystander, but the clue is in the collapsing part - if untreated, sleep apnoea is a major risk factor in heart attacks and strokes.

The usual treatment for sleep apnoea is a continuous positive airway pressure (CPAP) machine, which has a mask that fits over your nose or whole face while you sleep, and sucks air in to maintain target pressure and keep you breathing normally. I was fortunate that CPAP units are provided to apnoea sufferers at no cost through the NHS, although there are signs that this will all be changing as we move to a US style medical insurance regime in the coming years.

So it turns out that the ResMed CPAP machine I was issued with has a built in data logger, which writes to an SD card in the EDF+ standard format. Some enterprising coders have built a program called SleepyHead which reads this data in and provides some nice stats graphing of the events the machine records, and also shows you trends over time. At the top of this post is an example of my worst night’s stats, with 55 apnoea and hypopnea events. The flow rate graph shows these quite nicely as vertical bars:

And here’s an example of one of my best night’s stats, with just three events:

Trends (shown in the graph below) are probably the most interesting part of this, because you quickly start to think in terms of gaming the system to get the best possible score. In this case that means changing sleeping positions, pillows and so on in an effort to make the apnoea–hypopnoea index (AHI) figure as low as possible. My initial AHI on starting CPAP was 41, then with CPAP I have managed to get it well below 5, which is regarded as normal. Now that I am feeling more energised, time to shift a few more kilos and see if I can make the apnoea go away!

Help! My Fridge Just Joined a Botnet!

Now, it would be melodramatic to say that the ResMed machine was keeping me alive - although it does drastically reduce the risk of some rather serious medical conditions developing in the future. In particular, if the power to the machine fails, I will still be able to breathe, as face mask has an anti asphyxia valve. But what if correct working of that gadget really was a matter of life and death?

This is where I see a very sinister side to the Internet of Things. We have already seen instances of connected household appliances being compromised and turned into spam bots, and there are assertions that government agencies may have inserted backdoors into popular consumer hardware. What if our smart meters, connected thermostats and smart locks are all fair game, and medical hardware is (via Bluetooth, ANT, NFC, ZigBee, WiFi, ...) just a step away.

By way of a parting shot, something that had completely passed me by until the other day is that by law all modern cars have an On Board Diagnostics (OBD-II) connector, and that there is a thriving community of petrolheads ("Quantified Drivers") who use inexpensive wired and Bluetooth dongles plugged into their car's OBD-II socket to monitor their car, together with apps like Torque. Here's a great video from Internet startup Dash, which has developed an app that plugs this data into a much grander vision not far removed from those wellness trackers we saw earlier:

So far so good, but here's the sting in the tail - some of those OBD dongles remain active even when the car's ignition is switched off, keys are out, and the doors are locked. Hard-coded PINs and no-security models abound, and OBD access has been implicated in recent key cloning and car theft exploits. You should also note at this point, as Bruce Schneier observes, that the OBD offers a read-write interface...

Sleep well!

PS Budding quantified drivers may be interested in the Complete Guide to Hacking Your Vehicle Bus, and this Hackaday post on OBD-II Hacking using an Android Tablet.

Martin Hamilton

Martin Hamilton works for Jisc in London as their resident Futurist.