The Internet of Things

One of my friends makes an annual pilgrimage to Las Vegas for the Consumer Electronics Show, walks tens of miles of the convention floor aisles, and sends out a sometimes serious, sometimes tongue-in-cheek review of the overall theme.  This year he reports that it's "the internet of things."  The chip makers are producing the hardware to make it cheap to embed a processor, wifi, and IP stack; the consumer companies are racing to put the hardware into everything you can imagine (and some that I certainly didn't).

Interestingly, along with his e-mail announcing this year's report, I found an article from the BBC about a smart refrigerator that had been hacked and included in a spam-bot network [1].  I suspect that this is just the beginning of the problem.  As the article notes, security is probably not high on the list of features the consumer electronics firms are working on.  After all, security is hard, it's largely invisible (except when it's annoyingly visible), and who's going to buy their smart refrigerator based on how secure it is?  Like most consumer things that have become smart, it's going to be all about screen real estate and the size of the app store.

This is a subject that I thought about a lot in a previous career.  I have a patent for a software architecture that allowed smart devices (cable television set-top boxes specifically) to live behind a stout firewall and extend limited functionality to the Internet in a controlled manner.  Because even back then I was really afraid about the damage that could be done to the devices and that the devices could do if they were just attached transparently to the Internet.  Even with this sort of protection, having lots of relatively simple-minded devices running in my house was a scary thought.  Part of my job was finding ways to use little cracks in a firewall to implement gross security breaches.  It's amazing what you can do if you can get the right one piece of software to run on something behind the firewall.  Given enough devices behind my home's firewall, especially if some of those devices are portable and get attached to other networks occasionally, somebody is going to figure out a way to get that first piece of code in place.

On a lighter note, smarts are going to be embedded in things we wear as well.  I eagerly await reports of the first celebrity wardrobe malfunction that gets blamed on "somebody hacked the clothing."


[1] The use of a picture of a Samsung smart refrigerator should not be taken to indicate that the hacked refrigerator was a Samsung product, or that Samsung refrigerators' security is either better or worse than that of any other smart appliance.  It's just a convenient picture.