It’s easy to make fun of the Internet of Things. “Throw away that dumb old toothbrush and use this smart one! What? Your trash can doesn’t have a microprocessor? Upgrade to the smart version and join the 21st century!”
Products like smart wine bottles and smart baby diapers may be ridiculed. But just like the dial-up Internet of the 90s, the ultimate destiny of the Internet of Things won’t hinge on its individual products. Chat rooms! Electronic greeting cards! “You’ve got mail!” Slowly and inevitably, the Internet as we know it grew from the cheesy promise of AOL and the “information superhighway” to the ubiquitous presence we now use so often we hardly remember to call it the Internet anymore. So too will the Internet of Things eventually mature beyond ridicule. But before it does, makers of “smart” products will have to address an objection more serious than mere laughter: security.
As computers find their way into more and more household objects, so do security risks. For example, Nest thermostats, some of the most popular and useful smart devices, have already been compromised with a micro USB cable. Earlier this year, a WIRED journalist experienced the terror of having his Jeep hacked and forcibly decelerated while he was on the highway. Even pacemakers, if they are “smart” enough, can now be hacked via Wi-Fi. If that doesn’t scare you, check your pulse: you may already be dead.
That’s the real difference between the Internet and the Internet of Things. Even as the Internet took over previously analog worlds like entertainment, banking and even dating, one could always escape the nefarious threat of “hackers” (with their hoodies and Guy Fawkes masks) by simply leaving the computer and picking up a good book (or, heaven forbid, going outside).
But as manufacturers gradually learn which smart devices consumers actually want (and which are merely a solution looking for a problem), the Internet of Things will grow and grow until we will no longer call it the Internet of Things. It will be simply, “Things”. Or just “the Internet”, because the distinction between the two will be blurred. As that happens, escaping digital security vulnerabilities will become much harder than simply going offline, because everything will be online. “Staying safe online” will gradually become hard to distinguish from just “staying safe”.
(And well it should! Side note: I have many well-meaning acquaintances who consider themselves “technologically illiterate,” and when I tell them I work in “digital security” you can practically see their eyelids droop in disinterest. For conversation’s sake, I’m often tempted to the drop the “digital” and just tell people I work in “security.” Pretty soon it won’t a stretch, though I still doubt I’ll get Liam Neeson to play me in any films.)
Contrary to what you might think so far, it’s not my intention to alarm. I believe the Internet of Things — or whatever society ends up calling it — will eventually do more good than harm. The benefit of sensing internal wear and tear in smart concrete bridges, analysing traffic patterns with smart satellite cameras and riding safely home in a driverless car will certainly outweigh whatever fears we had about the Internet of Things.
But that’s only if the manufacturers behind these innovations start taking security (and privacy) seriously. Just because you figured out how to slap a microprocessor on a lightbulb and control it with your smartphone doesn’t mean it’s ready for the consumer market. You have to consider what happens when an outsider cracks the system and accesses the user’s home Wi-Fi password, which is exactly what happened last year. Perhaps it’s a natural product of capitalism that start-ups are under pressure to get products to market and security concerns will fall by the wayside. Let’s hope that consumers are smart enough to demand security by design, not as an afterthought.
A survey this year by security firm TRUSTe revealed only 1 in 5 Americans felt that the benefits of smart devices outweigh their privacy concerns. That’s a good sign that consumers are going to be voting with their wallets and their heads when it comes to smart devices, and you can help. Next time you decide to spend your hard-earned money on an “intelligent” device, do a little research into how much the developers considered security, encrypted communication and privacy concerns when designing the product, even if it’s something as benign as a refrigerator (seriously). When personal security influences market demand as much as usability, everybody wins.
Smart vacuum cleaners and cat water fountains are going to ensure the Internet of Things stays ridiculous for a while. But if everyone takes security seriously — consumers and developers — it doesn’t have to be a scary one.