The Botnet of Things

Whenever I read articles about the Internet of Things (IoT), they all seem to be saying the same things; “smart” is good, “smart” things will solve all our problems and most importantly “smart” things are the future. My favorite part is when the article starts proclaiming which problems all these networked doorbells will solve but somehow forget to define the problem or outline how we they will fix anything. It’s always nice to say that there’s this great new technology that will herald in a new era in human development, but I question whether this new thing is really the future (or just a fad) and whether this will actually represent a significant change in our lives or the way we interact with technology.

Of course viewing the IoT as just a part of modern decadence isn’t reasonable either; one can argue that automated window shades that lower when the sun is about to hit your computer screen will just keep you from getting up, looking out the window and noticing you’d much rather be out there enjoying the day than wasting your time on buzzfeed. I’m actually very partial to this argument, but I somehow don’t think that indoor plumbing is a disaster because it keeps you from going outside every morning to the outhouse so there must be limits here. Further, some IoT devices are truly useful, for instance smart thermostats that lower energy consumption by optimizing heating/cooling according to your habits. But back to my earlier point, does any of this make smart thermostats a game changer? Are they more effective in lowering carbon emissions and energy bills than simply turning down the heat and being conscious about energy use? I’m not so convinced.

Lastly, much has been written about security concerns regarding┬áthe IoT. Recent DDoS attacks using botnets of routers, home security cameras and other IoT devices have crippled websites and dns severs. This all happens without the actual owners of the physical devices knowing that they are part of an international cyber attack and therefore is a difficult issue to tackle. Nobody in the IoT business or their consumers are incentivized to secure these devices. Not all IoT devices are equally prone to hijacking but security still comes at a premium. Worryingly, embedded smart devices may never be disconnected from the internet and many will never receive security updates (or be running software that is remotely secure). Neither the producers or the consumers of these devices will pay their true price but rather this will be distributed among the victims. I find this highly troubling and indicative of an out-of-control tech industry that “innovates” first and asks questions later. The greatest irony is that some IoT devices are even marketed as increasing “security” by providing smarthome security in the form of locks, alarms and cameras. These devices aren’t just a menace to general internet security, but are often an excellent way for the criminally minded to get access to people’s homes. Imagine how much easier it is to rob a house if you have access to the security cameras ahead of time and slide past the secure smart lock using a months old Bluetooth vulnerability (not that normal locks are secure either but still). I’ll just end by linking to this lovely website I came across where you can scroll through unsecured webcam feeds ordered by location, manufacturer or “popularity.”

 

 

Leave a Comment

Log in