Now that the eternal promise of the dawn of the Internet of Things has finally been kept, it is time to start thinking about how to deal with the security issue. Security issue, isn’t it like, boring? Why should we really care? The cold reality is that all the fancy features of our next smart household appliance are going to be used as trojan horses against our own safety.
Internet of Things, IoT for the friends, is finally a thing. All our gadget and life companions are starting to have a silicon based brain, an internet connected heart and possibly even their own Facebook profile. And we the humans will allegedly stop wasting our precious time in low productive activities. Need an example? Why should we care about traffic conditions and bad weather if our shining new Google smart car can drive us wherever we need? Or being worried about burning the roast beef, having an internet connected oven capable of downloading the recipe / monitoring the meat temperature / sending us a twit when the food is ready?
As Cyanide and Happiness would say, the possibilities are endless! As long as no one realizes that the amount of home appliances connected to a too-easy-to-hack cloud is an easy way to control our lives. And I am afraid that there is already a long list of someones interested in discovering the dangerous potential of our smart hearted metal friends.
The size of the security issue will grow like a muffin in the oven, this because not only will we be surrounded by dozens of different devices, but also because of the level of threat that some of those could cause. Fear of driving? What about driving in an ungovernable hacked car? Even the fancy Apple-style Nest thermostat and lighting hub has been hacked. I cannot image what could happen to my furry chinchillas if someone remotely connects to my iRobot vacuum cleaner…
The risk is real, even more if we just throw a look at the past and collect the number of security updates that our web-browsers, phones, pc and other internet connected devices went through. The Heartbleed and Shellshock vulnerabilities were discovered just few years ago, jeopardizing virtually everybody connected to the big web. With the IoT we are experiencing a shift to a more intimate level: this time it won’t be our online privacy at stake, but our own physical security.
An example is what happened to the auto manufacturer BMW. An independent consultant commissioned by the German Autoclub discovered a loophole in the BMW ConnectDrive software, allowing a hacker to open your smart car by mobile phone in few minutes without leaving any traces. On top of that they can also track the position and trigger remote functions to 2.2 Millions BMW, Mini and and RollsRoyces worldwide. Like I foresaw some time ago, your badass ex-girlfriend could lock you in with Justin Bieber on repeat through your in-car Spotify app. OMG.
Sadly, we can’t forget that there are way more dangerous people looking forward to getting into our digital-physical world. And we are talking of a wide range of different entities. From the NSA that maliciously implanted software into thousands of pc just to have a sleeping weapon ready to be used without the authorization of the real owner, to teenage hackers bored of stealing credit card informations.
This is just a scenario, one in millions scaring possibilities. But the well is pretty deep: this year at the CES Las Vegas the weapon company TrackingPoint presented a linux-based laser guided rifle. Basically, it always hits the target. I am already terrified by the fact that such a rifle is freely sold in the US. Now imagine your badass ex-girlfriend remote controlling it.
Photo by: BCNmag