There are plenty of good reasons you might want an Internet-enabled smart refrigerator. Your friends will constantly tell you that you’re from the future! You could check how much milk is left from the store! You can… uh… tweet from it when every other more-suitable gadget in your house is dead?
But there’s also a good reason to not want one, at least until we figure this whole “Internet Of Things” (read: LETS PUT THE INTERNET IN EVERYTHING) is going to work: security is hard.
Example A: according to a new study by security firm Proofpoint, hackers have already started crackin’ away at smart appliances in hopes of further expanding their zombie spambot armies. Between December 26th, 2013 and January 6th, 2014, Proofpoint says they detected upwards of 750,000 spam emails being sent from over 100,000 compromised routers, multimedia centers, smart TVs, and, in one case, a smart fridge.
Yeah. A refrigerator.
“Who caaaares,” you might say. “They only detected one case! Who has a smart fridge anyway? What are hackers gonna do, steal my recipes?”
But it’s important to think a bit more long term.
You see, each Internet-enabled device you bring into your house is a new point of failure – another place for folks with ill intent to find their way into your world. That shiny new smart TV with the teleconferencing built right in? That’s another webcam and microphone that you’ve got to think about. Meanwhile, the TV manufacturers themselves are gettin’ caught peeking at data they probably shouldn’t be anywhere near.
As it currently stands, a very large majority of the devices that we allow on our network are pretty locked down. The smartphones, the gaming consoles, the laptops — they’re all running on tightly guarded operating systems, and (generally) receive regular updates for years after they debut. As we gleefully stride toward the day when the Internet is in absolutely everything, how do we maintain that?
Ask someone who owns a smart TV what operating system it’s running. Chances are? They have no idea. Ask’em when it was last updated. Same deal.
Now, consider how many different TV models these manufacturers – the Samsungs, the LGs, and the Sonys of the world — cough out each year. How long does the average person keep a TV? Around five years, on the low end. How long will manufacturers actually support each TV, monitoring for potential exploits and quickly issuing patches when they arise? Does protection from security exploits end with the 2-year warranty?
I’m by no means denouncing this movement towards ubiquitous device connectivity. Like any other kid who grew up watching The Jetson’s, I’m ready and waiting for the house of the future.
We just have to be smart about it. We need to demand the same level of security we expect of our laptops and smartphones with every “smart” device we allow on our networks — because, really: once you start packing things like CPUs and web cams and microphones into appliances, those appliances are computers. Manufacturers need to commit to securing a device for at least the average lifespan of the product, or things could get messy fast.