The Space Telescope is a Thing. So are the GEOS weather satellites, and so are airplanes, cars, buildings, rooms, air conditioners, security cameras, televisions, DVRs, faucets, and spoons — and if you don’t think that someone will someday invent a “smart” spoon that will be connected to the internet, you don’t know your species very well. It will likely be programmed to detect and report on the temperature of the food that you’re about to put into your mouth, and to cool it off or heat it up in order to make it just the right temperature, according to your preference. High government officials will be given “smart” spoons that can detect whether or not the food contains poison.
The detectors and effectors that we use today, which permeate our lives, usually report directly to us only when we look at them and change something only when we tell them to. But when they are connected to the internet, they join a huge communications network that is penetrated by criminals and used by powerful interests to manipulate us every day. Others, some of which are not exactly human, can control them — and us.
The Internet of Things is a step in our species’ evolution for which we are not yet prepared. Unlike most other species, whose survival depends on their ability to adapt to changes in their environments, homo sapiens has developed the ability to change its environment. While the climate change deniers need (probably due to some deep psychological weakness) to believe in the powerlessness of their species to change the environment, no honest reading of climatological data can lead to any conclusion that there is not merely a correlation between human activity and climate change, but an actual cause-and-effect relationship, and that climate change — at the very least — represents the destruction of much of our habitat. We have changed our environment, and we’ve used many different devices to do it, usually without understanding all of the consequences of the changes that we’ve made or that we want to make.
Already, during the early development of The Internet of Things, we have seen some of the difficult problems we must solve before it can work successfully for our benefit. Insecure devices connected to the internet have been sucked up into huge botnets and used by criminals for their nefarious purposes. Even non-criminals, whose roles are governmental and authoritarian or corporate and acquisitive, have used our devices to monitor us and, in some cases, to manipulate us. People have connected and turned on devices without ever considering their privacy or the fact that their actual security relies upon the strength of their ability to defend their privacy. In large part, this is due to the fact that most people don’t really understand how the internet works, or even what privacy actually entails.
There is a strong argument to be made that most people shouldn’t have to know how the internet works. It is a complex communications system comprised of many protocols and connections that serve many different purposes. For the same reason that not every person needs to be an expert medical specialist, we employ specialists to keep the internet running and to develop it to meet our needs. For the same reason that we must trust our doctors to tell us why we’re sick and how to fix it, we must trust internet developers to tell us how to use technology to solve problems — and how to use it safely. Unfortunately, as with early medical practitioners who had very little actual knowledge of their craft and who worked mostly from superstition and guesswork, today’s internet developers often don’t think about the things they should be thinking about.
Here is a specific example:
Domoticz is a web-based framework for attaching IoT devices to a network and controlling them. Run on a local, in-home server, it initially required no authentication in order to access the controls. Later, users were able to add usernames and passwords, but the default configuration is still to require none. Being attached to a home network, it is inevitably connected to the internet, and, given that most people are unaware that they have to block incoming connections from the internet, their consumer firewalls, often disabled by default, are easily penetrated, and such controllers as Domoticz can be detected and used by people whom the owner would not otherwise allow into their homes.
Furthermore, while Domoticz’ developers have added user authentication to the web interface, the devices which connect to it and to each other do not authenticate among themselves. If a stranger’s device is able to connect to the network, it could conceivably intercept the communications among IoT devices and alter their states. While the developers have since allowed the use of SSL with their web server and suggested that third-party proxies, such as Nginx, can be configured as secure gateways to Domoticz, they did not consider such problems during their initial deliberations and designs, and they have found that adding security to their insecure networks is very difficult. It will be surprising if it doesn’t involve a complete rewrite of all the work they have done so far.
Secure authentication of both users and devices is now recognized as a problem in IoT that must be solved by building it in to systems from the very beginning of their development. Several organizations are considering standards and protocols for connecting devices and people to the Internet of Things securely. Mozilla, for instance, is contributing to an effort at W3C to develop such a standard, which they call the “Web of Things”, to make connecting a wide range devices to the World Wide Web easier. To that end, they have developed a demonstration of a web-based control framework, similar to Domoticz, that has focused on security from its inception.
Unfortunately, Mozilla’s approach is crippled by an unrelated and fatal flaw: The developers want to require that Thing types be included in the specification. Thus, the specification must anticipate every possible device that can or will ever be connected to the Internet of Things. That is impossible. We have no idea what devices people will invent. It is also unnecessary. Only the software that controls devices and the users of those devices need to know what a particular device does and how to control it. The control framework must be simply that: an API for plugins that provides secure communications between people and Things, and between Things and other Things. The Mozilla WoT specification goes far beyond defining interfaces. It limits what people can invent. Ideally, it should be possible to register any kind of device, regardless of what it does, to a framework, and allow people to interact with it.
But system security is only half the problem. The other half involves people understanding the value of privacy.
Over the past couple of decades, people have surrendered vast quantities of information about themselves to corporations and governments which do not necessarily have their best interests at heart. Authoritarian governments, which is the trend in government nowadays, seek greater control over what people do by limiting what they can do. When they know what we want to do in advance, they can block our way. Corporations, on the other hand, use their huge databases which describe our decisions and behavior not merely to predict what we will do with greater accuracy than we can ourselves, but to steer us to making the decisions that they find most profitable. And, too often, those immortal, omniscient, and nearly omnipotent corporations find that killing people can be profitable, and when they do kill someone, there is little consequence for it.
The Internet of Things will be a very useful tool. It will allow us to have very finely-tuned control of our environment, and to interact with our devices much more conveniently than we do now. However, while we’re inventing IoT, it will be a good idea to build security and privacy into it from the beginning. This will require us, as citizens, to educate ourselves about security and privacy, and to restructure our institutions to protect us and not to exploit us.