The Internet is for Things
What do you think of when you think of the internet? Facebook, Twitter, YouTube, and Amazon? Or maybe more mobile-oriented with TikTok, Instagram, or Snapchat? Perhaps even a level deeper, all the communications equipment and data-centers/servers that go into serving our shopping and social media. While major sites and the physical hardware that support them are certainly one part of the internet, and we the users are a portion of internet traffic, we don’t represent the majority. How would you feel if I told you that for every one person online today there are 8 physical things connected to the internet? Best estimates are that by 2025 there will be 80–90 billion things connected to the internet, more than 10 times the human population.
So what is the Internet of Things? The Internet of things (IoT) is best described as a network of physical objects embedded with sensors, software, and other technologies to connect and exchange data with other devices and systems over the Internet.¹ The most common experience of this in our daily lives are all the ‘smart’ devices in your home. When most people say IoT they are thinking of things like smart doorbells, smart thermostats, smart home security systems, smart fridges, etc. In your own life do you have connected devices outside of your cell phone and computer? What about a smart speaker that has Google Home or Amazon Alexa connectivity? Probably more than any other category of device, the voice-enabled speaker has become the ubiquitous central component of the smart home ecosystem. With more than 90 million voice-enabled speakers in the US, representing a roughly 33% household adoption rate in 2020, we can see that the Internet of Things is huge and growing.²
How did we get here?
Let’s look at a little bit of history. You may already know this tidbit but, the first people to get on the internet were of course researchers working on the ARPA net in the 1960s. The very first ‘internet communication’ was sent between nodes on October 26th, 1969. While the initial message was meant to be “LOGIN”, “LO” was all that was received before the system crashed.³ So if that’s the first instance of people on the internet what about the first object to feature internet connectivity? That honor goes to a Coca-Cola machine at Carnegie Mellon University. The soda machine was connected in 1982 and featured the ability to report on its stock level and can coldness.¹ This is a great example of what an IoT device is and how beneficial it can be. This soda machine, by using simple sensors for can count and temperature, was able to report when it needed to be restocked, and if anything was perhaps wrong with the cooling system. Furthermore, by tracking what sodas ran low the fastest, Coca-Cola could know through data which of their flavors were performing best (at least for that one machine).
While this was undoubtedly a great start, it’s safe to assume one soda machine did not evoke vivid images of a fully connected future or the internet of things to come. It would take the turn of another decade before the concept of IoT came into view. In a 1994 issue of IEEE Spectrum, Reza Raji laid out the concept of IoT as the process of — “[moving] small packets of data to a large set of nodes, so as to integrate and automate everything from home appliances to entire factories.”¹ Truly this is the basis for our connected devices which report data about their status and environment to the cloud where the data is analyzed, mined for information, and then instructions for adjustments or actions to be taken based on that analysis are sent back to that device. In 1999 the definition of IoT was officially coined by Kevin Ashton while he was researching RFID applications at Proctor and Gamble. He is the first to have used the phrase “Internet of Things” though he later stated his preference for the term ‘Internet for Things’.¹ Finally you could say that the Internet of Things was truly born in 2008, the year that the number of devices/sensors connected to the internet surpassed the number of people with internet access.
Where are we now?
As we talked about at the top, if you look around in your day to day you’ll probably notice dozens of devices that are connected to the internet. While the most obvious ones are your computer and your phone, consider some of the others. Do you wear a fitness tracker that counts your steps or reminds you to move every now and then? Do you have any smart bulbs in your home that you can turn on or adjust the color of with an app? What about a smart TV that you can give voice commands to? Even circling back to your phone, most of us think of only the direct interactions we have with our mobile device but what about all the data it collects behind the scenes such as our location data which speaks to how we move through our day and our habits. We can harness this data for our benefit gaining insight into the patterns they see in us and the convenience they provide. For advertisers, our data is a gold mine for ad targeting. So far we have focused entirely on direct to consumer products but what about more industrial applications of IoT.
Industrial IoT(IIoT) has been around for decades and the integration of smart supply chain and smart manufacturing equipment is now seen as the default rather than something special. Early integrations such as sensors for tracking power consumption helped manufacturing integrate with the ever smarter energy distribution systems as we move to a data-driven power grid. Tracking and reporting on components in the supply chain has helped all manufacturing, but most importantly automotive manufacturers, be more efficient and minimize bottlenecks. Embedded sensors in fabrication equipment and other industrial machinery has drastically increased the precision of maintenance and seriously reduced unexpected downtime for major components.⁴ IIoT has dramatically increased the insights into the manufacturing ecosystem for each product and has boosted efficiency across the entire industry.
Much like in manufacturing the introduction of networked sensors has been a tremendous leap forward for the energy industry. The American electric utility or energy grid was developed over 100 years ago and was conceived as a one-way low volume flow of power to households, only good for a few lights and small consumer electronics.⁵ Today though the typical household has enormous energy demands, and many have some generation capability such as solar panels. What this means for electricity distribution is that multiple layers of data collection are necessary to understand when to supply energy vs when to pull from consumers, how to store excess energy, and how to manage multiple sources of generation such as wind, solar, and traditional fossil fuel generation.
In addition to electrical generation, there has also been a revolution in the oil and gas extraction industry. Today a massive amount of data is supplied from pumping stations and pipelines back to datacenters at oil and gas companies. Wells report on their volume, sensors watch for seismic activity and predict best drilling locations, and drones inspect pipelines for any signs of wear or fault. While in the long term we need to move away from fossil fuels altogether, the use of data to efficiently and safely power our world is vastly better than it was even a few decades ago.
The final area to examine in terms of IIoT is agriculture. In a world where we will need to steeply increase our agricultural yields at a time when arable land is decreasing due to climate change, smart use of technology in agriculture is probably the most important field for IIoT. Today there is widespread use of soil moisture sensors to help with smart irrigation and even some early adopters of drones for pest control, weed control, and plant health tracking via computer vision.⁶ As we move into more designed environments such as vertical farming in urban areas, a multitude of sensors will be deployed to track all environmental conditions and adjust according to the needs of our crops.
So we’ve looked a lot at the history and the current use cases of the internet of things but what makes this all possible? At its base level, the Internet of things is made up of general devices and sensing devices. General devices are things like we have discussed, consumer products such as smart speakers and smart appliances. Sensing devices are just that, sensors and actuators that are taking in specific data and reporting it back for processing or analysis. Many devices are directly connected to a network such as your wifi which allows them to report their data back to the cloud for processing. Some devices are not wifi enabled and instead use connections such as Bluetooth Low Energy(BLE), Zigbee(A newer personal area network protocol), or Radio Frequency to send data to a hub device which is itself connected to the internet via wifi or ethernet connection. The packets of sensory or status data are then sent to the manufacturer’s cloud data repository for processing as IoT devices themselves rarely have sufficient hardware to process their data for useful analysis and feedback.
Let’s go through an example to illustrate this process. I have a SensorPush temperature and humidity sensor which I use for home brewing beer and wine. My HN1 sensor lets me know that the temperature in the room where beer is fermenting or aging is within a specific range which I wish to maintain. The sensor itself is a perfect example of a sensing device and is very simple. So simple that it can only transmit data over BLE and does not process its own data. My HN1 sensor sends its temperature and humidity data over BLE to the SensorPush hub which is connected to my home wifi. The data from my HN1 is uploaded to SensorPush via the hub and processed in their cloud application which allows me to get alerts on my cell phone if the temperature goes too high or too low.
While IoT devices can improve life through convenience, offer a deeper understanding of our health and habits, and increase efficiency, they also have drawbacks chiefly privacy and security. Privacy is a deeply complicated and personal issue which each individual needs to determine how much relevant data they are willing to give away in exchange for convenience. When it comes to IoT devices it is important to ask yourself where your comfort zone ends. Are you alright with a robot vacuum that maps your home and uploads it? What about a smartwatch or fitness tracker that knows your resting heart rate and steps per day? Is that helpful health data for public policy or overly invasive? What about a car that rates your driving against other drivers? All of these questions, and hundreds more, are up to you to answer.
When it comes to security, IoT has a lot of room for improvement. Fundamentally each device on a network increase the theoretical ‘surface area’ for an attack which means adding devices is always a risk. What makes things worse is that there are no set standards and for many manufacturers security is an afterthought rather than a priority. A few notable attacks involving IoT that are worth reviewing include⁷:
2016 Dyn cyberattack — Were a series of distributed denial of service(DDoS) attacks on the Domain Name Server(DNS) provider Dyn. The attack was perpetrated using a bot network composed mostly of IoT devices including printers, baby monitors, doorbell cameras, and webcams all of which had been infected with Mirai malware. The attack was successful in stopping or slowing connections to some of the largest sites on the web including social media and e-commerce sites.
Owlet Baby Monitor Hack — Among several hacks of baby monitors that horrified parents, the Owlet was singled out as having some of the very worst security for having an unencrypted open network connection between the monitor unit and the base station which connected to home wifi. This means that if you were in range of the baby monitor you could connect to the base station's open network and meddle with the monitor settings and intercept any information passed between the base station and the monitor.
The Jeep Hack — Fortunately this one involved security researchers looking for vulnerabilities but it’s still very worrisome that ethical hacking experts were able to take full control of a real production jeep. The hackers gained access to the Jeep Cherokees computer systems via the car's built-in wifi network which they were able to brute force the password for based on the car's default password settings (the year and month it was manufactured). They were then able to take control of the throttle, breaks, and steering, even while the car was already moving.
When you consider IoT devices in your own life you really should consider how their use or even their failure could impact you. A simple failure of a device like a smart door lock could be catastrophic if the system does not have a physical key backup (or if you don’t carry the key assuming the lock will always work). Next, consider what malicious activity could mean for you and how easy it may be. Something like a home security system or a baby monitor in the control of a bad actor could at best be a terrible invasion of privacy or at worst terrify your family. The fact is, the connection types that most IoT devices use (BLE, Zigbee, and Wi-Fi) are just protocols, so it is up to manufactures to add layers of security. This is not to say that no one should purchase and enjoy IoT devices, but it is up to consumers to research products and choose the best made and best-engineered devices that prioritize security. In addition to buying well-engineered devices, there are some simple steps we can take to get the best, and safest use out of our connected things.
Firstly, does it need to be online? Just because you can have an internet-connected fridge doesn’t mean you should. Take for example this ‘smart male chastity device’. While your first question might be why this is a thing, mine would be to ask why is this an IoT thing? It a perfect example of something that already exists, but by adding a so-called ‘smart’ component it only served to make it vulnerable to bad actors and potentially cause a lot of problems for users. A second best-practice is to secure and quarantine your networks. As we saw in the Jeep hack, a default password was weak and quickly cracked by hackers. You should always change default passwords and you should make sure each device has a unique password. With this, it is a good practice to make a sub-network on your home wifi that is just for devices. Much like having a guest network, a device-specific network will be a mask of your main home network but with its own password. This separation makes it harder for a hacker that gains access to the wifi via an IoT device vulnerability to gain access to your phones or home computers where your personal information is stored. For more tips check out Norton’s 12 Tips for IoT Security.
While we certainly have a lot to consider when it comes to security and privacy the future for IoT devices generally looks pretty bright. In-home connected devices will continue to improve on the experience they deliver and the dreams of the futuristic smart home with voice control everything and wall-size digital displays seem to be within reach. On an urban planning scale, smarter infrastructure such are power grid and transit will help us more efficiently serve to populous, allocating resources where they are most needed and reducing waste. Likewise in manufacturing and supply chains, we can further reduce waste and carbon impact through better tracking and analysis. In personal and even gig transportation the concept of a fleet of autonomous networked vehicles is no longer science fiction. This is something that could drastically reduce the horrific level of vehicular fatalities we see today while also reducing congestion on our roads through vehicles working cooperatively. In agriculture soon we’ll have fleets of drones planting, watering, and maintaining traditional farms as well as urban vertical agriculture. While we do need to be keenly aware of security concerns and an individual right to some privacy, IoT devices show a lot of promise in improving lives.