The IoT Invasion

The Robopocalypse began quietly.

It began with handy, useful Internet-connected devices such as Fitbit fitness trackers and Philips Hue smart lights. Those devices interacted in a closed-system silo between you, their app, and the Web. They were given the nickname Internet of Things, or IoT.

Soon, the Internet of Things broke down its silos. Digital assistants such as Amazon Alexa, Apple HomeKit, and Google Home (IoT devices in their own right) could make other IoT devices (garage door openers, home security cameras, lighting, thermostats, audio systems) interact with/react to the digital assistant, or each other, or your presence, or the sound of your voice. IoT remote controls and TVs also leveraged the Internet to become exponentially smarter.

The Robopocalypse came in so stealthily, so gently, that the average American already has several IoT devices installed in their home right now and would be hard-pressed to identify them all.

According to Statista, there will be 23.14 billion Internet of Things (IoT) devices installed worldwide by the end of 2018, with rocketing growth expected from there.

All of this is in the name of convenience. After all, who wouldn’t want an existence right out of The Jetsons: A garage door or a front door that opens for you and only you; lighting that follows you around and reacts to your mood; a home theater that knows precisely the environment you prefer for movie-watching; a thermostat that automatically delivers your ideal comfort level for waking up, exercising, and sleeping; a bed that senses a restless night and gently rocks you like only Mama could; the ability to change your mind about any of this merely with the sound of your voice.

Well, I’m not here to tell you to give up all that. After all, I’m like most people: You will have to pry my smartphone (the 800 lb. gorilla of IoT, bristling with digital assistants, multiple microphones, Internet Everywhere, at least four radios, and near-military-grade GPS) out of my cold, dead hands.

What I’m saying is this: Most of my readers are manufacturers. They work for what the computer-literate call “enterprises.” Several of them actually make and sell IoT devices. If that’s you, then your duty is to make IoT security Job One. Because we’ve all heard the nightmare stories about what happens when the machines go rogue:

  • Vizio was slapped with a $2.2 million fine in 2017 for tracking customers’ viewing habits without telling them.
  • Fiat Chrysler recalled 1.4 million vehicles in 2015 after hackers took control of a Jeep Cherokee through its Internet-connected entertainment system.
  • IoT cameras are notorious for privacy invasions, including this hot mess. (Mark Zuckerberg famously tapes over his webcam. Just saying.)
  • Soon, flying taxis will be hacked out of the sky, drones will run amok, and Arnold Schwarzenegger will make four movies about it.

As a consumer technology training consultant, news of IoT gadgets — and the gadgets themselves — cross my desk all the time. Some of the recent ideas came courtesy of a company called Smarter. (How was this name not already taken?) Smarter makes an IoT coffee maker called Smarter Coffee, which enables customers to brew coffee, or change settings, or set a brew timer, all from their phone, as if they couldn’t be bothered to just hit the same freaking buttons while they’re at the machine stuffing coffee into the damn thing.

But hey, whatever. The real star of the Smarter show is the FridgeCam™, which, for less than $200, lets you mimic those fancy new $4000 refrigerators with Internet-connected cameras that let you gaze lovingly at your ice-cold food from your smartphone. Because heaven forbid you simply look into the refrigerator during the eight or nine times per day that you look into the refrigerator. But there’s some nice verbiage on their website about making shopping lists and wasting less food, so there’s that.

Here’s the thing: I admire plucky little startups like Smarter, trying to get a foothold in the USA. It’s the new American dream: spawn an IoT idea, find a willing factory, get a national retailer to bite, conquer the USA. And I’m certainly not against IoT devices. A pair of Logitech Circle 2 security cameras watch over our front door and our lanai. I trust Logitech. They’ve been doing IoT devices, and the accompanying security, for quite some time. Plus, unlike so many of these startups, Logitech has an address and a phone number. You can get at them, and that’s comforting.

Going with the big boys is no ironclad guarantee of safety (I’m looking at you, Yahoo, Adobe, LinkedIn, Dropbox, Equifax, etc.), but for every Yahoo there are thousands of breaches at little startups. The best you can do to stay safe is:

  • Read the terms and conditions, security measures, and privacy policy fine print. Many IoT companies exist primarily for harvesting your data.
  • Create unique, super-long, super-complicated passwords.
  • Keep your IoT devices updated. When the manufacturer stops updating them, replace them.

For all I know, companies like Smarter (although I couldn’t find their terms, security measures, privacy policy, address, or phone number on their website or anywhere else) may employ state-of-the-art customer service and IoT security. But I can tell you this, and it may be my fear of the Robopocalypse talking, but I don’t care: They will never see the inside of my refrigerator.