So smart toasters are now a thing:
I know. God help us all. And we’re going to need help. Because if you think this is just silly and doesn’t concern you … you're dead wrong.
The internet of things is coming, whether you want it or not
Companies and financial analysts have been screaming “the internet of things is coming! The internet of things is coming!” like crazed prophets for some years now. And the reason they’ve been drooling whenever the topic comes up is because they can practically taste the cash it will bring in.
You see, the potential upside for companies getting into the “smart” game is enormous. Connected devices offer far too much granular data on you as a consumer to be ignored — data that can be used to improve products, services, sales, and marketing. Or it can be sold off to 3rd party advertisers.
And you won’t be able to avoid connected items. Older devices will be made obsolete. As you start replacing your glitchy TV, your broken fridge, your inefficient car — and yes, your worn out old toaster — you'll be unable to find these products without some form of onboard chip and wireless connection.
(It’s actually easy to foresee a whole boutique line of brands catering to old style machines that “just work” the way grandpa's used to. But they won’t be cheap. And who wants to buy a boutique toaster anyway?)
So no matter how dumb it may seem, the toaster above is definitely going to be a thing. In fact, it’s already completed its Kickstarter campaign.
So what's so bad about a smart toaster?
I know what you’re thinking: It’s just a toaster, right? It’s not the terminator.
No. It’s not the terminator.
But it is a connected device that's likely to not be secured properly. There’s just no financial benefit to doing the hard work and investments to secure these devices and set up a system for rolling out updates when vulnerabilities are discovered and need patching.
Now every manufacturer claims they’ll make their devices secure. But so far their track record is more than just spotty.
Smartphone makers — an entire industry specifically dedicated to making connected device that hold sensitive data and financial information about their users — have proven themselves either incapable or unwilling to keep Android updated (and therefore protected from the worst exploits), despite most of the work being done for them by Google.
Would we really expect a smart-toaster maker to do more than leading Android-phone makers?
What’s the real danger of the Internet of Things?
I know, I know. Big deal! It’s just a toaster. Someone may find a way to deface my toast with an image that’s not safe for work, let alone breakfast. So what?
Actually, criminals can do a great deal more than hack your toaster so it displays "Skinemax" outtakes. They can:
- Access your accounts: Smart toasters often connect with and display your calendar. Which means they can access your calendar — and through that the rest of your online accounts.
- Access your wallet: If the smart toaster lets you order bread or other items, whatever online wallet you have it tied to may also be accessible to whomever gets to the toaster.
- Be used as part of a bot army: That smart toaster actually has some impressive processing and networking capabilities, which can be used to power and spread malware and direct attacks.
- Allow burglars to case your home: Planning a break-in is a lot easier with a snitch. A toaster that’s only set to work when you’re at home or which keeps a log of when it is most frequently used could be the best snitch of all, letting burglars know when you're there and when you're not.
- Burn your house down: To quote a batman movie: “because some people just want to see the world burn.” A hacked toaster that can’t turn itself off could very well be the match.
And all that’s just a toaster.
Imagine what your smart TV’s camera might be showing people, how your smart fridge could be sharing your dietary habits with your insurer (which may then increase your premiums), or how your smart meter makes it easy for others to skim your power.
Now don’t get me wrong: the internet of things has a lot of potential to improve our lives. But unless security takes its rightful place in design and production, then we’re creating a minefield none of us are really equipped to deal with.