THERE CAN'T BE TRUST IN THE INTERNET OF THINGS
2015 February 09These days, news of Samsung asking their customers not to talk about sensitive information in front of Samsung devices. While I agree that they deserve any and all kind of shaming and ridiculing, Samsung and their “do-not-buy-our-stuff” policy are not the problem, but only a symptom of the problem.
I distinctly recall a “smart” TV (I don’t recall the manufacturer, so I’m not naming names, but I’m pretty sure it’s “all of them”) that sent the filename of any file played from USB to some server in the internet. Why would it do that? Why should it do that? There’s no answer that doesn’t end in people unplugging their devices from the network.
Also, there will be more news like this in the time to come.
The problem is, that we as consumers simply can not trust any “smart” devices as long as stuff like this is buried deep in the EULA, if it’s visible at all. And without the consumers trusting the devices they put into their network, there can’t and won’t be an Internet of Things. I’m not saying that’s a bad thing, but I’m saying it’s not gonna happen with manufacturers behaving this way.
If manufacturers really want there to be an Internet of Things (so far I don’t see why consumers would want there to be, but that’s another story), they need to provide detailed information about any and all functionality of their devices. They need to enable consumers to have complete control over what their devices do and don’t do and they need to have strong privacy settings as default.
In short, each and every interconnected device on the Internet of Things must run on free and open software, recompilable with standard tools available and with consumers being able to easily replace the firmware running on the device to a trusted version.
I know you’re going to say that most people aren’t programmers. You’re right, and they don’t need to be.
There are enough programmers out there who’d be happy to tinker with the program running on their IoT device. I know I’d be. And you can bet that they’ll find the nastiness in the code and will give you a version that you can run without being afraid that someone will look into your living room while you are rightfully expecting privacy.
EOF
Category: blog
Tags: IoT rant Internet Things Samsung Trust Privacy