Tuesday, March 30, 2021

The Uninvited Internet of Things

LWN.net needs you!

Without subscribers, LWN would simply not exist. Please consider signing up for a subscription and helping to keep LWN publishing

By Jonathan Corbet
March 26, 2021

The "Internet of things" (IoT), being the future paradise that awaits us when all of our devices are connected to the net, is a worrisome prospect to just about anybody who has thought about its security and privacy implications. It would be problematic even if the design of all connected devices included security and privacy as absolute requirements — but that is not the way these devices are made. Currently, it is possible to opt out of much of the IoT experience with a bit of attention and discipline. In the near future, though, that situation is likely to change and it is not clear what we can do about it.

Your editor recently moved house; part of that move involved carefully packing up the dust-covered household television set, gently transporting it to the new home, and lovingly moving it to its new location — followed by gracelessly dropping it on the floor while lifting it into place. The search for a replacement involved asking a salesman for a reasonable "non-smart" television, a request that was met with mirthful incredulity. It would appear that such things no longer exist; all televisions are built to be placed on the network now.

The abuses associated with "smart" televisions are well understood. They phone home to report on one's viewing habits. They have cameras and microphones to record the environment and send that data back home as well. This sort of antifeature was just not in your editor's vision for the new living room. The good news is that, with a WiFi-connected television, there are options. Control of the router can be used to limit the device's connectivity to the world. Or, as your editor did, one can simply ignore the devices plaintive whining and not connect it to the net at all.

Control over a device's connectivity gives a certain amount of control over its behavior. The "do not connect it at all" option is especially powerful. Amazingly, devices like washing machines, frying pans, ovens, doorknobs, etc. have worked for many years without a mothership to report to; many of them still will. Keeping them off the net can block a lot of unpleasantness.

Now consider this enthusiastic product placement on BoingBoing, which used to be a site that understood issues like privacy concerns. This particular blurb is promoting "Particle EtherSIM", which is intended to provide widespread connectivity to IoT devices. According to the text: "This is exciting and is going to open a lot of new possibilities for IoT".

One of those possibilities is certainly connectivity that is now completely outside of the control of the "owner" of these devices. The EtherSIM page is clear about this:

Over time, our cellular platform has become increasingly popular. The biggest reason for this is that cellular connectivity "just works". Wi-Fi devices have to be connected to the network by the user, which creates a lot of customer onboarding friction and often low connectivity rates (a lot of Wi-Fi devices never come online).

By putting a cellular modem and SIM directly in a device, the problem of it never coming online can be solved; it will be able to report home whether the "owner" wants it to or not. The vendor will retain control and will be able to, for example, disable the device at will. People who purchase such devices and bring them into their homes will not be able to control that connectivity; indeed, they may not ever even know that it exists.

This problem can already be seen in the area of automobiles, many of which have had their own cellular connectivity for some time. Tesla famously uses that link to track its cars, push software updates, and remotely disable features when cars are resold. Location data from many car brands is continuously fed upstream where it is put to any number of undisclosed uses, including being sold to military organizations. Some vendors give owners some control over this data stream; others explicitly do not.

Can there be any doubt that the purveyors of other connected devices will be attracted by network connectivity that does not require the customer's cooperation? The sorts of data streams that we see from cars now will soon be generated by household appliances, cameras, medical implants, lawn mowers, sex toys, water faucets, articles of clothing, and many other things that product designers are surely thinking of right now. These streams will not flow over networks we control; short of living in a Faraday cage, there will be little we can do about them. We have not begun to see the kinds of spectacular security issues, including surveillance, stalking, fraud, and repression, that will result.

The fact that most of these devices will be running Linux internally provides surprisingly little comfort, somehow.

What is to be done about this problem is far from clear. Legal approaches can be attempted; no device should phone home without explicit permission from its owner, for example. Perhaps someday we'll all have 5G femtocells that restore a bit of control within the home, at least. But getting this genie back into the bottle will not be an easy task; somehow we will need to find a way to live with it while retaining some control.


(

Log in

to post comments)



from Hacker News https://ift.tt/3tWr3P4

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.