Internet of Bad Things: it's time to get paranoid about your fridge

Heaven for hackers

TODO alt text

It turns out that the Internet of Things is the Internet of Not Very Secure Things.

Smart devices have proven to be a little too smart: 100,000 of them, including a smart fridge and some TVs, have reportedly been used to send a quarter of a million spam emails.

And that adds a whole new dimension to a very old joke*: how do you know when there's a hacker in your fridge?

Everybody panic!

For now the threat is pretty remote, because most of our homes and offices haven't joined the internet of things in any major way. But if the hype is justified and we do start embracing what Dirk Gently called "the fundamental interconnectedness of all things", the potential for misuse grows considerably.

Individual devices might not gather much data about you, but collectively they'll hold a very detailed picture of who you are and what you do - and they'll be a very important part of your everyday life.

The idea of fridges sending spam is quite funny, but the more things we connect the more serious the dangers become: imagine if somebody could access information from, or mess around with, anything and everything electrical in your home, car or office.

That's not even the worst case scenario. Worms already exist to target very specific pieces of equipment - the Stuxnet worm famously targeted the controllers for nuclear centrifuges - and it isn't too hard to imagine someone making code that targets popular internet-connected devices such as smart energy meters.

Fancy losing your heating in the middle of winter because someone went after your smart thermostat?

Internet of slings

"Imagine if somebody could mess around with anything and everything electrical in your home, car or office. That's not even the worst case scenario."

I suspect things will get worse before they get better, and we'll have a couple of high-profile connected-device disasters before we give smart devices' security as much attention as we give to their specs.

Until that happens, I think it's a good idea to balance the Internet of Things hype with a hefty dose of good old-fashioned paranoia.

Could baddies hack internet-enabled door locks? Security cameras? Things that could cause fires or floods? Of course they could.

Are hardware companies brilliant at writing really solid, secure software that can't be hacked and that never needs patched? Only in a few cases.

Do we need to think seriously about security before letting any Internet of Things things into our homes? I think we do.

* The original is "how do you know there's an elephant in your fridge? You can't close the door properly."