
The Internet of Things Will Be the World's Biggest Robot - mariuz
https://www.schneier.com/blog/archives/2016/02/the_internet_of_1.html
======
jefurii
Rather than IoT, I'd like to have networked Things under my control. The
problem is not that they're networked but that they all want to phone home to
central services.

~~~
CaptSpify
I use a few IoT devices, and have them on a non-internet network.
Unfortunately it requires me looking into each product first to see if it
phones home, and deciding which features I want to give up by blocking that.

~~~
ryanlol
Well, at least most of the protocols are really really easy to RE.

------
EdSharkey
Utopias require a slave class. Having autonomous robots doing most/all manual
labor sounds pretty good - AS LONG AS they aren't all phoning home to their
corporate overlords every 30msec.

When are we going to start demanding devices that are untethered from a
mothership and run from home computers?

~~~
hodwik
When an untethered machine can provide all of the functionality of a machine
that phones home.

(never)

~~~
TeMPOraL
Which is 20 years ago. Seriously, in most IoT / smart appliances, the "phone
home" capability gives pretty much nothing for the user that couldn't be done
without it. Including voice recognition, which worked off-line pretty decently
for the last 10 years, and didn't have the network-induced latency. Phoning
home is only there because companies are lazy and/or trying to monetize user's
data.

~~~
codyb
I'd imagine phoning home heavily subsidizes some of the products through the
data produced in aggregate and at the level of the individual through which
research can be performed and which may also be monetized in other ways.

For instance, Google paid 10x revenue for NEST [0]. Profit is obviously much
lower which means that's a very long term investment for the acquirer. But
maybe not if the NEST product integrates with other Google products bringing
more people into the Google ecosystem, incentivizing people to stay in the
Google ecosystem, and providing data for Google to both improve it's ecosystem
even for non Nest Users and to monetize with third parties.

Now if NEST stayed on it's own, it could integrate with other ecosystems or
create it's own or just exist as a standalone product but NEST wouldn't have
too much data to sell to increase profits, and wouldn't be able to draw as
many conclusions as a company which could integrate their data with other data
sources. It could create it's own ecosystem but comfortably living within
another established ecosystem will probably bring more users to NEST as
ecosystem creation is obviously very much outside the purview of a smart
Thermostat.

So it sort of makes sense that these products "phone home" even if it's not
exactly what we as computer software engineers and privacy advocates might
look for in a product.

[0] - [http://www.businessinsider.com/nest-
revenue-2014-1](http://www.businessinsider.com/nest-revenue-2014-1)

~~~
ryanlol
> bringing more people into the Google ecosystem

But literally everyone that could use a NEST product already uses google.

------
late2part
My friend Mike O'Dell quoted someone as calling it the "Inherently Dangerous
Internet Of Things."

~~~
username223
Apt. Microsoft actually seems to care about support, compatibility, and
security, but it took years (a decade?) of Windows getting hacked for them to
finally get serious about security. After another decade or so they're still a
ways from fixing the problem, and part of that "fix" is telling people
perfectly happy with their current Windows 7/8 systems to go to hell.

The IDIoT means appliance and car makers get to repeat this same slow learning
curve, but on both client and server. In a decade or so, buyers will force
them care about fixing their buggy, unsupported, insecure software (both
client- and server-side this time). In another decade, they will be at around
Windows 10 levels of support and security.

Oh, yeah, and a hacked car or HVAC system can kill you much deader than a
hacked PC.

------
monkmartinez
Obligatory:
[https://twitter.com/internetofshit](https://twitter.com/internetofshit)

------
jmnicolas
Apart from the "Minority Report" considerations I'm wondering how long this
crazy addiction to electronics can be environmentally sustainable.

I can't say I'm optimistic about it.

~~~
IsaacL
Which part of them is particularly environmentally sustainable?

The metals and plastics used in their manufacture is pretty minimal compared
to cars or home appliances.

Their power consumption is low compared to heating or lighting (a macbook
consumes power equivalent to about two lightbulbs, and most devices use less).

Earth metals represent probably the biggest environmental impact of consumer
electronics. They're not actually rare, just expensive to mine, so there isn't
an issue of _sustainability_. (As in, the earth metals aren't going to run out
any time soon. There's some nasty environmental damage in the vicinity of the
mines, but that's limited to a particular area).

I'm trying to fathom the reasoning behind this comment. Is it that because
electronics are really useful and beneficial, they must have a proportional
cost?

~~~
jmnicolas
Did you mean "unsustainable" in your first sentence ?

It seems to me that even at our current level of mass consumerism our
lifestyles wouldn't be sustainable for more than a few decades. I'll give it
to you that it's more a hunch than a an opinion backed by facts.

You're talking about cars or home appliances but generally we have a few of
them. Each one of us will probably have thousands of IOT "things".

Billions of humans having thousands of things that are discarded and replaced
by new ones when they fail or are not modern enough is not, in my opinion, a
recipe for sustainability.

For the record I counted 17 sensors just for my house alarm and I didn't go
overboard, if I hadn't be budget constrained I would have put much more than
that.

~~~
pavel_lishin
How often are you replacing those sensors?

~~~
jmnicolas
The alarm is only one year old, but I wouldn't be surprised if in 5 years the
company would tell me they're obsolete and I have to buy the new ones to get
better protection.

------
moron4hire
The internet of things won't be anything unless someone can figure out a
better user story than "turn your house lights on and off from anywhere!"

~~~
DyslexicAtheist
That statement assumes the IoT is only the part that is exposed to consumers.
It's also increasingly ICS/SCADA and other M2M technologies that as soon as
they connect to the wider web are part of it. As @vdnkh points out below it is
not new - just rebranding.

But the implications (especially for security) are huge. Not just because of
_new_ bugs or design flaws but also because the momentum (and media frenzy) it
creates puts these old (buggy) technologies into the limelight of security
researchers. E.g. stuff that was lurking in old protocols suddenly becomes
relevant (want to stop a train?
[https://media.ccc.de/v/32c3-7490-the_great_train_cyber_robbe...](https://media.ccc.de/v/32c3-7490-the_great_train_cyber_robbery)
).

There are countless applications not just for BAC but also for logistics,
power-grids, industrial automation, e-health, insurance, ... where the IoT is
already actively pumping out use-cases, product ideas and actual products.

~~~
cgh
Exactly. To summarize, the major use cases for the "internet of things" are
industrial. Think mining, mills, etc.

------
dovdov
Come for the plant hydrator, stay because.. skynet.

------
noja
The world's biggest botnet too.

------
JBiserkov
SMART - Surveillance Marketed As Revolutionary Technology

------
dasil003
For some definition of robot.

I'm also a fan of Gaia Theory, but it doesn't mean that the Earthly ecosystem
is an organism in the same sense as the individual flora and fauna.

~~~
ajcarpy2005
I am reading into your comment but I am thinking you are considering that the
_transient_ and seemingly non-stable nature of a lot of human and animal
activity implies that Gaia cannot be an Earth-level macroscopic scale organism
comparable to the human body. I think that if you consider the replaceable and
transient nature of the molecules and cells in traditional organisms, you will
see more correspondences between the two. Also imagine how at the microscopic
level (even macroscopic level), humans and animals change quite a bit day-to-
day..even moment to moment. So the busyness and seemingly "unstatic" nature of
Earth-at-large is no reason to think of it too much differently than a
traditional organism.

And considering two further things makes for even more interesting
conversation: 1) there's no super-clear distinction between life and
death..there's a massive difference in function and activity along the
development and decay cycles that are possible for animals. 2) Animals without
limbs or with added tools(extensions of our limbs) are quite workable.

This is only meant to add to your conversation; I'm not really detracting
because I agree it's not in the same sense but rather a different class of a
being.

Oh, and one more thing: Animals' collections of physical cells are also home
to a large number of cells from a WIDE VARIETY of different "species" of
bacteria and viruses..so many of which can basically take a person either up
or down in health by a large factor. So this is analogous to the Earth which
is home to a great diversity of humans, animals, plants, and so on. Beautiful
really. Except for that which isn't.

------
carapace
Thank goodness I'm not the only one who gets this. (I know how that sounds but
damnit I feel very lonely most of the time.)

Conceptually speaking, there is only _one_ machine. Two "independent"
machines, once coupled, now form one machine. And in the real world all the
machines are already coupled.

Also, I feel like people should watch "Maximum Overdrive" and "Demon Seed".

------
mc32
Calling the iot a robot is a bit clumsy. This label will do the opposite of
the intent, the prudent exposition of the iot as the largest unobtrusive
surreptitious surveillance system of all. total information awareness come
true.

Labeling it as a robot will rather make people discount the idea. "A robot?
That man's crazy. Little things interconnected do not make a godzilla-like
world stomping and destroying robot! Nuts!"

To be sure, putting all your industrial scada equipment on the public net
could result in consequences similar to having a Godzilla running amok.

------
Animats
How long until it deliberately kills someone?

~~~
bdamm
Weapon bearing drones?

------
chaostheory
> The World-Sized Web -- can I call it WSW?

I call it IFTTT

~~~
iokanuon
What about... World Wide Web?

------
ommunist
What a nightmare - millions of fridges DDoSing nuclear power stations...

------
tls
I have acutally kicked this idea around 4 or 5 years ago of A "WSW" but more
so in a sense that modularity would have been the groundworks for such a
revolution.

Modularity. Modules, taking the scale of what cpus on the phones have to what
the cpus in the late 90's till now had... interoperability... it is just not
there yet. Infact it stagnated.

~~~
DyslexicAtheist
... _interoperability_ ...

a lot has changed in the last months alone. there are several standards ready
for IoT (ETSI M2M) [0], some are still being drafted (W3C Web of Things
"WoT")[1].

Where I still see lot of room for improvement in standards is for totally
radically new use-cases. Standardization guys are usually industry
representatives from bigger companies who think about inter-op (and to a
lesser extent use-cases). But many use-cases in IoT transcend or even threaten
the business models of what the bigger players have built their
power/dominance on (they prefer sustainability over disruption -- god I hate
those buzzwords).

Therefore smaller innovators (individuals or garage start-ups) who have
radical ideas such as building a decentralized business model (maybe using
cryptocurrencies or blockchaining and _not_ driven by harvesting user-data or
advocate strong privacy) usually don't have the resources or time to put one
of their staff into the slow-moving standardization bodies to make/defend
their case.

Though the W3 is extremely open compared to others and even there are official
members who vote behind closed doors, ... if enough contributors bring ideas
in the open discussion groups, then these points too might get standardized.

The biggest problem though is standardizing security.

It is no coincidence that most IETF drafts especially older ones and official
RFC's have under "Security" a note that says "to be done". Thinking ahead what
might become a design problem later is hard and depends on how the standard
later gets understood by the industry. But more important there aren't enough
people who understand security in standards groups. That is not just a
standards problem though and more of a disease of our industry. Just look at
most web developers and have them explain how XSS/SQL-injection works ... or
ask an Embedded engineer who is used to building non-connected appliances to
think about remote exploitable buffer overflows after they connects the
_thing_ via a CoAP proxy to the WWW ... Yes you'd _assume_ they know that in
detail but reality is usually most have no idea - not because it's hard but
because we are not incentivized by making it extra secure (security often is a
useless feature unfortunately only indirectly affecting your financial bottom
line (when sh1t hits the proverbial fan)).

[0] [http://www.etsi.org/technologies-
clusters/technologies/m2m](http://www.etsi.org/technologies-
clusters/technologies/m2m)

[1] [https://github.com/w3c/web-of-things-
framework](https://github.com/w3c/web-of-things-framework)

EDIT: typos (possibly even grammar mistakes _gasp_ )

------
ep103
Alright, I'll be the one to say it:

Skynet

