Forgot your password?
typodupeerror
Software

The Nightmare On Connected Home Street 186

Posted by timothy
from the coming-from-inside-the-house dept.
theodp (442580) writes With the battle for the connected home underway, Wired's Mat Honan offered his humorous and scary Friday the 13th take on what life in the connected home of the future might be like. "I wake up at four to some old-timey dubstep spewing from my pillows," Honan begins. "The lights are flashing. My alarm clock is blasting Skrillex or Deadmau5 or something, I don't know. I never listened to dubstep, and in fact the entire genre is on my banned list. You see, my house has a virus again. Technically it's malware. But there's no patch yet, and pretty much everyone's got it. Homes up and down the block are lit up, even at this early hour. Thankfully this one is fairly benign. It sets off the alarm with music I blacklisted decades ago on Pandora. It takes a picture of me as I get out of the shower every morning and uploads it to Facebook. No big deal." Having been the victim of an epic hacking, Honan can't be faulted for worrying.
This discussion has been archived. No new comments can be posted.

The Nightmare On Connected Home Street

Comments Filter:
  • Uh-oh (Score:5, Funny)

    by paiute (550198) on Sunday June 15, 2014 @08:29AM (#47239945)
    Better return that USB Fleshlight
    • Re:Uh-oh (Score:5, Insightful)

      by dinfinity (2300094) on Sunday June 15, 2014 @10:33AM (#47240269)

      The times of your PC speaker blasting Yankee Doodle at 17:00 are long gone.

      TFA is overlooking a very important part of how hacking and viruses work anno 2014 and that is that hackers and virus makers have gone from people just messing around to people making hard cash or disrupting very specific and powerful entities. If anything, the symptoms described would only be part of ransomware or some terrorist attack when directed at average Joes.

      Like the devices targeted by most viruses today, these sorts of devices will mainly be infected to track and sell data, to be able to use them for ddossing or cryptomining, and as a vector to extract financial authorization data. I don't think the 'my house has a virus and now I'm hearing Skrillex every day' is going to be very prevalent.

      Of course the threat is real and the results when being targeted specifically more dangerous (to the body) than in traditional hacking. In that sense, we do need to be extra concerned with safety when it comes to 'connected homes'.

      • by WhatHump (951645)

        Ever had a break-in at your home? How did you feel? Violated? Even if nothing of value was taken your sense of security is diminished. This is what an average person will feel when their "connected" home is breached. There are asshats who will do this for a thrill, or to get back at a neighbour for a real or perceived slight.

        • by kesuki (321456)

          " There are asshats who will do this for a thrill, or to get back at a neighbour for a real or perceived slight."

          welcome to the real world. there have been many films documenting how bad people are. have you ever heard of tom green? what about jackass? hell why not watch 'telling lies in America' or maybe 'stand by me' the internet is no more immune to asshats than real life is. or are we all supposed to do nothing wrong? get real, people are not morally pure. the bible to mention one popular source says

      • by AmiMoJo (196126) *

        Taking photos of someone getting out of the shower and then demanding money not to post them to Facebook sounds profitable. Having said that I'm not sure why Honan installed a camera pointing at his shower cubicle in the first place.

    • by Ol Olsoc (1175323)

      Better return that USB Fleshlight

      Can you imagine when the Russians pull a ransomware attack on that?

  • What a joke.. (Score:4, Insightful)

    by bjwest (14070) on Sunday June 15, 2014 @08:47AM (#47239975)

    The internet of things is nothing but a marketers (and hackers) wet dream. I've said it before, and I'll say it again - there is no reason what so ever for each device to be directly connected to the internet, or have internet access, for that matter. The refrigerator doesn't need access to the internet, neither does the washer and drier, toaster, or even the thermostat. One home router and a single control unit is all that's needed, or both in one unit. Let that control your food, soap and dryer sheet inventory. Each unit can tell the control system when a unit of measure is used, and it can keep track. Access to the internet is limited to that one device and there aren't 20 different ways to hack into my network. Of course, this will never fly. Each manufacturer will want to hold the patents on the standards, so they can charge for what should be a free and open standard. No one will ever play nicely so the general public can benefit rather than the elite corporations.

    Fuck them, I'm glad I have the skills and knowledge to do this on my own, without all their patent encumbered, insecure crap. Of course, my washer and drier, refrigerator and oven will remain dumb, as they should.

    • by Anonymous Coward

      Amen, brother! Amen, amen, AMEN!

      I've had to see through so many meetings now where some hipster dickweeds keep going on about the 'Internet of Things'. It is all so very tedious. It's just like three or four years ago, when they wouldn't shut the hell up about NoSQL. They said it would 'change the world' and we'd have to get rid of all of our real DB systems. MongoDB! Cassandra! Redis! They couldn't go 10 minutes without dropping one of those names, even when we were talking about rugby during lunch. And th

      • by hawguy (1600213)

        Amen, brother! Amen, amen, AMEN!

        I've had to see through so many meetings now where some hipster dickweeds keep going on about the 'Internet of Things'. It is all so very tedious. It's just like three or four years ago, when they wouldn't shut the hell up about NoSQL. They said it would 'change the world' and we'd have to get rid of all of our real DB systems. MongoDB! Cassandra! Redis! They couldn't go 10 minutes without dropping one of those names, even when we were talking about rugby during lunch. And then they were proven wrong. Those technologies faltered and withered.

        NoSQL technology did not falter or wither, it's stronger and more popular than ever and works quite well in certain circumstances. NoSQL didn't replace relational databases, but when used appropriately, it does exactly what it's supposed to.

    • by nurb432 (527695)

      There is no reason what so ever for each device to be directly connected to the internet, or have internet access, for that matter.?

      Or be 'computerized' at all..

      • by bjwest (14070)

        There is no reason what so ever for each device to be directly connected to the internet, or have internet access, for that matter.?

        Or be 'computerized' at all..

        The refrigerator, no, but today's economy washers and driers aren't that bad. Monitoring the loads and water levels for laundry and moisture levels during drying can save a lot of water and energy. I have no problem with that, but they don't need to be telling GE or whoever about it.

        • by nurb432 (527695)

          I dont see a point in any appliance being computerized. No thanks for the extra complexity.

          • by plover (150551)

            I dont see a point in any appliance being computerized. No thanks for the extra complexity.

            Extra? Do you know how washing machines were controlled before they were built with computer controls? There was a clock motor and clockwork gears driving a shaft with notched cam disks, and a series of cam following microswitches that opened and closed based on timing. When certain steps in the cycle needed more precise timing, a gear driven mechanism would speed up the camshaft.

            Don't get me wrong, these devices were really cool mechanisms. But they had their limits. They could not adjust water levels by s

    • by kheldan (1460303)
      THANK YOU! For once I'm not the one who has to make a post filled with common sense! Hear, hear!
    • by mlts (1038732)

      I believe in the KISS principle. Even though people say that a hacker with the 0-days to go after IoT devices won't go after individual users... I will agree there. Individually, they won't bother with people. However, their script that walks the Internet and seizes control of devices, is what would be done, with that info being sold to another party, just like credit card dumps. In fact, a list of vulnerable/cracked devices a person owns might even be in the same database tuple as their name, social se

      • by tepples (727027)
        Sure, you can manually poll expiration dates in your refrigerator, toilet paper stock, or your blood sugar. But if you have something automatically polling them, you're less likely to see negative consequences of accidentally failing to poll when it is time. There's also the convenience factor. You can choose not to have Internet access in your home, instead scheduling a trip to the public library when you need to look at something.
    • by NF6X (725054)
      Exactly! That's why I control my home with the DECnet of Things. Let's see those script kiddies try and figure out how to dial up my VAX!
    • The refrigerator doesn't need access to the internet

      Unless I want it to look up recipes. Or be able to auto-order things I'm low on. Or text me in the store to let me know I'm low on milk. Or complain that there's a dangerous form of mold growing. Or give me food usage statistics.

      there is no reason what so ever for each device to be directly connected to the internet,

      I've seen this argument over and over again and it's still just as short-sighted as when it was said the first time.

      There's no good rea
      • by sjames (1099)

        Unless I want it to look up recipes. Or be able to auto-order things I'm low on. Or text me in the store to let me know I'm low on milk. Or complain that there's a dangerous form of mold growing. Or give me food usage statistics.

        Wouldn't you rather look up recipes on a pad so you can have it near you when you are cooking rather than having it stuck to the fridge (which shouldn't be next to the stove)?

        Auto order from where? Will it look for good deals on acceptable brands? How will it know what brands I find acceptable without a very long and tedious entry process that will inevitably miss something? What if I don't care to tell the insurance company what I eat? I don't need the same things in the fridge every week, it depends on

        • by N1AK (864906)

          Wouldn't you rather look up recipes on a pad so

          Yes I would, but maybe I'd like my fridge to do it so that it can see if I have the ingredients I need.

          I'm using a 10 year old 2nd hand fridge that won't break so and is efficient enough that I can't really justify replacing it so I'm hardly the target market for IoT fridges; that doesn't mean I'm woefully short on imagination and can't think of dozens of useful things it could enable, or need to dismiss them out of hand because of some superficial assumpti

          • by sjames (1099)

            How will your fridge know if you have 1/2 cup of AP flour? You'll need to let the pad look up the recipe and then query the fridge and pantry over the LAN. Neither fridge nor pantry need access to the net.

            I don't object to things on the LAN, I just don't see any reason they should have any access outside of the LAN.

            • When I'm doing meal planning for tonight on my phone over lunch, it's very convenient to be able to query my pantry and refrigerator. That way, I know if I need to pick up anything on the way home. Also, if I'm looking for a new recipe, I can grab one off the web that will use what's in the kitchen already. There's plenty of reasons why net access would be useful for my refrigerator.

    • by sjames (1099)

      Not only that. They also want to make sure everything phones home so they can sell your privacy to the highest bidder. When the device should be reporting to a local server installed on a PC in the home, they make sure that instead it reports to their server and the 'owner' of the device logs in to a crappy web app. Eventually, they will push the world's crappiest firmware as an 'upgrade'.

    • by m00sh (2538182)

      The internet of things is nothing but a marketers (and hackers) wet dream. I've said it before, and I'll say it again - there is no reason what so ever for each device to be directly connected to the internet, or have internet access, for that matter. The refrigerator doesn't need access to the internet, neither does the washer and drier, toaster, or even the thermostat. One home router and a single control unit is all that's needed, or both in one unit. Let that control your food, soap and dryer sheet inventory. Each unit can tell the control system when a unit of measure is used, and it can keep track. Access to the internet is limited to that one device and there aren't 20 different ways to hack into my network. Of course, this will never fly. Each manufacturer will want to hold the patents on the standards, so they can charge for what should be a free and open standard. No one will ever play nicely so the general public can benefit rather than the elite corporations.

      Fuck them, I'm glad I have the skills and knowledge to do this on my own, without all their patent encumbered, insecure crap. Of course, my washer and drier, refrigerator and oven will remain dumb, as they should.

      Just because you can't envision a use doesn't mean there aren't any. For example, for the refrigerator, you could change the settings by calculating the time and settings required to get the food to a certain temperature. Perhaps there is an optimal temperature you want your food or drink to get to and you want that at 7pm when the guests arrive.

      You could many many cheap sensors inside but right now it's useless because there is no simple user interface to use those sensors.

      For the oven, you have heatin

    • by AmiMoJo (196126) *

      I want my fridge/freezer to be connected so that it can use the cheapest off-peak electricity available whenever possible. I want my air-con connected so that when I'm 15 minutes from home my phone can tell it to turn on and have the place nice and cool when I step through the door. I want my toilet to be connected so that it can provide health data for me to monitor. I want my microwave/grill oven connected so it can send a notification to my phone or watch when I'm too far off to hear the ping.

      Obviously i

    • by plover (150551)

      Millions of customers have already disagreed with you. Their devices are already connected to the internet, and the number is growing rapidly.

      This is actually good news for you. That means the chances are very good that sometime in 2024 when your neighbor's house starts playing dub-step at max volume at 3AM, you can wake up, run to Slashdot and post "I told you so."

      In the meantime, those millions of other people will have been saving energy, time, and money for a decade with their smart houses. But it wi

  • by bluegutang (2814641) on Sunday June 15, 2014 @09:04AM (#47240013)

    It doesn't matter if we WANT a "connected home". We are going to have it, like it or not. In a couple decades, it will be impossible to buy an appliance that isn't "connected'. Connectivity will cost less than whatever the marketing companies will pay to track our habits, and all devices will include connectivity by default. We likely won't even be able to buy unconnected devices, because economies of scale will not exist to make them affordable.

    • I don't think it's about economies of scale, the machines will most certainly work offline. But connected smart appliances will be necessary for the use of opportunistic energy sources (like solar PV) without energy storage. You'll simply get a larger power bill.
      • You don't need your fridge to send information about its contents to google for the fridge being abled to recieve unidirectional energy price broadcasts. You can design protocols which remove the need for your energy company to know every detail of your energy consumption, and still enable dynamic energy prices.

    • To anyone currently building or planning to build a house: have a faraday cage built-in into the walls, floors and roof. That includes the windows. It's going to be a pain in the short term to not have wi-fi in your house, but in a decade or two you'll be glad you did.

    • by pla (258480) on Sunday June 15, 2014 @10:06AM (#47240189) Journal
      It doesn't matter if we WANT a "connected home". We are going to have it, like it or not. In a couple decades, it will be impossible to buy an appliance that isn't "connected'.

      You could say that today about things like printers and TVs - They always seem to want you to plug in a network and tell them how to get to the outside world. But! We have one option that will always work - Don't plug it in. And if it uses wireless, well, you should already use MAC whitelisting on your router (yes, I know, not "real" security, but as with so many other things, it keeps the "honest" casual-thieves away).

      Of course, with your TV, that will break functionality you may want, such as direct access to YouTube. With printers, I've never understood why they need to know how to get out of your LAN, they just need a valid local address; no gateway, no DNS required. And with your refrigerator, toaster, microwave oven? Sorry, but automatic restocking, a live video feed of the color of my toast, and remotely starting dinner don't really count as "killer apps" (except insofar as the last one will eventually lead to houses burning down as a result).

      The real problem comes with more expensive things like cars, where the cost of giving it its own cell connection falls far short of the marketing value of selling out your driving habits; in that case, though, you can disable it, they just make it somewhat difficult (in the case of my most recent car, I needed to pull out the entire center console to get at and unplug the TMU). But overall, the way to keep your devices offline? Pull the plug, simple as that.
      • by dissy (172727) on Sunday June 15, 2014 @11:46AM (#47240493)

        With printers, I've never understood why they need to know how to get out of your LAN, they just need a valid local address; no gateway, no DNS required.

        Most printer vendors these days offer a feature to print from the internet, and they figure (correctly I suspect) it's easier to have the printer connect out and poll than to explain how to port forward something through a home router to the average customer.

        HP for example assigns the printer an email address on one of their domains, and the printer just polls the mailbox.

        I suppose under the asumption one wants such a feature, this is the better way to go about it...

      • by AmiMoJo (196126) *

        We need a legal fix, not a technical fix. Cars are a good example - you shouldn't have to take your brand new motor apart to unplug stuff, and should be able to get the benefits you paid for without advertising and tracking.

        The EU already has something of a track record on data protection, and it seems like we just need to take it further. Devices like cars that can monitor your location need to be legally regulated so that they are never, ever allowed to sell that data.

        The only flaw is that law enforcement

  • by Anonymous Coward
    Mat Honan is no stranger to this kind of stuff and I'm really tired of hearing what he has to say. The thing that soured me was when he stuck his phone in his back pocket, sat on it in a taxicab, and the screen cracked...and promptly whined to someone else at Wired and had them write a whole article about phone glass to justify that it wasn't his fault that he plopped his ass down on his phone and busted the screen. [wired.com] This guy seems to blunder constantly and then blames all of the things that happened on some
  • by bananaquackmoo (1204116) on Sunday June 15, 2014 @10:06AM (#47240187)
    These days there really should be a basic computer networking class that everyone has to take. If there were then people would know how to fix these problems themselves. Lockdown your LAN and make sure you keep your wireless device software up to date with super strong passwords, if you really need to have wireless.
    • You sir, obviously, do not work in a customer-facing field.

    • by rubycodez (864176)

      95 out of 100 people are far too ignorant and stupid to handle that task. Where I work, managemnet just put out memo that we can no longer talk over the cubes about how untrainable and foolish the users are, clicking on the same scam links in emails and web pages that infect their pc again and again. Yes, managers, that's the problem, we the IT people. If we don't talk about those things the problem is solved.

    • It won't help. Too much is already under control of remote vendors. Google/Apple and the carrier can muck with your cell phone. Your telco can muck with your router. Your cable provider can muck with your cable box, and maybe your TV. So can your TV vendor. Your game machine is a slave to its vendor and the game providers. Your TV, computers, and Kinect may be watching you right now. Your remote-based security system definitely is.

      You don't control any of this stuff. Even if you run Ubuntu, it's always a

  • The Nightmare On Connected Home Street

    Connected Home Street itself is already a nightmare.

  • I refuse to build a Connected Home without Free Software. Imagine the security nightmares of SCADA and consumer electronics, together at last.

    This has to apply to the drivers and the peripheral firmware, too, because the Linux kernel has its own vulnerabilities.

  • Amusing to sit on the sidelines and watch the marketeers at work pushing garbage nobody is predisposed to care about in the first place.

    Apparently they refuse to understand home automation offers very little in the way of actual benefits to user where novelty of gimmick ridden ... "look ma I can flush my toilet from my iphone" ... get old quicker than 3-D glasses needed to view overpriced blue ray movies.

    Gimmicks are the turd left behind when you are unwilling or unable to provide actual value to the consum

  • by ruir (2709173)
    Your house is running Windows Rubish XXIII instead of StallMan XXX? Poor You...

Stupidity, like virtue, is its own reward.

Working...