You leave the office after a long day’s work, and on your way back, you take out your mobile phone and with a simple gesture you send a command to your kitchen robot for it to begin to make the dinner, set the temperature of the thermostat to 24ºC and check that your teenager son or daughter has arrived an hour ago and is in his or her bedroom.
In addition, you receive a notification saying that the washing machine program has finished, so you will have to hang out the washing when you get home (It is a pity that smart homes are not as good as we would like them to be).
As you enter through the door of your house, the lights go on and off while you go down the hall to the kitchen, where the fridge warns you that you have to buy milk soon and, if you wish so, it can make the order. At that moment, your partner enters with your little daughter who asks you if she can watch those cartoons she likes so much on the TV, so you ask your virtual assistant to turn on the television and put on the cartoon channel.
After dinner, when the children are in bed, the lights in the room dim and change to a warmer tone, while you tell the virtual assistant to turn off the television and play some music that matches your mood at that moment.
These expository scenes, which may seem futuristic, can be applied nowadays to any smart home that has the necessary elements. Many large companies such as Apple (HomeKit), Samsung (SmartThings), Philips (Hue), Amazon (Alexa) or Google (Assistant) have opted to create the necessary devices to turn our houses into places where technology is the basis for making our daily tasks easier.
However, like all technologies, it has its problems, and one of the most important is security. Security issues occur almost daily, and may well affect your computer (Virus, malware, ransomware, etc.), or your bank (credit card thefts, credentials, etc.), and even your country (web defacing, DoS attacks, etc). Your smart home is not an exception. It is exposed to similar attacks and hacks. Imagine this, for example a criminal could learn from your devices and know when there is no one in your house, raise the heating or switch on the air conditioning to increase your energy costs. Or even worse: the criminal could just have to turn off the alarm using one of the possible vulnerable devices and break into your house (maybe hacking your smart lock).
It is not just a matter of security. It is also necessary to take privacy into account (Take the Facebook and Alexa cases as examples). As we know, almost all our habits (the channels we see, the music we listen to, the food we buy, etc.) are stored and used to “improve” the user experience. Our virtual assistant, for example, would not be able to offer us the music we like if we have not shared that information with the company behind it.
Therefore, both security and privacy should be in the Top 5 important things for both manufacturers and consumers of technologies for smart homes. For the manufacturers, because they must protect their devices and keep them updated so that security threats will not be able to affect them, in addition to being responsible for the data we give them voluntarily to offer us a service. For consumers, because they must take into account that there is no device which is 100% safe; they should be a help and not be a necessity (they have to be able to “survive” without them). And above all, consumers must understand that most of the data that they are sharing with companies which provide them with a service is no longer theirs once they reach the company’s servers.
Article written by Luis Cuervo, Security Manager at Barbara IoT.