Friday, June 20, 2008

Smart Appliances

The era of smart appliances is upon us. And for the most part, this should be a good thing. The ability to adjust your thermostat remotely, or enable your air conditioner to adjust to power availability and pricing is just good sense. And even the ability of vendors to remotely diagnose problems instead of sending repair people makes great sense.

On the other hand, it behooves one to be smart about making smart appliances. This notion apparently didn't occur to the makers of the Jura Impressa F90 coffee maker. This is, in fact, the big techie nightmare: that some relatively innocuous, non-critical system opens a huge hole in the security that can lead to wider problems.

The fact that someone can reprogram your coffee maker to pour too much water in the cup is annoying, but can be fixed. The fact that your coffee maker can compromise your computer and therefore potentially your entire home network is downright frightening. Attacking the larger network via consumer commodity products is insidious and potentially devastating. Recent stories about vulnerabilities in wireless routers (you have changed your admin password, haven't you?) and digital picture frames highlight the social engineering aspect of this problem: taking advantage of naive customers to gain access to their systems, from where further mischief can be launched.

Caveat emptor.


Laura E. Goodin said...

Wow, I didn't know that about the digital picture frames. I'd been toying with the idea of getting one. I guess I'll wait. (I don't see what the writer of that piece has against them, other than the security issues -- I think it's a cool idea.)

Rod said...

If companies with large software teams like Microsoft don't seem to fully appreciate security (after all, their autorun feature is the primary reason digital picture frames can spread viruses), what chance do appliance manufacturers with tiny software groups have of creating a secure implementation? Furthermore without an obvious and standardized method for consumers to update all these appliances with the inevitable fixes for security holes and other bugs, there's little chance that these problems will be corrected in the majority of homes.