Stroll the aisle at Home Depot or some other big box store these days and it can be hard to miss the so-called "Internet of Things": thermostats, refrigerators, light bulbs.
If you're not familiar with the concept, here's one explainer from CNN and another from Digital Trends.
In a hefty analysis of this growing industry last week, Ars Technica built a case not only for why IoT is the darling of so many business spheres but also what it means for our cyber and physical security:
"These devices do more than just talk to the Web. In some cases, Internet-connected embedded devices interact with other things in a way that can affect the physical world: spinning centrifuges a bit faster, unlocking and locking doors, turning up the heat, turning off brakes. Making devices visible to the Internet doesn't necessarily make them hackable in and of itself, but it certainly exposes any possible security gaps to a much larger audience of people willing to give it a shot. And some of these devices may already have well-known exploits that will give an attacker entry. That's because unlike most devices humans use, patching them is extremely complicated."
Sean Gallagher, the author, talked to NPR's Robert Siegel about Internet-connected light bulbs and why techies are leery of the Internet of Things. Listen to the audio above.
Here are a few additional excerpts from the interview:
On how Internet-connected light bulbs work
"On those particular light bulbs, what would have been the stem of the traditional light bulb and all the way up to where the LEDs are is all circuit board. And there are chips in there that could do wireless networking. Or, depending on how they're doing networking, there's something called Ethernet over powerline, and that allows you to do networking over your home electrical system."
"If you can imagine things like these light bulbs essentially as little personal computers, they essentially have a processor that is the equivalent of what would be in a mobile phone ... The ARM processor is a system on a chip, it's a computer on a chip. And it has memory. And it has storage, flash storage like you have on a thumb drive. And it has computing power. And that all fits into something about the size of a dime."
On possible future consumer uses of such light bulbs
"If you're wearing a smartwatch and that watch is giving off a low-power Bluetooth signal, there could be sensors in your light bulbs that detect when you're within a certain distance from them and raise the lighting level in a room when you enter it. And you could also have motion sensors that are networked to your light bulbs that do the same thing. So that's an example of how this technology may move forward. It's already happened in the building industry in the commercial space."
On potential security concerns
"If that light bulb is sharing the same Wi-Fi network as everything else in your home and you've given it essentially the Wi-Fi password to connect to your network, it can see everything on your network. So you could have your light bulb stealing everything that you print.
"The software that is on these devices, it's based on an operating system, that's a general-purpose operating system in many cases, and often it's built and sent out as cheaply as possible with very little done to check the security of the underlying software. ... The concern is that someone will be able to figure out a way to gain access to that and use these devices for malicious purposes.
"It's already happened with Internet routers. There's a group called the Lizard Squad that took over thousands of home routers and connected them to a website, which they let people use to conduct denial-of-service attacks against other websites. They were able to take down the Sony PlayStation gaming network and also attacked Microsoft's Xbox network ... using this site that was essentially remote-controlling thousands of zombie Internet routers. So you can imagine this applied to light bulbs and to dishwashers and to refrigerators as well."