Mr. Schneier argues that the economic and technical incentives of the internet-of-things industry do not align with security and privacy for society generally. Putting a computer in everything turns the whole world into a computer security threat — and the hacks and bugs uncovered in just the last few weeks at Facebook and Google illustrate how difficult digital security is even for the biggest tech companies. In a roboticized world, hacks would not just affect your data but could endanger your property, your life and even national security.
Mr. Schneier says only government intervention can save us from such emerging calamities. He calls for reimagining the regulatory regime surrounding digital security in the same way the federal government altered its national security apparatus after the Sept. 11, 2001, attacks. Among other ideas, he outlines the need for a new federal agency, the National Cyber Office, which he imagines researching, advising and coordinating a response to threats posed by an everything-internet.
“I can think of no industry in the past 100 years that has improved its safety and security without being compelled to do so by government,” he wrote. But he conceded that government intervention seems unlikely at best. “In our government-can’t-do-anything-ever society, I don’t see any reining in of the corporate trends,” he said.
Those trends are now obvious. It used to be difficult to add internet connectivity to home devices, but in the last few years the cost and complexity of doing so have plummeted. Today, off-the-shelf minicomputers like the Arduino can be used to turn just about any household object “smart.” Systems like the one Amazon is offering promise to accelerate the development of internet-of-things devices even further.
At a press event last month, an Amazon engineer showed how easily a maker of household fans could create a “smart” fan using Amazon’s chip, known as the Alexa Connect Kit. The kit, which Amazon is testing with some manufacturers, would simply be plugged into the fan’s control unit during assembly. The manufacturer also has to write a few lines of code — in the example of the fan, the Amazon engineer needed just a half-page of code.
And that’s it. The fan’s digital bits (including security and cloud storage) are all handled by Amazon. If you buy it from Amazon, the fan will automatically connect with your home network and start obeying commands issued to your Alexa. Just plug it in.
This system illustrates Mr. Schneier’s larger argument, which is that the cost of adding computers to objects will get so small that it will make sense for manufacturers to connect every type of device to the internet.