Ondrej Vlcek: To do security properly is not cheap. All these vendors might be creating great coffee makers or toasters, but they have no experience in building software.
What they typically do is reuse something that is publicly available and hire some people. The end product is very poor when it comes to security quality. This is not feasible in the long term.
The government will ultimately have to get involved and provide some kind of framework to push the vendors to fix some of these things. First, viruses appeared. Then there were lots of security and anti-virus companies.
To really solve the problem, you also need cooperation from the device manufacturers. In this case, the device manufacturers like Microsoft really stepped up and invested a lot in securing their own operating system.
The same thing will have to ultimately happen in the IoT environment, but it’s so much harder because it’s so much more fragmented and larger in terms of the number of devices.
Sramana Mitra: I also feel that we are over-engineering society. Why do we need so many sensors or hardware capabilities in these home appliances? We are trying to solve problems that don’t exist.
Ondrej Vlcek: That’s an interesting way to look at it. Some of the devices that I’m seeing don’t make any sense. For these kinds of devices, the market will take care of it on its own. I don’t think people will be buying these devices. On the flip side, some of these IoT devices, especially when it comes to industrial, is powerful and transformational.
Sramana Mitra: Industrial IoT is a whole different ball game. It has real use cases. I was thinking more from the B2C side. It’s not a good idea to put that much of software and cyber security vulnerability.
Ondrej Vlcek: The biggest categories of IoT are still yet to come. What we see today is what I would call IoT 1.0 where you have companies trying to be innovative and creative. They’re putting these internet chips into all sorts of devices where it may not make sense.
When we go to IoT 2.0, it will be more about healthcare. There are so many things that could be prevented if things are diagnosed earlier. It can be life-saving. There are many examples where these kinds of things will have a significant impact on society and are still yet to come. They will involve IoT.
In general, I do agree with you. We are seeing so many gadgets where internet connectivity is more of a gimmick rather than solving a real problem.
Sramana Mitra: What are your thoughts about Alexa? What kind of security vulnerability is that opening up?
Ondrej Vlcek: Having a microphone in your home which is always on, is connected to the internet and is designed to transfer everything it records into some remote location, it clearly comes with some potential risks.
It may not necessarily involve just vulnerability in the device itself, it might be hijacked along the way. It could be that other devices on the network somehow misuse the Alexa box.
There is a whole array of security and privacy issues that are related to the home assistant category. I am not a user because I don’t trust it. At the same time, I understand the convenience.
Sramana Mitra: We never bought an Alexa. We, categorically, have chosen not to have an Alexa in our house.
Ondrej Vlcek: Alexa, as the device, is one thing. Alexa integration is another. Most TVs, for example, come with Alexa or Google Home integrators. You don’t need to have the Alexa device to have Alexa. There are so many integrations and so many devices that come. You may not even know that you have Alexa.