There’s no denying that the Internet of Things (IoT) has a handful of major security and privacy problems. From Amazon’s Alexa ‘spying’ on our conversations to easily hackable pacemakers, connected devices have let the industry and their users down, time and time again. Trust in IoT is so low that almost two-thirds of the market consider connected devices as “creepy”.
On the other hand, IoT has a huge potential to make our lives better. Whether it’s medical devices monitoring patients’ health or sensors optimizing energy use at our homes, IoT can bring significant advantages to nearly any industry.
With security and privacy issues standing in the way of the technology’s safe adoption, the big question is: Can blockchain help the Internet of Things reach its full potential?
Internet of Spying Things
It’s no longer paranoid to worry that your smart home or fitness trackers are spying on you. This year, it was reported that Amazon employees are listening to users’ Alexa recordings as part of AI training. Not much later, the news broke that Google is doing the same with Google Home. Even though the samples were anonymized, Google whistleblowers reported that some recordings allowed to re-identify the users. They also claimed to have heard anything from bedroom activities to domestic violence on the tapes, proving that no material is too sensitive for tech corporates to use.
In Amazon’s case, users could opt out of the function “Help Develop New Features” in the device settings. But until the scandal blew up, no one knew that “helping develop new features” was Orwellian language for having strangers eavesdrop on you. As is often the case with tech companies, the default option for Amazon and Google was over-collection of data rather than privacy protection.
Even if we rule out the IoT manufacturers spying on us, there are countless examples of connected devices getting hacked. In fact, it’s relatively easy to hack a connected device that when the Atlantic devised a test with a fake wireless toaster, it was compromised within an hour. That’s because IoT’s greatest advantage — its connectivity — is a substantial cyber vulnerability at the same time. Security cameras and baby monitors are easy to connect to remotely by just about anyone, including the people you don’t wish to share access with.
Given the nature of the information collected by IoT devices, their hackability is terrifying. Be it a constant stream of data about your health, or a 24/7 video coverage of your kid’s room; this isn’t the kind of information you would want to be compromised.
The good news is that home appliances can be secured with Wi-Fi VPN. If you install a VPN on your router, it will encrypt the traffic on all devices connected to your home Wi-Fi. This way, the data flow from your smart home or security camera will be protected from snooping hackers. The bad news is that this only works for IoT devices you use at home. Your Fitbit or Apple Watch will be exposed to threat as soon as you step outside the secure network.
Is blockchain the answer?
Blockchain is already being integrated with IoT in some industries, such as supply chain management. However, the applications of blockchain for IoT security and privacy are still very much in their infancy.
Initiatives like the Hong Kong-based Blockpass are looking into developing a blockchain-based identification for connected devices that would serve as a form of user and device verification. This could be an effective measure of keeping hackers out. Additionally, the decentralized model could be used to bring more transparency to the way IoT-harvested data is being used. That is, assuming that IoT manufacturers would be willing to give up their data monopoly.
As a technology that has transparency and trust built into its DNA, blockchain can potentially offer IoT a lot in terms of increasing security. On the flipside, blockchain is computationally expensive and involves high bandwidth overhead, which the current IoT industry isn’t likely to sustain.
While blockchain is the perfect answer, in theory, we might have to wait a while before it becomes one in practice across the industry.