Three-quarters of IoT projects are failing, says Cisco As many as three-quarters of IoT projects are a flop, according to Cisco. But rather than having fewer crappy connected devices, Switchzilla reckons what's needed is a better IoT architecture. If only someone could help... Some 60 per cent of IoT projects stall at the proof of concept stage, with just 26 per cent going on to …
I've been saying for years IoT is pretty pointless. So many people are either clueless about security or just don't care. And because of this, hipsters make pointless IoT devices and just want it to "work" so screw the security "The end user doesn't care, they just want it to work" they say.
Bullshit. It's because you're a hipster and just want to get your "hip" new gadget to market as soon as, in the hope someone like Facebook, Google or any of the other big companies buy you out.
Trouble is, the idiot UK government want to be see to be "down with the kids" so are jumping on the IoT hype.
https://www.gov.uk/government/news/internet-of-things-1-million-to-support-new-hardware
What a waste of money. This comes from, no doubt, an IT director who'll be working in a "digital" department but who'll have sod all clue about IT. The people above will be just as clueless so said director can sell them bullshit until he or she leaves.
I've been saying for years IoT is pretty pointless.
I think the lack of purpose and added value is at the core of the lack of security. If the benefits or IoT tat are small, so's the value that can be garnered commercially. And if the volume or margins are slim, the development budget will be tiny. We've seen enough security vulnerability on higher value products (eg wireless car keys for premium makes) to know that security can be weak even when people do think about it.
Now imagine what the budget and effort for security will be when some spotty startup goes begging for VC funding to develop an IoT lighbulb, a smart thermostat, or an internet connected goatee trimmer? The VCs don't care - all they need is to prove the concept sufficiently to sell onto a greater fool.
That is no reason to leave the front door open.
Who am I kidding ? Where IoT is concerned, the front door is not only open, it is absent. The back door has no lock, the garage door is blocked open and the windows have no panes. The roof might be missing as well.
Now is not the time to find excuses for how threats might get in.
That's probably because most of the IoT projects that do succeed aren't for the domestic market but rather are used in a commercial setting.
I'm aware of sever IoT project the company I worked for was involved with,
1) Sensor in milk vats to measure temperature and other data to be transmitted via the internet, and the results analysed in the cloud to ensure milk quality.
2) Electronic tags for cows and sensors to track stock movement, breeding/production results.
OK yes there are a whole host of internet connected things that have no real need to be connected to the internet. But that doesn't make IOT as whole a complete waste of time, and lets not forget that not every IOT device is made up of a poorly configured Linux distribution crammed on a puny ARM chip shipping with all sort of default services and passwords. However perhaps the reason such solutions do exist is because the secure OS & interfaces that should be deployed on these devices are too young/too expensive/too complicated to implement or even do not yet exist.
Remote control, logging and monitoring solutions that would previously have been very difficult/expensive to design and deploy are being enabled by this technology.
I am involved in a small IOT project and what I have noticed is that for projects of this size there are some fairly epic fundamental security failings that are largely ignored because the same tools/services are touted at interested small developers and hobbyists (apparently they don't need to be secure) as for business.
For instance Particle has a an embedded IOT device that talks securely to Particles cloud, provided you can interface the Particle Cloud and Webhooks with your website or 3rd party platform what you have is a nicely designed secure platform for a small WiFi connected device. However you might find that your chosen 3rd party provider doesn't have an interface for Webhooks (unlikely I think) or perhaps the developer is feeling lazy. In that instance you can instead download a library that communicates with the 3rd party service directly (blynk, ubidots cayenne etc). The problem is that the Photon (currently) isn't capable of secure comms to any other endpoint than its own cloud so all data and commands are sent in the clear. This isn't a problem restricted to the Photon, the same appears to be true for similar libraries available for arduino, esp8266 and other popular platforms even where secure communication is possible on that platform. It would seem to me it should perhaps be a legislative requirement that insecure sockets are not offered on these services. Sure that might leave a few hobbyists crying into their flux covered hands now their IOT garage door doesn't talk to IFTTT anymore but at least it would raise the bar just a little bit.
Oh bollocks, IOT is a buzzword for something that has existed for decades, you could phreak a connected box in the 90s and and you can attack it over a normal network now, same problems, slightly different interface. Some things are connected because they need to be or because it makes it or you SAFER. Imagine that...
This "connected device" nonsense is another instance of companies trying to solve a need that doesn't exist, by creating tech that isn't really needed, just to sell something to customers and get rich doing it. Who really needs a Touchscreen on their fridge? Who really needs Alexa or Google Now, or any other voice activated assistant? This IOT nonsense is a desire for companies to sell products and make money, not something anyone really needs. Not something that allows anyone to be more productive or accomplish something that can't be done in a more efficient way with existing tech that is NOT IOT.
As people have pointed out time and again, there are many products that have internet connectivity that have no business doing so: salt shaker, light bulb, &c &c. There are a few products that have internet connectivity that do add some useful functionality but, without fail, the manufacturer decides that installing a $3 module now entitles them to monetize the "experience" and/or add a passel of features that are useless or inconvenient (social media connectivity for your water heater, anyone?). And to add insult to injury, many of them remove functionality if not outright brick the product when the support period ends.
Giving appliances a full color high resolution touchscreen goes a long way towards enhancing the user interface, especially for things you only interact with once in a while. Remember programming a 90's vintage thermostat? Select day, select zone, select first temperature, select start time, confirm, select second temperature, select start time, confirm, skip third temperature, select second zone, select time, and so on and so forth; all on an LCD display from a Tiger handheld game with four input buttons to boot. What's so wrong with having a device generate a one-time pairing code for occasional programming via a simple phone app and leaving it at that?
Ignoring the security issues for a second which are extremely complex a lot of you are looking at this from a consumer point of view. There's a lot of business cases for IoT now and in the future.
What about the NHS which has a shortage of beds. If your not critically ill but they keep you in overnight to observe you then your still taking a bed. What if the metric they wanted to monitor could be gathered from a small IoT device you wear at home. It frees up a bed and you get to go home earlier. Overall that benefits the patient and the hospital assuming the device isn't that expensive and reuseable.
There's loads of good uses you could think up, just the security is a major issue of course.
And the point is?
Most (reports point from 60-80%) of IT projects fail anyway.... and thats been the case since the 80s (and probably before) up to today..... so nothing new in the banner.
I dont see IoT projects being any different to any other project that we are able to stuff up due to scope/time/money
"Some 60 per cent of IoT projects stall at the proof of concept stage, with just 26 per cent going on to be be viewed as a complete success, according to a survey of 1,845 IT bods by the biz."
Given the *cough* quality, *cough* value to the custumer, *cough* functionality, and above all *cough* security of the devices that do make it into the wild, aka the market - I'm kinda scared to contemplate what those 60%-devices that didn't make it past proof of concept were like.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
