My friends and I talk a lot about the Internet of Things and we feel that exposing every single device on your LAN to the Internet directly could have some pretty large consequences. We jokingly said “The LAN of Things would be better!”
Turns out, That’s not an entirely terrible idea.
I don’t like the idea that everything in my house is directly on the internet - what if the company that made it goes out of business, then someone figures out how to put malicious software on them? Do I just live with my botnet lightbulbs now? Do I replace them? This is a problem that I feel is a significant blockade in adoption of home automation tools.
I initially proposed this as a bunch of devices that have some type of standard communication protocol that use some kind of zero-configuration protocol to mesh with each other, but never accessing the internet. I played with the idea of using UPnP - It was an existing standard that had been used for these types of devices. Maybe that would work. I haven’t done much development on this, but that was the direction I was going.
I know some devices support this, being some kind of smart hub device - the devices they manage don’t actually have the ability to connect to the Internet. They use some other kind of protocol, I’ve seen the ZigBee protocol used a few times. The specifics are irrelevant, however, having a central hub where the manufacturer is an established company that intends to support the firmware on that device for a significant period of time is the important part. Maybe that hub is just your home router? The hub would handle the Internet communications, then forward acceptable commands to each device, never exposing them directly, and verifying that the messages aren’t malformed or corrupted.
Sure, you may want to IoT-ify a lamp in your house. Just one. I’d still say that the hub idea should be used. If we get into the habit of saying “Sure it’s okay if it’s only one” then people will adopt that option since each little thingamajig isn’t anywhere near the cost of that hub device - but over time they spend more on the devices than the would have on devices that use a hub + the hub unit.
Now their house could become a network of potentially rogue Internet-connected devices. That’s not ideal for anyone.
This is why I’m pointing out that it could be integrated into home routers, or other devices everyone has. It’d be a thing that provides other useful services on top, then over time, it could get to the point where these IoT devices are actually pretty isolated from the Internet, existing on a network that has an intermediary making sure that nothing malicious gets through.