Putting Connected Devices on Lockdown
Photograph by David Becker/Getty Images
Belkin International, in Playa Vista, Calif., is considering a change in how it handles open access to its WeMo line of connected devices in an attempt to make them more secure, according to the company and to sources. Belkin’s WeMo products consist of two connected outlets, a baby monitor, a light switch, and a motion sensor. The products let you control the various devices from an app and are tied into several other connected home services such as SmartThings and Revolv.
The devices use Wi-Fi and can connect directly to the Internet, and early this year hackers exploited that to take control of a WeMo outlet. It’s hard to imagine exactly how much damage one can do with control of an outlet (if I used it to plug in my chainsaw or food processor, an unexpected switch could result in a lost finger, I suppose). Meantime, as it expands its line of products, Belkin appears to be thinking ahead.
A source told me that the company was thinking about locking down its ecosystem, which might make it hard for companies to build support for WeMo into their platforms, but Belkin stressed that its partnerships are very important to it. From a statement sent via e-mail by Leah Polk, a Belkin spokeswoman:
“Long story short, we aren’t planning anything in the near term. We love that people and companies are building solutions that control WeMo, and have no definite plans to change that. However, because of WeMo’s success, we are looking at ways to expand the platform to make it more robust and secure, as well as providing support for our development partners. This may mean that we need to secure the open protocols that are currently being used, but if we do go that route we would offer an alternative and supported development kit that will enable the same functionality.”
That right there is the fine line that companies have to walk as they build out the Internet of Things. While it’s awesome that Belkin has let other parties build support for its products into their products without some formal partnership, that may end up being the security equivalent of leaving your front door not just unlocked but swinging wide open.
While startups might support WeMo devices and find it easy to do so because of that open door, other companies that might want to offer service contracts or have an established brand behind them could view that as a little too risky. So if Belkin can find a middle ground where it shuts the door, and maybe even locks it, but still is willing to throw resources behind having someone open the door to legit partners, that could work.
What that actually looks like in practice, though is still unclear, as Belkin is still discussing this. On the opposite side of the spectrum is Nest, a company that started out locked down and is now pledging to open up its API in January. What’s increasingly clear, though, is that while consumers might buy one connected device without a vision of connecting their entire home, once you have that connected object, it’s hard not to look around and wonder what else you could connect it to.
So locking things down tightly probably isn’t going to be the right strategy in the future, which means that efforts like Belkin’s and Nest’s will be important to watch in the coming year.
Also from Gigaom