The Internet of Things will surely happen.  But I have this nagging feeling that it will take some time before it reaches its full potential. I translated this blogpost from Norwegian to collect input from a broader audience. Credited findings will be presented on my presentation at the NDC 2014 conference

An electric heater finds its place

The year is 2030. My daughter Ingvild (who is seven years old now – and has made the illustrations here) comes by since she was alerted that I had a dangerously high blood pressure.

After she’s made a phone call to my doctor, yelling at him for his negligence, she heads to a store, looking for a new electric heater.

She finds one that seems to fit in her house, and stands there in front of it, seemingly talking a little to herself. The purchase is made​​, and she walks out of the store with the heater. Outside she is immediately picked up by a public transport, who knew where she was, and where she’s going.

She’s chatting with neighbors on their way from work before being dropped off in front of the house. Inside she replaces the old heater, whereupon she heads upstairs to play with her children.

The new heater is automatically recognized as such, and is already approved by the management system. Automatic checks were made while she was gazing at it in the shop, and the security authentication and authorization happened right after the purchase. The heater registers itself as a heat source northwest on the ground floor, and is now sitting there ready to be told what to do. The management system was set up when they moved in a few years ago, and Ingvild has rarely needed to make any changes. She didn’t need to touch it today either.

Ingvild mentions something about stupid doctors to her husband, and that she finally got around to replace the heater that had reported to be ailing. The family enjoys their evening meal, and discuss plans for the upcoming vacation.

Why 2030?

Perhaps I am too pessimistic. Perhaps it should read 2020. We have had computers embedded in all sorts of devices for a long time already, and an increasing number of them are connected to the internet. The Internet of Things (IoT) is coming, and will surely have a beneficial impact on the environment.

Just consider how much easier car-pooling will be. Not to mention an economical way of controlling heating in houses, The European Union is making regulations that demand all new cars to be equipped with sensors and communicate with eachother in real time.

In a not too distant future, you will be warned if a lorry is coming at you in the wrong lane. You have perhaps already got yourselves a FitBit bracelet that talks to your mobile, keeping you informed about how well you are performing compared to your best friend or spouse.

The research companies are telling us that the IoT will create a fantastic new market, and herald the coming revolution. So again: Why did I write 2030?

• We need standards for classification and cooperation
• Security and user friendliness need to be drastically improved
• IPV6 must be implemented
• The vertical business models must give way to open markets
• It takes time

On the internet, nobody knows you are a toaster

To make my scenario work, the world needs to agree upon a system of classification. A heater from Philips may have other properties than its counterpart from Electrolux, but the basic functionality must be recognized, and it has to be discovered as a heater when it connects to the network.

Further, it should adher to some protocol allowing it to be controlled and yield information. So we need a protocol for this interaction, and a classification system with a flexible ontology. I know there are candidates for both, but right now the incentives don’t seem attractive enough for the manufacturers to agree upon them. Perhaps they have already invested too much in their own stuff, and are afraid of letting the enemy in on their home turf.

Security

The regional VP of Google said the other day that when a TV company brought Google Glass along to demo, the people on the street reacted with fear. Many people have become squeamish because of the recent revelations about NSA. And such a device would make it even easier to monitor our movements and actions.

Even though the story about hijacked refridgerators lacked credibility, there is no doubt that we are bringing all the security vulnerabilities and hazards from the internet into the IoT. Security experts are telling us that unless we make security a first-class priority, the IoT can actually become quite a miserable place. What if a cyber-attack sets fire to entire neighbourhoods of connected houses?

When my daughter Ingvild is at work, her mobile and laptop or whatever devices she has, will be in a totally different context from when she is in a public place like the shop. How can she be recognized across all these contexts, and be given the appropriate authorization to do things? Who is the single authority for authentication and authorization? What if she goes on a holiday to Sweden? How can she avoid uncalled-for surveilance by the government? Are we looking at some grisly version of the world depicted in the movie «Minority Report»?

The solution may not be unreachable. The «Dark web» and the TOR browser show us that if security and privacy are primary requirements from the get-go, it becomes challenging for even NSA to hack it. Some people argue that we can devise a Block Chain-like mechanism to provide authentication without having to resort to a single authority.

Usability

I have read some reviews of IoT boxes that are supposed to orchestrate our homes. In most cases, the usability has been deemed to be horrible. In my scenario, Ingvild is not confronted by some unintelligible interfarce with arcane settings. Actually, the systems just get out of her way and let her get on with her life. Again, open standards are needed to facilitate this elegant modus operandi.

Inadequate address space in IPV4

People in the know say that the IoT is unthinkable without IPV6. IPV4 was made to cater for roughly 4 billion devices, and that address space is being depleted. Institutions like GSMA and Cisco speak of tens of billions of connected devices in the IoT. Telecom operators and others have so far compensated by employing various NAT (Network Address Translation) schemes, but warn that they can only continue to do so for a limited time.

Most recent computers and smartphones are already prepared for IPV6, as are most infrastructure components. But not all ISP’s provide it. Consumers that can use IPV6 today need to keep access to both protocols, since only a few content providers provide IPV6 in addition to IPV4. And you can’t reach an IPV4-only website from an IPV6-only client.

Then there’s security for your home devices. The IPV4 routers incidentally deliver a sort of firewall-like functionality, since the internal addresses are not reachable from the outside (a.k.a NAT). With IPV6, all your devices get an «official» IP address, and can be attacked by hackers  – if you don’t have a firewall functionality in your router.  That could result in a veritable hack-feast if your devices (think fridge, TV Set, etc.) lack proper security implementation.

Right now, most people won’t understand the motivation to switch to IPV6, since they won’t receive any short-term tangible benefits. After all, the internet protocols are the invisible «glue» that keep the web together. On the other hand – perhaps the IoT will be what it takes to give IPV6 a better market penetration?

Vertical business models considered harmful

Right now you can purchase a coffee maker or a fridge with an app that allows you to communicate with it regardless of your whereabouts. Because of the lack of standardization, you may have to install a separate app for each and every conneced device that you bring home. Instead of «Internet OF things», it should be called «Internet AND things».

It is no wonder that the vendors are inspired by the highly profitable business models that Amazon and Apple have made for content managment. But when it comes to your own home, you would surely not be happy if you could buy appliances from only one vendor? What happened to the free market? We need open markets and standards before IoT can reach critical mass.

Time is an illusion – lunchtime doubly so. But this will take some.

How often do you replace your refridgerator or your heaters? Even if you can save substantially on your power bill, it would not justify replacing all your electrical appliances. Sadly, it would also be quite harmful for the environment. All the things you buy will have to be produced, and the things you chuck away – can you recycle all of them?

At best, we will see a gradual change when new products enter the market. Some people may take the leap when they refurbush their homes or move into new ones. Combine this fact with the lack of standards, mysterious introduction of IPV6, lack of usability with todays closed business models, and do the math.

2015? 2020? 2025? 2030?

If you aren’t intimidated by a soldering iron and know some basic programming, you can create a capable IoT system in your own home. I have described the first few steps in this blogpost. Then there are the ready-made boxes and systems for those uncabable of soldering. But I have a feeling that it will take some time before IoT becomes an integral part of people’s lives.