Could your internet connected Kettle get you into hot water….

by Greg, August 9th, 2018


Tags: big databig data analyticsiotit securitysecurity

What Happens when Big Data Analytics Meets the Internet of Things ?

The other day I was chatting to some like-minded techies about The Internet of Things and the seemingly pointless nature of certain commercial products that have been created in the wake of this all-consuming trend.

An Internet connected kettle for instance, what’s the actual point of this? As the conversation escalated, we tried to trump one another with the useful (and useless) features that this technology enables and we realised that the debate around the future of the IoT and its impact on the everyday and our security is both fascinating and slightly scary.

Let’s look at its positives. Assuming your Internet connected kettle has an app for your mobile device, it can:

  • Be turned on and off
  • Alert you when it has boiled.
  • Send descaling prompts (By measuring the power
    required to heat x litres of water at x degrees).
  • Warn you when you over-fill for your
    requirements (energy savings).
  • Tell you off for boiling but not using the water.
  • Provide greater flexibility in delivering water
    at different temperatures at different times – easier to heat baby milk at 4am.
  • Integrate with other devices – how about
    auto-boiling your water for the gravy once your Sunday roast hits the right
    temperature? (You get the idea).

Many of these selling points are a little tenuous and somewhat over-engineered but maybe there are enough reasons for us to think why not get this new state of the art kettle.

After all, it’s a new gadget to tell your mates about down the pub, and a bit like having a robot make your tea – which is cool right?

Let’s assume this kettle needs to be connected to an Internet service that is run by the vendor. You are happy with this because you get some semi interesting info on a cool looking app to show to your mates, convincing them of the importance of having an Internet connected kettle like yours.

But what can the vendor learn about you from a cup of tea? The truth about what your kettle knows and discloses is pretty sobering.

Many of the following insights will be an educated guess on the vendor’s part built over time using data analytics, but it’s not impossible to assume that they may learn:

  • Your public IP Address and mac, maybe leading to
    your general location.
  • The brand of router you have (using the Mac0 and
    guessing the model and age), leading to a guess at your password (if you left
    it at the default).
  • Your Internet provider and information regarding
    your connection and speed.
  • Your Wireless ID SSID and Password – perhaps
    leaving access to your network.
  • Your usage patterns, your work shifts and hours
    spent out of the house. Maybe even your profession based on these stats.
  • Your commute patterns and timings – assuming you
    put the kettle on when you get home.
  • An idea of when you go to bed (if you have a cup
    of tea or hot water bottle before-hand).
  • What TV programmes you like by assuming that you
    make tea in the ad breaks and then correlating this data to the TV guide.
  • When you are ill by looking at random days at
    home with lots of kettle use.
  • How many people live at the house based on consumption
    patterns (quantity, timing, frequency etc). Are you single, in a couple or have
    a family?
  • Guess if you have babies by looking at the
    timing and frequency of use.
  • Understand when you are likely to be in or out
    of the house.
  • Learn when you typically go on holiday.
  • Where your children go to school – Match Holiday
    data, arrival times etc. to school term times to enhance the data with travel
    and traffic data. Then look up local schools that have different holiday times
    and maybe guess what school your kids are at. Is it a private school or
    state?

The list goes on…don’t you just love big data analytics?

Let’s assume that you completed a simple registration process for the app, submitting your name, email and possibly an address for an “Enhanced Warranty”. Maybe you just use your normal “default” password as it’s easy
to remember.

Maybe you just use your normal “default” password as it’s easy to remember. (You know the same one you use for email, Facebook
etc….)

You probably didn’t read the small print (who does?) because after-all, it’s just a kettle, so you don’t realise that the vendor now has the right to sell your data. Data that is personal to you and your household and potentially very valuable.

Cue Internet service providers trying to upgrade you, holiday companies selling you flights, an onslaught of personalised children and baby related marketing…the list goes on.

Did I mention that the vendor set a cookie when you registered online so now your entire future online experience and advertising is targeted and influenced by your consumption habits? All from this little kettle!

You better hope your kettle vendor is trustworthy and ethical, because they just might know more about you than you think or want them to. Worth considering when you make that all-important Kettle purchase.

Your 20 quid kettle may end up costing you a lot more that you’d bargained for.

 

About Greg

Leave A Reply

Your email address will not be published. Required fields are marked *