No Echo
On March 2, users of Amazon Echo devices worldwide were met with either silence or a variety of vanilla apologies from their Alexa AI voice assistants. For several hours, Alexa was down hard for everyone, and the service remained unavailable to some users for the entire day. The reason for the outage wasn’t immediately clear, but it was probably related to a spate of harsh weather which hit the East Coast of the United States. The strong winds knocked out power and network access to major metropolitan areas, including Northern Virginia where the most significant cluster of Amazon’s cloud services is located.
Smart homes left in the dark
The outage did more than make it more difficult for Alexa users to check the weather or restock their supply of Tide Pods. Since Amazon has been making a concerted effort to put the Echo at the center of people’s smart homes, many people found that the voice-controlled home gadgets they had become used to no longer worked. For some, this meant having to get up to turn on a physical light switch, but certainly others found that they had devices that no longer worked at all. For example, if you have Phillips Hue light bulbs that you normally command on with a call to Alexa, that message doesn’t pass straight from the local voice assistant to the bulbs. Instead, that sound bite is first transferred to Amazon’s servers where it is processed and translated. Then a message is sent to the Hue’s cloud servers which in turn sends the message back to the Phillips Hue Bridge on your local network. Only then can the Hue Bridge command the bulb to turn on. If any link in this network fails, whether it’s the one owned by Amazon, Phillips, or your Internet service provider, then you’re still sitting in the dark.
Your home isn’t that smart, but it knows how to phone a friend
This isn’t a limitation of Alexa devices only. The “smarts” in smart home devices are increasingly being farmed out to the cloud. Later in the same week, owners of Arlo cameras found that they were unable to log in to their accounts, meaning they couldn’t access live or recorded video from their security cameras. If you have a Samsung SmartThings V2 Hub, you may already know that although the Hub handles simple tasks locally, most devices and automations will not work without an active Internet connection. Without Internet access, it is not possible to access the Hub using the smartphone app, even when on your own home network. For the first version of the SmartThings Hub, the device was essentially inert without access to the cloud. SmartThings is one of the most popular smart home hubs and its Internet dependency is typical of other popular hubs such as Wink and Iris.
Could your smart home go bankrupt?
Temporary service interruption isn’t the only risk with Internet-reliant smart home devices. There’s also the possibility of the service being permanently terminated or being limited in some way. Some common ways that cloud services are often limited involve geographic restrictions, technical limitations, or a required service fee. In 2016, after Nest purchased smart home startup Revolv, the Revolv hub became a fancy plastic paperweight when the new owners decided to shut down Revolv’s cloud services. After consumer backlash, Nest refunded the purchase price to Revolv owners, but there was no obligation to do so. If the startup had gone bankrupt instead of being bought out, consumers would not have been so fortunate.
Your home as part of a smart ecosystem
What differentiates smart homes from simply one with remote control is data and processing. There is only so much of either that can be stored on a consumer device, especially one like the Amazon Echo or Google Home, which is intended to be placed prominently in every room of the house. Both those devices are essentially a speaker and microphone with a network interface. All the processing and data storage is handled on servers distributed throughout the world. The benefit to the user is access to virtually unlimited processing power, the information of the entire World Wide Web, and the addition of new features and software improvements without ever having to run a local update. The benefit to the provider of these services is the ability to collect data on all those users. This mostly turns to advertising. Google, for example, is able to better target advertising to individual users. Amazon promotes products through their store, encouraging impulse buys without the consumer ever having to look at a computer screen. Additionally, once users are committed to a smart device’s ecosystem, there’s plenty of room to upsell. Users of Echo devices might buy a subscription to Amazon Music Unlimited or Audible, where users of Google Home might buy into Google Play Music or Google Play Books. Requiring a constant connection to an online service helps smart home manufacturers either gently guide users to additional brand products through promotion or to simply block access to competing products. For this reason, rumors abound that popular streaming service Spotify is developing its own smart speaker to avoid being squeezed out by the other players in this rapidly growing market.
The convenience of a shared house key
Overwhelmingly, this paradigm of remote service dependency works out for the consumer. Since most have given up the concept that personal information, shopping habits, and Internet browsing history are private, they get access to a powerful service for the price of a single meal out. That is of course until the connection to that valuable service is severed or until they decide that maybe personal information should remain personal.
Home hackers?
Aside from the possibility of service outage or termination with cloud-based home automation, the privacy concerns are significant. If you’ve signed on to an online service that doesn’t charge, you can bet that at a minimum your basic information is being combined with all the other users and sold for marketing purposes. Specific data collected from a smart home would indicate what time you usually wake, leave home, and when you return, not to mention access to open your smart door locks. If you’re using a cloud service for a security camera, you certainly want that footage to be secure. As long as you’re working with a reputable service, you might not worry about intentional misuse of this access, but there is always a risk of some malevolent hack or data breach. With any cloud service, there are two primary vulnerabilities. The first risk is that someone could gain unauthorized access to the cloud server. This could compromise the personal information of everyone who uses the service and grant access to all those smart devices. The second risk is that your smart devices could be hijacked by someone guessing your password or exploiting a vulnerability to get into your account.
Do more than lock your doors
There are a few basic things you should be doing to secure your smart home devices. First, you should secure your home network. That means having a strong WiFi password and at least basic firewall rules on your home router. Likewise, you should maintain strong passwords for any cloud services you subscribe to and use 2-factor authentication whenever it is available. Finally, stick with large, well-trusted companies when buying into smart home devices that allow remote connections. These types of companies have a lot at stake in terms of reputation and the funds and experience to provide solid security measures. Also, make sure you’re prepared for the inevitable service outage. If that happens, will you be able to turn lights on in your home? What will be the impact if your security cameras don’t work or you can’t unlock your door with a smartphone? Outages happen with every service from time to time. The Alexa downtime, caused by failures on the same Amazon servers that back countless other cloud services should be ample proof of that. When it happens, don’t let your smart home make you look dumb.
