Listen to the audio version of this article!
Movies often explore how fictional technology might be used and especially how we might manage to muck it up. While often only used to further the plot, technology shown in films can help us learn real-world lessons about developing for the Internet of Things. Let’s explore some of IoT examples in cinema and see if we can’t shake out fact from fiction.
Full disclosure: spoilers ahead.
The Fate of the Furious – Hacking Cars
In the Fate of the Furious, one of the major plot points involves elite hacker Cipher hacking into thousands of vehicles in real-time and causing them to drive themselves in a vehicular flood down the streets of NYC to block a politician’s motorcade.
The fact is, vehicles have been hacked in real life. As many as 1.4 million Fiat Chrysler group vehicles have been recalled for a single vulnerability, which allowed hackers to remotely control windshield wipers, navigation systems, and even brakes and steering (but only while the vehicle was in reverse).
Fortunately, we’re not at the point where hacks have been widespread or caused harm. So far there have been no documented use of these vulnerabilities in the wild, but we can’t rest on our laurels.
The aforementioned Chrysler vehicles had to be returned to the dealership and receive an update via a flash drive. This is hardly the most efficient way to update software or even firmware.
Tesla provides a better example. Although they also had a documented security vulnerability that allowed for some remote control of the vehicle, they were able to upgrade their software over-the-air. Have a security strategy, anticipate vulnerabilities, and create a plan to handle them.
Rouge One – Stealing Data
In one of the most pivotal scenes, robot K-2SO, main character Jyn, and compatriot Cassian enter a secure databank under a hail of blaster fire. Jyn realizes that the only way to retrieve the data is to physically climb into the data center and pull the data tape out.
I’m not the only one who wonders how faster-than-light space travel and data tapes coexist, but I suppose we have to remember this is a long time ago in a galaxy far, far away. In any case, this data is then turned over to the rebels, forming a neat dovetail with the original Star Wars movie. How poetic.
Real-world data centers have armed guards (one hopes they have better aim than Stormtroopers). When developing for the Internet of Things, however, the physical vector for security breaches is increased because you tend to have a lot of hardware out in the wild that’s connected to your network. Those developing web apps don’t have to worry, but there are special steps you need to take in IoT.
For starters, make sure you remove USB ports from your end products, encrypt your data on the device and in the cloud, and use anti-tamper cases that send an alert when opened. You never know what rebels or hackers want to do with the information you’re creating, so stay on the right side of the force and secure your physical devices.
The Dark Knight – Breaching Privacy
Batman, ever the lover of technology, took things a bit too far in this epic fight against The Joker. Cautioned against doing so, he created a technology that allowed him to see the world around him through people’s phones using what amounts to echolocation. Because he’s a bat-man, you see.
He realizes that the power of this technology is too great for anyone but him to handle, so in the end, to keep it out of the hands of others, he destroys a bunch of screens. I don’t know if Batman knows how technology works, but there’s probably a backup in GitHub somewhere, Bruce.
Although we can’t yet visually teleport from device to device around us using a bat-helmet, as also depicted in the film, the truth is that right this second you can take a peek through the lenses of insecure baby monitors and IP cameras across the world. Malware such as Stuxnet and Flame allow governments to silently look through webcams in even the most up-to-date software. So what is an IoT advocate to say about this?
First, only include the sensors you need in your hardware. No one can hack what isn’t there! Simple security precautions can help, as well. One easily avoidable vulnerability allowed the infamous Marai botnet to occur: the use of default usernames and passwords. Users who never changed these created a simple way for external users to gain access, so that’s a big no-no. If you must include a default username and password, randomize them.
Then, make sure your software and firmware stay up-to-date. As noted above, have a strategy for upgrading and downgrading any software you have on your devices. Whenever possible, only allow your device to initiate the conversation with the internet: don’t have open ports that anyone can access.
Grab some popcorn because the future of the Internet of Things is bound to be quite the saga. There will be challenges that will manifest themselves in all sorts of ways we can’t yet imagine. Film offers a fun way to harmlessly explore the implications of technology, and as we move forward and create the future of the Internet of Things, let’s learn from the mistakes of fiction and create the best connected world we can.