Slashdot Mirror
Internet-Enabled Thermostat
ptorrone writes "Engadget has a little write-up of what is supposed to be the world's first Internet-enabled thermostat from Proliphix, which has an Ethernet port and a built-in web server and can be controlled from virtually any standard browser. So how long until everything in the home has its own IP address and script kiddies decide to get their kicks messing with your air conditioning during a heat wave?"
So how long until everything in the home has its own IP address and script kiddies decide to get their kicks messing with your air conditioning during a heat wave?"What if they did, and grandma died? Wouldn't that make them murderers?
Cool! Now I don't even have to put down the laptop, get up and switch on the air-conditioning.
All we need now is an intelligent fridge-freezer which can deliver cool drinks direct to my chair.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
Just think. With bluetooth you can have a toothbrush with TCP/IP and optical fibers that sends your dentist images of your teeth. You can send an e-mail to your bathtub before you leave work to have a pleasant 102 degree F jaccuzi bath ready for you. Your refrigerator can keep track of what you buy and order more when you run out.
And yes, then skript kiddies will use exploit scripts to end up filling your refrigerator with pickeled okra or something, with computer and home security firms both jumping on the situation from their areas of expertiese and mergers will result in computer security bundles and home security bundles becoming one big market full of money.
What I've found in my family's ruleset for when we do and don't use our A/C system is that when we decide to disable the A/C, we immediately must open our windows to let in outdoor air... is there any system that could motorize the windows so that they'd open based on the same software that might decide that the outdoor air was too cool for A/C but too warm to let the house be allowed to retain heat by having the windows closed?
So what happens when a virus gets into the seventy zillion unsecured windoze boxes out there, and drops every thermostat they can reach to fifty degrees in the middle of august? ConEd in NYC already has a heck of a time keepin gup with mid-day summer loads from all the AC units- you could easily knock out the entire east coast (again) if enough of these thermostats come online.
hope they put at least a userid and a password on it, and set them randomly at the factory.
What a strange bird is the pelican, his beak can hold more than his belly can.
But Can it run Linux?
Electric companies may just demand remote access to these thermostats, along with other controls over large electronic appliances. They want to turn off "unnecessary" appliances rather than blacking out entire blocks during shortages and emergencies. Sounds like an ok idea, but I have to worry about accountability given the shenanigans the power companies have pulled lately. A P3P-like system that negotiates power company control could work, but I would not want to be on that committee. yikes.
I know of a local business that wired up their HVAC and security with a web interface. One port is open, 443, and you must authenticate with the web server. This works really well because they have public meeting facilities. Sometimes meetings don't get on the schedule, and someone ends up locked out of a room with the air conditioning turned off. Or a last minute meeting is planned, etc. A manager uses his palm pilot phone's web brower to admin the building remotely, from where ever he is (when at home he uses a PC). He turns on the air, and unlocks the correct doors to allow access to only the areas of the building that are needed. And he doesn't have to make the 45 minute trip to work to do this.
Great ideas often receive violent opposition from mediocre minds. - Albert Einstein
Of all the things to wire up thermostats with, ethernet wouln't be my first choice, sure you can plug it into your existing network infastructure if youre totally un-concirned with security, but it means farily bulky cables and network hubs/switches to install just for temprature monitoring.
Depending on the requirements, a ground + data/power could be used providing virtually effortless wiring with tiny cables, or for more demanding systems power+data, and thin 4-pair telephone cable for a full RS422/485 balanced-pair system for noisy envrioments.
You can probably get such systems, and probably IP-enabled controll units for them, overall probably cheeper, easier and more secure.
Why should every device have its own IP address? Can't the home itself have an address and the various devices be controlled by services listening on different ports? 65000 ports should be enough for all the devices in your home.
Whether they are directly accessible from the Internet is important, but still limiting access from a local net hardly makes it safe. They would be vulnerable to any trojan, virus or other malware that runs on any workstation on that local network and performs network discovery (which most worms and such do). This is why so many 'secure' (firewalled or NATted) networks get infected with all kinds of crap. If a machine on the network actively/passively gets infected, the network is infected.
Furthermore it's easy to island-hop, so even directed attacks can be made against a device that doesn't have its own public IP address.
I'm not really saying you're wrong, or that having IP-enabled devices is a bad idea, it's just that this notion that direct Internet connections to boxes are needed to spread malware is sort of bogus. One should always keep in mind the risks of networking a device.
Think about it...how does power, water, natural gas all come into your house. Through one fat pipe. It is up to the device or fixture to conform to the developed standards. The situation described is identical to university networks, business networks, etc, and every computer system that supports the DHCP protocol. The house has an IP address (single access point, similar to electricity...it only comes to a house once). Then all the devices connect to it using the standardized interface. To me, it sounds like a perfect use for sending data through powerlines.
Those guys had a link on their website where you could adjust their thermostat and turn their lights on and off in real time via the web way back in the year 2000.
9 20 2&tid=144
http://slashdot.org/article.pl?sid=00/10/23/173
Do I *need* heat at 4:30AM when I'm snug in my bed?
Sure, if it's winter. But when it's gonna be 70 by 8AM and 85 by 11AM, no. I can suck it up and survive the house being colder than I'd tolerate when it's generally cold.
In fact, if I get my butt out of bed and close the windows while it's still 60, my house stays colder through the morning.
Actually, I've got a RCS thermometer so I *COULD* kick the heat on (from bed via X10/IR/PDABrowser-> computer -> thermostat) were I motivated to setup the trigger.
But having done the "you have to get up and stick wood in the wood stove, but the glass of water next to your bed is cracked because it froze last night" ride, I think I can survive a 55 degree morning in a pinch.
These guys have set up an interesting combo NOC/wine cellar and have the temperature and humidity monitored and graphed using MRTG.
Actually, I have been working with HEYU, BlueLava and some X10 modules for some time now. I even wrote my own dynamic dns scripts to make sure my DNS server has the right address for the home.
Its easy to turn on any light, dim any light, etc. To control an AC would be pretty easy by using the X10 module to control a secondary relay/contactor (using a 120v/24v transformer) to turn it hard on/off. My goal for the AC was simply to turn it hard ON for half hour before I got home, regardless of temperature. Capturing the temp through another serial port would not be very hard.
This is a cool idea, but until we have a single standard to talk to, its kinda pointless. This is why I am hacking a system together using X10, which is at least ONE standard that is usuable if you route it through a server to capture other data from other sources. Oh, and HEYU and BlueLava are Free software. So is Linux, Perl, BIND and Apache, which work the back end.
It will be a while, but I absolutely expect to publish my own "howto" using this system with other people's free software, once it is more complete.
Tequila: It's not just for breakfast anymore!
But because the alarm controller is output-only, there's only so much I can do with it. It would really be nice to find a more modern alarm controller with an Ethernet port and software. I could arm the system remotely if we go away and realize that we forgot to arm it. I could disarm it if a neighbor needs to get in while we're gone and is having trouble with the system. I could use the alarm's motion sensors to turn lights on and off. And so on.
I'm pretty knowledgeable about Internet security, so I'm not particularly worried about that angle.
This is so dumb.
A web enabled thermostat? Why? Just more crap to break down or have to take care of.
My current thermostat is set to keep the house comfortable when we are there, and cool down when we are not. It's set so on weekends it's comfortable all the time.
If we go away, there is a simple override that allows me to set a temperature to what I need in 3 keypresses.
Anything more is of highly questionable value.
Everything which can be controlled locally should be controllable centrally/remotely, so they should all have IP addresses.
Everything:
Car breaks down on a road trip, it'll be a week before you're home again. Stop wasting energy: "Thermostat, decrease temperature 15 degrees"
Ensure that your kids ate dinner as instructed while you work late: "Microwave, when were you last used?"
The refrigerator should monitor everything that goes in/out (RFID or whatever) and can alert you when you're out. Wouldn't it be nice to be able to check the fridge from work so you know to pick up some orange juice on the way home?
Everything.
BUT! (there's always a but!)
I'm not saying they should all have *PUBLIC* IP addresses. One device should, one fairly secure only-answers-to-the-right-port-knock-sequence device, which interfaces with all the other devices. There should be a way for the devices of your home to communicate with you (and you with them) in order to improve the day to day quality of life, but that communication needs to be secure. In order to facilitate this security, a firewalled "doorman" device would authenticate you before allowing you to see how many eggs are in the fridge.
Reinvent the wheel only at either a lower cost, greater effectiveness, or your own personal enrichment and satisfaction.