Slashdot Mirror
Internet-Enabled Thermostat
ptorrone writes "Engadget has a little write-up of what is supposed to be the world's first Internet-enabled thermostat from Proliphix, which has an Ethernet port and a built-in web server and can be controlled from virtually any standard browser. So how long until everything in the home has its own IP address and script kiddies decide to get their kicks messing with your air conditioning during a heat wave?"
Sigs cause cancer.
And people said we don't need IPv6.
What could possibly go wrong?
>So how long until everything in the home has its own IP address
when IPv6 is fully implemented.
We can make hell freeze over...
Hey I got some a new windows installed today!
Cool, double glazing?
No.... longhorn..
http://www.proliphix.com/pro_products_consumer.ht
Sounds like a company that makes prophylactix... err, I mean prophylactics.
Honey, I shrunk the Cygwin
For 25 cents, you could buy a themal resistor from Radio Shack and just push it into your joystick port.
Karma Clown
Just think. With bluetooth you can have a toothbrush with TCP/IP and optical fibers that sends your dentist images of your teeth. You can send an e-mail to your bathtub before you leave work to have a pleasant 102 degree F jaccuzi bath ready for you. Your refrigerator can keep track of what you buy and order more when you run out.
And yes, then skript kiddies will use exploit scripts to end up filling your refrigerator with pickeled okra or something, with computer and home security firms both jumping on the situation from their areas of expertiese and mergers will result in computer security bundles and home security bundles becoming one big market full of money.
What I've found in my family's ruleset for when we do and don't use our A/C system is that when we decide to disable the A/C, we immediately must open our windows to let in outdoor air... is there any system that could motorize the windows so that they'd open based on the same software that might decide that the outdoor air was too cool for A/C but too warm to let the house be allowed to retain heat by having the windows closed?
This is not even close to being the "worlds first".
I interviewed with a company more than 6 years ago that was selling web-enabled thermostats, sprinkler systems, vending machines, etc. etc.
...but is it SNMP monitorable?
Home automation is actually pretty simple and the idea's been around for years. Instead of a thermostat being set at a particular level all of the time, it can be dynamically reset by software logic based on whatever rules you can think of. In the mainstream now, there are simple hardware based models that can change their settings based on time of day paterns, but just think of the potential power if a thermostat could base its rules on more relavant details like the outdoor conditions and whether there are people home or not.
So how long until everything in the home has its own IP address and script kiddies decide to get their kicks messing with your air conditioning during a heat wave?
So how long until everyone realizes that maybe you shouldn't give your air conditioner an external IP address?
Do you have your network printer on an external IP address?
So what happens when a virus gets into the seventy zillion unsecured windoze boxes out there, and drops every thermostat they can reach to fifty degrees in the middle of august? ConEd in NYC already has a heck of a time keepin gup with mid-day summer loads from all the AC units- you could easily knock out the entire east coast (again) if enough of these thermostats come online.
hope they put at least a userid and a password on it, and set them randomly at the factory.
What a strange bird is the pelican, his beak can hold more than his belly can.
"So how long until everything in the home has its own IP address and script kiddies decide to get their kicks messing with your air conditioning during a heat wave?"
And just why exactly do you think that these devices are going to be open to the internet at large? Just because some marketing dweeb decided to call it "internet-enabled", doesn't mean that it's going to be on the net. Face it, having an ethernet port and webserver is not the same thing as being connected to the internet. These devices are designed to be run on a local network, which is likely behind some sort of DSL/cable-modem router, which means that unless the user goes to great lengths to do so, the devices are not visible. If of course you decide to set up NAT to let other people get to your thermostat, then you should be ready to feel the heat...
why?
what do outside conditions have to do with anything? If you want your house to be 76 degrees, you set the thermostat for 76+- degrees. If it is snowing, then the heater kicks in, if it is hot then the air conditioner kicks in.
The Kruger Dunning explains most post on
But Can it run Linux?
Doing this over the phone has been possible for ages... with devices like this.
Also Dilbert's house is online.... And an Internet enabled washing machine, and this internet enabled microwave are onsale in the UK.. Interestingly aren't available at amazon.com yet
UK Laptops
The real question is: How long with this equipment until script kiddies cause a heat wave?
Electric companies may just demand remote access to these thermostats, along with other controls over large electronic appliances. They want to turn off "unnecessary" appliances rather than blacking out entire blocks during shortages and emergencies. Sounds like an ok idea, but I have to worry about accountability given the shenanigans the power companies have pulled lately. A P3P-like system that negotiates power company control could work, but I would not want to be on that committee. yikes.
My house came with a wireless gizmo that allows the power company to cut out my air conditioning during a peak power crisis. In return, I save a couple of bucks a month on my bill. (They claim that they haven't had to activate this system in many years. We'll see.)
I wouldn't be surprised if these things were found to be totally insecure. However, I'm not too worried because it's basically a case of "Security through would anyone actually bother?". If it worked via the Internet, it might be different though. At least with the radio, would-be hackers would have to emerge from their parents' basements to set up an antenna, which will probably thwart most of them.
I don't understand why one would want to give anything an IP. Sure it's fun to have remote access to everything. But, it'll make it accessable to "others" too, maybe not as obvious but it'll be out in the open.
If you're afraid your house would turn against you, you really shouldn't IP-enable it (or.. firewall your toaster).
*Runs off for more tinfoil*
I think we can keep recursing like this until someone returns 1
10-15 years ago people were saying the idea that a home user would need a high speed connection (or even internet access for that matter) was crazy. Yet now most of us couldn't do our jobs, chat with friends, or get our news without the it. I think the reason why people aren't getting it at this point is because this is not the "killer app" that will make home automation as necesary (or at least as wanted) as internet connectivity. I think the killer app will be something closer to self diagnosing appliances that can handle their own repair and resupply (eg refrigerators that order new food when they detect an empty content or a drier that awakens the Maytag man from his slumber automatically). On a different note, the challenge that a product like this represents for the future is not a drying up of IP addresses (IPv6 and NAT should solve that problem), but the fact that this means there will be many more digital cockroaches creeping around and not paying the bills for the comm lines they're travelling on.
I don't see why a thermostat NEEDS to be network enabled.
Not only is it not too terrible of an inconvenience to get up and walk to the thermostat, but now we have to protect our thermostat with a firewall??
As it was mentioned earlier, I don't think it will be long before the kiddies start creating a windows exploit that attacks the thermostat. Imagine having your heat go out in -10 degree weather. This is a situation where a cracker could actually put someone's life at stake in the right circumstances.
Mod points are pointless when you browse at -1.
Proliphix's web site is an example of VERY bad marketing.
At the right price, I'd probably buy one. Even if they don't sell them directly, surely Proliphix's web site ought to give some clue how or where to buy one. What retailers carry them? Who sells them on the internet? How much they cost? Something!
There's a link labelled "DEALERS", but it only describes how to become a dealer, not how to find an existing dealer.
I invested 5 minutes searching for this info, and found nothing. Even a Google search turned up nothing. During those 5 minutes, I stumbled over many competing products (not identical, rather more X-10ish, but still, other people who will gladly take the customers money before the customer ever tracks down how to buy a Proliphix.
Not really true. I've had LIPAedge for 3-4 years. Granted, you don't have direct access (unit doesn't have an IP address) to the theromstat unit, but it can still be controlled through a web browser from anywhere.
ingridients: old pc (i386 from garage sale)
joystick port
2 thermistors (2kohm if i remember right)
linux distro (eg debian) -dos works too, but no tcpip stack
old joystick
preparation:
1. open up joy, locate potmeters
2. replace with thermistors
3. install op sys with joy support
4 calibrate thermistors (eg in +50c water and -10c fridge.
5. read values, post it on website
optional:
parallel port device control - never did that (other than 8 leds connected for a load meter)
on the other hand with a cheap pc+serial port + X1 you can really program some fancy llighting scheme and even heating stuff
...can alter the ambient temperature in my house while on vacation so my goldfish don't boil on a freak heatwave while I was away ... like they did last summer :(
-K
Seriously. Every time one of these topics comes up on the /. there are a flood of posts talking about how useless or pointless the invention is. Applying an easy stereotype I notice most of these comments come from posters who joined in the last couple of years.
/. really changed so much? Is it not appropriate to have a little lust and desire to see tech invade every portion of our lives? Wasn't /. itself about the new and exciting uses of technology and cool things on the net?
Has the general readership of
More on topic, your thermostat will be networked one way or the other. Either you choose to do it, or your power company will within the next 10-15 years to help control power blackouts, surges and fluctuations. Some power companies already offer discounts for those in high heat areas if the end user allows the power company to turn off their AC during peak usage times.
--- I do not moderate.
...but the 40 below days you need to worry about. Seriously, you could kill people by messing with thermostats under such conditions. But I suppose that any house that would even have this feature would also probably be brand new and have insulation even thicker than my skull, so it wouldn't be tragic.
I am feeling fat and sassy
but i for one will not be happy until there are sensors in my gut, telling the internet when i am hungry and what i am hungry for...
then a perfectly prepaired meal will arrive on an internet conveyer belt.
or when advertisors are able to tell exactly what my weaknesses and desires are at that very moment due to sensors in my brain...then they will charge it to my account and it too will arrive on my internet conveyer belt.
the future is going to be amazing...
~slashdot are my only freinds ):
The whole comment about script kiddies is weak. Thats why we have private ip addresses and private networks. Make the home non-Internet routable and the ip concern is moot. Now....if there is some mechanism to provide outside access....then fine, but there is little reason for that.
If that does come into play, then strong security solutions will be needed but opensource has proven that security can be had. Hell, have an itermiderary than cannot directly control the other devices but can send them requests. Have the devices only accept reasonable requests. (no thermostat to 100degrees during summer)
Do I think this is ready for the comman man? Hell no. DO I think it will ever become common place? Hell no. You average person can't run a vcr or even a LCD thermo....fuck an ip device.
Of all the things to wire up thermostats with, ethernet wouln't be my first choice, sure you can plug it into your existing network infastructure if youre totally un-concirned with security, but it means farily bulky cables and network hubs/switches to install just for temprature monitoring.
Depending on the requirements, a ground + data/power could be used providing virtually effortless wiring with tiny cables, or for more demanding systems power+data, and thin 4-pair telephone cable for a full RS422/485 balanced-pair system for noisy envrioments.
You can probably get such systems, and probably IP-enabled controll units for them, overall probably cheeper, easier and more secure.
You know that the DOJ will want to be able to view your household temperature without you knowing it (PATRIOT ACT). You see, they'll check the temp to see how warm you're keeping your house. If it matches too closely with the temperatures of the climates of countries that host terrorism, you'll get a visit from the Feds. It'll be the same thing for web contolled lighting - gee, this guy keeps his lights on the exact same time as daylight in Irag, and the same temp. We need to investigate!
NOW all that's left is converting my leather Lay-Z-Boy into a toilet. Then I won't even have to care that my muscles are atrophying!
is if it runs in IIS and uses plaintext passwords!
My heating bill would look like the Nat'l Deficit.
This
This is so you could tell the house to start cooling off or warming up from work so that it'll be a desireble temperature when you get home from work/school.
Now I can know how hot it REALLY is in those live orgy rooms...
If you put all your 'appliances' behind a NAT firewall, you are pretty safe from script-kiddies on the outside..
True, a virus internally could wreak havoc, but I doubt that its going to be that much of a security risk.
That being said, I think its silly in the first place just because you can stick a computer in something, doesn't mean you should.. But people will buy it..
---- Booth was a patriot ----
As more and more home appliances become Internet accessible, it will be interesting to see how things like this take hold.
I'm not drunk, I just have a speech impediment. And a stomach virus. And an inner ear infection.
I'm still waiting for my fucking flying car.
Snowden and Manning are heroes.
I am reminded of the concersation Londo had with the Technomages in The Geometry of Shadows
The Technomages are leaving while they still can, to the other side of the universe. Londo isn't having any of this and he persuades Sheridan to talk with them. Of course, Sheridan will need someone present who knows about them... and who better than Londo Mollari himself? [...]
Londo turns up and sneakily places a recording device in the office. When Elric accuses him of setting this up, Londo denies it all, to which the technical wizard plays back a recording of Vir trying to arrange the meeting. He then destroys Londo's recording device and threatens the foolish ambassador.
Londo finally decides to apologise to Elric after his computer is riddled with holo-demons singing Narn opera and he is forced to own 500,000 shares in a spoo farm. Elric accepts his apology but leaves him the demons as a gift!
And you thought viruses were bad now!
"It is a greater offense to steal men's labor, than their clothes"
Hi, I work for a company that does (technical) Facility Management for a lot of huge companies. We have our own system that allows us to attach any kind of analog signal (incl thermostat) to an internet enabled network. Or proprietary system is about 7 years old, but we also use of the shelf systems from:
- Siemens (http://www.sgm.siemens.de/)
- ABB (http://www.abb.de)
and many big names more
but the newest thing, I personaly like is this device from ICONAG: http://www.iconag.com/
can connect even an usb camera and has an own IP...
so, first internet enabled thermostat? no way!
"Digital" thermostats for commercial buildings have operated this way for decades.
:)
Basically, the thermostat sent a single bit - YES or NO - which said if the temperature was above or below a set value. On the other end, the controller used this data to turn the heater or air conditioning on or off at that location. Again, 1-bit message. Oh wait, I think I just described a regular old-fashioned thermostat.
Putting this on ethernet is just too much overhead for most users.
Sarsasm aside, I can see this being useful in a business environment. I worked in an office with the same fuctionality over the telephone, but a web browser would've been so much more user-friendly.
For the home though, I'd rather call in on my cell phone, have caller-id be part of the security mechanism, and "PRESS 1 IF YOU ARE ON YOUR WAY HOME...." This would let me set the A/C at 80F in the daytime and crank it down to 72 when I leave the office.
Besides, in my abode, it's easier to use sneakernet: I get off my lazy-ass butt and adjust it myself, and burn off a few calories in the process.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Those guys had a link on their website where you could adjust their thermostat and turn their lights on and off in real time via the web way back in the year 2000.
9 20 2&tid=144
http://slashdot.org/article.pl?sid=00/10/23/173
No, murder requires intent to kill. They'd be guilty of involuntary manslaughter.
G
...running a service on their product, LARTing those script kiddies that are smart enough to hack into your IP-enabled thermostat. Although, it makes me wish that LARTs were physically painful. Honestly, though, the easiest way to do it would be to have a central service company deal with all of it, at the cost of a subscription-based service. Otherwise, it would be (essentially) asking Joe User to run his own webserver, which, more often than not, is a Bad Thing. All the people that don't get shivers down their spine when someone says "control your thermostat via your Hotmail(r) account!" can subscribe, and the rest of us can (and would) run our homes' thermostats ourselves with a Linux webserver and some open-source software.
I pity the foo that isn't metasyntactic
A beowulf cluster of...oh wait, think of the power bills...
Do I *need* heat at 4:30AM when I'm snug in my bed?
Sure, if it's winter. But when it's gonna be 70 by 8AM and 85 by 11AM, no. I can suck it up and survive the house being colder than I'd tolerate when it's generally cold.
In fact, if I get my butt out of bed and close the windows while it's still 60, my house stays colder through the morning.
Actually, I've got a RCS thermometer so I *COULD* kick the heat on (from bed via X10/IR/PDABrowser-> computer -> thermostat) were I motivated to setup the trigger.
But having done the "you have to get up and stick wood in the wood stove, but the glass of water next to your bed is cracked because it froze last night" ride, I think I can survive a 55 degree morning in a pinch.
These guys have set up an interesting combo NOC/wine cellar and have the temperature and humidity monitored and graphed using MRTG.
It has plenty to do with your house's temperature. Let's say you have a somewhat smart A/C installed ... one that doesn't just heat the air in the house, but one that constantly dumps the air outside - this is particularly neat for people with astma and is generally much healthier than just heating/cooling the same old stale air.
What you do there is to first run the exhaust air through a heat exchanger to reuse as much as the indoor heat to warm up the outside air. Now, if it's 30 deg C outside, you might want the heat exchanger running to cool the air DOWN, so the software turns it on. If it's below room temperature outside, you want to reuse as much of the heat as possible, so you turn the heat exchanger on. This is controlled by software in real time, saving you money constantly.
You then measure the temperature of the heated air and heat/cool it additionally to get it to the required temperature before you pump it into the house. Again, the heaters and coolers in that part of the A/C is controlled by software in real time.
This is how it works in huge office buildings, and you can even get A/C equipment for you house that operates on the exact same principle.
Imagine that - having a constant supply of fresh air in your house and you don't even need to open a window! In addition you can make the A/C do it's best to reduce energy spending, but letting it turn off the A/C for periods of time when the house isn't in use. How to do that depends on what you want, and can be rather tricky to calculate. Again this is done in software - all you have to do is set a period of time where you want it to go into low energy mode.
Sure, it's rather costly up front, but in the long run you can save quite a lot of money. If you refit an existing house it's the most expensive, but if you build a new house with it, you can sometimes save money by going with a setup like the one I just described, simply by way of the savings from not having a heater in every single room, no plumbing for radiators etc.
We do not live in the 21st century. We live in the 20 second century.
It looks like it controls the HVAC using 24V AC switching. Is that still used in the USA?
:-(
Over here (Netherlands) any modern heating system uses a digital serial link between the equipment and the thermostat. The thermostat not only switches the heater on and off, but can also set the level (modulation), read back and display status information, set parameters like hot water operation mode etc.
As it does not use straight on/off switching, such a system operates much more smoothly. Rather than cycling the heater with a dutycycle that results in the correct room temperature, it sets the heater to the correct level to keep that temperature.
There exists a standard protocol called OpenTherm. Although it is called "Open" this does not mean that specifications are available for everyone to download
That's not totally correct. Second-degree murder is manslaughter in certain circumstances - like in drunk driving (like this). There's a lot of leeway for states to enacts this sort of thing.
Adjust: set (temperature) 40c delay 15m set (temperature) 5c delay 15m jump Adjust
--- Asking inconvenient questions for over 30 years...
There are bazillions of Cisco and other routers and things with SNMP capability that read their internal temperature...
Oh well, what the hell...
It's clear (to me) one of the earliest adopters of this will be professional server-rooms.. specifically, the ones that just loooooove to automate everything.
Previously, the cruelest malware, to me, were the ones that shut down fans, thereby doing physical damage beyond the logical damage incurred. Is this where that gets stepped up to killing a ROOM of computers?
-g
Every device in your home will never have its own IP address. That's just silliness and FUD. NAT obviates the need for "real" IP addresses, and simple measures will prevent any unauthorized access.
--Slashdot: News for Turds. Stuff that Splatters.
Zilog (remember them) have been selling one of these as a demo of their web server module (E-Z80, I kid you not) for at least a year. I know, cos I have one!
Sent from my ASR33 using ASCII
See also Residential Controls' RS232 serial thermostat.
These guys put the control box down by the furnace itself, so instead of having to run wire to the display, you only have to run wire from your PC to the furnace. They fully document the text-based protocol too, so its easy to program for.
I have one of these and it works fine. Also, no web server means fewer security worries.
Post if anyone wants my Linux code snippets.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
why would you want remote control of a thermostat?
I travel. There's no point cooling my house to 73F while I'm away, so I turn the thermostat up to 85F before I leave. It takes several hours for my house to cool back down to 73F, so I telnet to my thermostat before getting on the plane and set it.
I have to get it working again, but I used to have it so that when I logged in to my home computer from work, the thermostat would automatically relax the temperature by 5 degrees. Then, when I logged out it would return to the normal temperature and be back down by the time I drove home. As a result, I didn't didn't burn energy keeping the house cool during the peak heat of the day.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
Is this a real product? I can't find a price or anyone purporting to sell it. The "installer manual" on their web page is nothing but a bunch of marketing drivel, the supposed web interface looks like something done in Corel Draw, and if you click on their "Press" link, its EMPTY.
Also, there is no mention of an SNMP interface. I can see why someone might skip telnet, but why on God's green earth would someone build a web-enabled thermostat and not include SNMP? Can I get a "duh"?
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
Just what are they telling us is "secure" and "authenticated", and has anyone tried to break into it?
IMHO, using an internal https server would be a good start on security.
I've been predicting Net appliance hacking for years. Imagine finding your hot tub has been set to the boiling point by script kiddies.
Tech Public Policy stuff
Its a hell of a lot easier on the system and your electricity bill to keep you house at a constant temperature rather than have the temperature bounce all around the place.
Sure, if you're going to leave for 3 weeks...shut it all off, but if you're just leaving for work for the day, don't bother adjusting it.
But because the alarm controller is output-only, there's only so much I can do with it. It would really be nice to find a more modern alarm controller with an Ethernet port and software. I could arm the system remotely if we go away and realize that we forgot to arm it. I could disarm it if a neighbor needs to get in while we're gone and is having trouble with the system. I could use the alarm's motion sensors to turn lights on and off. And so on.
I'm pretty knowledgeable about Internet security, so I'm not particularly worried about that angle.
This is so dumb.
A web enabled thermostat? Why? Just more crap to break down or have to take care of.
My current thermostat is set to keep the house comfortable when we are there, and cool down when we are not. It's set so on weekends it's comfortable all the time.
If we go away, there is a simple override that allows me to set a temperature to what I need in 3 keypresses.
Anything more is of highly questionable value.
Everything which can be controlled locally should be controllable centrally/remotely, so they should all have IP addresses.
Everything:
Car breaks down on a road trip, it'll be a week before you're home again. Stop wasting energy: "Thermostat, decrease temperature 15 degrees"
Ensure that your kids ate dinner as instructed while you work late: "Microwave, when were you last used?"
The refrigerator should monitor everything that goes in/out (RFID or whatever) and can alert you when you're out. Wouldn't it be nice to be able to check the fridge from work so you know to pick up some orange juice on the way home?
Everything.
BUT! (there's always a but!)
I'm not saying they should all have *PUBLIC* IP addresses. One device should, one fairly secure only-answers-to-the-right-port-knock-sequence device, which interfaces with all the other devices. There should be a way for the devices of your home to communicate with you (and you with them) in order to improve the day to day quality of life, but that communication needs to be secure. In order to facilitate this security, a firewalled "doorman" device would authenticate you before allowing you to see how many eggs are in the fridge.
Reinvent the wheel only at either a lower cost, greater effectiveness, or your own personal enrichment and satisfaction.
The "articles" answer their own questions, and bring up nonsensical paranoid "what ifs". If I wanted bias, I would go elsewhere. Mod me down, I don't give a damn anymore.
I hate sigs.
Check out the products at Residential Control Systems. I've been contemplating getting one of their RS232 or RS485 thermostats and hooking it up to one of those little RS232-to-Ethernet converters. It was only a matter of time before someone thought to marry the two in one housing.
Question is: why a dedicated stat (thermostat) when for the same price range several devices can be connected to a controller that is connected to ethernet?
Does having the ability to connect over a network automatically mean it is reachable by the rest of the Internet? Would anybody out there think of putting it on a separate network, completely disconnected from the Internet? How will our hero escape this latest trap?
The year is 2015...
Most household appliances and electronics are controlled with a common protocol via a common connection medium.
Demand is high for an easily configurable, low-cost, secure, highly adaptable software.
Linux revolution or geek fantasy?
So how long until everything in the home has its own IP address - This is nothing. How long until every component in your PC is accessible via an address that can be reached via TCP/IP. Script Kiddies will have a field day hacking your monitor directly.
Bark less. Wag more.
See, it costs MONEY to heat and air condition your house. When it's hot outside, I don't want to pay to air condition the place down to 65 degrees, and when it's cold, I don't want it heated to 75.
This will become clearer to you after you move out of your mom's basement and start paying your own utility bills.
Sean
I got a very prompt reply from Walter Dray, the president of Proliphix who said that they were looking at introducing these in early to mid October.
He said that the sereis is expected to run between $300 - $400. He also mentioned that there is a programming interface that runs directly over IP to talk to the UDP application in the hardware.
I originally saw the advertisement in the back of Home Automation magazine and passed the info on to Peter Rojas at Engadget.