Microsoft, Intel, Samsung, Other Tech Companies Form New IoT Alliance

The Internet of Things (IoT) is the next step toward technological advancement but it requires a huge effort on manufacturers' and developers' part to make different devices and operating systems to function seamlessly with one another. Now, many of the big names in the industry are banding together to form the Open Connectivity Foundation or OCF to set standards for IoT devices. The lineup includes ARRIS, CableLabs, Cisco, Electrolux, GE Digital, Intel, Microsoft, Qualcomm, and Samsung, which will all work closely with one another to set rules and specifications to guarantee a singular advancement in the field.

Important question

Does this consortium plan to set standards for security? I'm not convinced that the biggest issue facing IoT is interoperability but rather the security (or lack of it) in many devices. Many of the ideas are very cool, but unless they're secured, IoT devices are backdoors into otherwise secure networks. I'm hoping that the result is an industry standard for IoT security.

Re:Important question

[U2xhc2hkb3QgU3Vja3M]

Microsoft is involved so you can be sure that (lack of) security will be implemented.

Re:Important question

[mrchaotica]

We can be sure as Hell they aren't about to implement any actual security -- that is, the security of allowing the devices to be controlled by the owner's server rather than some bullshit third-party "cloud" service, so that the owner's data isn't spewed everywhere and passed around like a cheap whore.

Re: Important question

127.0.0.1
Bring it on.

Re:Important question

[WaffleMonster]

Does this consortium plan to set standards for security?

Sure like they did for UPnP.

I'm not convinced that the biggest issue facing IoT is interoperability but rather the security (or lack of it) in many devices.

My guess the biggest issue facing IoT is lack of a compelling value proposition.

Telling even with over the top cheerleading of TFA "The Internet of Things (IoT) is definitely the next step toward technological advancement" they chose to mention an Internet connected fridge and "smart shoes".

Many of the ideas are very cool, but unless they're secured, IoT devices are backdoors into otherwise secure networks

That's a tall order given the business case for IoT in consumer space is exfiltration of private information, government sponsored snooping and ads.

I'm hoping that the result is an industry standard for IoT security.

The industry standard for IoT is the front page of the New York times.

Re:Important question

[mrchaotica]

Sure, why not? It's really not that hard to make your own clothes. Similarly, it's not that hard to download Linux and use it.

We're not talking about software, we're talking about hardware. In particular, Linux doesn't help when the entire industry is making products that are uniformly Tivo-ized.

Let me put it this way: show me a thermostat that I can buy at Home Depot or Lowes that I can control over a network without going through a third-party cloud service -- either out-of-the-box or by reflashing with firmware that's no less well-supported than OpenWRT -- and I'll concede your point.

Re:Apple is not present

Look at the list and you can see that they are working together because NONE of them are doing well with (the new stupid catch phrase) IoT.

The companies that are doing well on their own are probably not interested at all in helping the competition.

Backdoor Alliance

[zenlessyank]

Gotta make sure those backdoors have compatible interoperability.

Give dollars, get paper.

[wheelium]

For only a nominal fee of $1,000 dollars, you too can become OCF certified! http://openconnectivity.org/jo...

Power grab by the big boys

[Dracos]

This is a power grab by established giants to prevent an emerging market from getting away from their control. There are no actual IoT entities here: Raspberry Pi Foundation, Arduino LLC, etc. Not even ARM Holdings, whose chips designs will be in most IoT devices. Just the overrepresentation of Cable related companies makes it suspicious.

Re:Power grab by the big boys

[thegarbz]

Errr "IoT entities"? What do any of the above manufacture that makes them IoT entities?
Raspberry Pi : a small computer with ethernet and no features to justify it's IoT name, not even it's size.
Arduino LLC: An out of the box microcontroller development board which comes with no software at all (kind of the important part of IoT)
ARM Holdings: Microcontroller manufacturer who has no hardware IoT devices.

See, not a thing. The closest any of the above come to being IoT is that they enable tinkerers to build their own IoT devices. But given IoT is all about software and interfacing options they do a heck of a crap job at that. Arduino actually has the biggest portfolio there, but that has little to do with the company and everything to do with with the shield concept many of which aren't even developed by them but rather just sold open community designs (Is Allied Express an IoT firm now too?). Now let's compare that to the list of companies involved:

ARRIS - Company deploying IoT wireless devices and providing IoT services
CableLabs - Company deploying IoT wireless devices
Cisco - Company manufacturing IoT wireless gateways and multi-protocol gateways used in IoT devices.
Electrolux - Company that has been experimenting with putting IoT crap in all their products since before it was called IoT
GE Digital - Company that has been experimenting with putting IoT crap in all their products since before it was called IoT
Intel - Company which may sound like ARM or Arduino above, but actually invests actual R&D money into IoT.
Microsoft - Company with an active IoT platform, active IoT products, and active IoT related partnerships with many vendors on the market.
Qualcomm - Company producing all-in-one IoT SOCs. These guys are far more relevant in the sector than ARM will ever be.
Samsung - Company that has been experimenting with putting IoT crap in all their products since before it was called IoT

Actually if I were to question some notable omissions I would be looking at:

Philips - IoT device manufacturer which has been caught out for breaking interoperability.
Google - Nest / Brillo platforms
Apple - Homekit platform
Zigbee Alliance - IoT network and retrofit product provider back before IoT was a thing.

Re:Power grab by the big boys

[drinkypoo]

Raspberry Pi : a small computer with ethernet and no features to justify it's IoT name, not even it's size.

Pi Zero is small enough to do most IoT jobs, but there are actually lots of larger IoT jobs where there's lots of room for something like Pi, like major appliances.

Arduino LLC: An out of the box microcontroller development board which comes with no software at all (kind of the important part of IoT)

Sigh. What it comes with doesn't matter if you can trivially download what you need. The libraries for the communications hardware available provide for their function. On the other hand, much of that hardware is a microcontroller in its own right, like say ESP8266 which is commonly used simply as a WiFi adapter for Arduino. Unless you need all the I/O of the Arduino, it's better just to use the ESP.

ARM Holdings: Microcontroller manufacturer who has no hardware IoT devices.

If R-Pi isn't IoT, nor is Intel. But they both are. ARM is relevant because their cores will be used far and wide, and maybe they should be involved in talks on security.

Re:Power grab by the big boys

[thegarbz]

Pi Zero [raspberrypi.org] is small enough to do most IoT jobs, but there are actually lots of larger IoT jobs where there's lots of room for something like Pi, like major appliances.

It's still just a development board, it's a computer, a non-profit product, a hobby device. Don't get me wrong I have 5 of them at home, but you won't find me sticking them in any IoT device. Companies don't like other people dictating form factor, companies don't like spending money on designs when they can simply roll it all in one, and companies definitely don't base products on boards which have incredible supply issues. They are not an IoT player in the market any more than my home built PC is.

Sigh. What it comes with doesn't matter if you can trivially download what you need.

So what you're saying is there some other group who are maintaining a library for interconnection? I have the perfect alliance they could join.

If R-Pi isn't IoT, nor is Intel. But they both are. ARM is relevant because their cores will be used far and wide, and maybe they should be involved in talks on security.

- The R-Pi foundation makes one product set, a small computer.
- ARM make a microcontroller core. They can be replaced by any vendor. Nothing in their hardware makes them IoT. Integrators like Qualcomm provide the additional bolt on hardware. Security on the hardware level is hardly an issue. Actually it's an anti-issue. Security on hardware typically means locking out users, let the software vendors and integrators discuss the security.
- Intel provide processors. Oh wait... we've already said that's got nothing to do with IoT. Intel provide wireless technology, gateway products, they license technologies for sensing, data transmission, and security, they provide development platforms, cloud database platforms, network platforms, they offer consulting services, and integration services for vendors.

Re:Power grab by the big boys

[Dutch+Gun]

Yep, Samsung has entertained the world with their concept "smart fridge" each year for the past few years, with wireless connectivity, built-in cameras and LCD displays. We laugh now, but probably in the near future they'll be built into nearly ALL new fridges, just like they're built into nearly all new TVs these days. Just give it time, I suppose. Fortunately, keeping devices OFF the network is still easy - just don't give them the WPA key. At the very least, you probably need to make sure those stupid things are on an isolated network that can't interact with your main network. Samsung and most other hardware manufacturers have demonstrated themselves to be woefully inept when it comes to security and privacy issues time and time again.

Honestly, even though I don't own many Apple devices (just one mac mini for development purposes), Apple is probably one of the few companies I'd trust to get the security AND privacy issues right. They've got the technical chops for the security thanks to iOS-related experience, and because they'd charge enough for the devices themselves, they probably wouldn't feel the need to siphon up our personal data for advertising revenue. I'm much more comfortable with a business model that makes money just selling hardware at a decent markup. So many other business models quickly turn slimy and privacy-invading.

Re:Apple is not present

[Dahamma]

Actually Samsung bought SmartThings a while ago, so they are at least in the game. The others (excepting maybe GE, which has a fair number of Z-Wave devices) are currently on the sidelines trying to figure out a way to get in it.

Next step in technological advancement

[penguinoid]

Specifically, the next step in technological advancement of omnipresent surveillance/"telemetry" and of vendor lock-in and of forced upgrades and of dependency on corporate services. If that sounds good, just wait until some joker writes a virus to make your lightbulbs blink obscene messages in Morse code or pit your heater against your air conditioner.

Re:Names to stay away from.

[jrumney]

Having your intimate devices exposed where they can be controlled by people who do not know your safe word, is probably not such a great idea.

The MPEGLA scam all over again

[Required+Snark]

We've seen this before.

1. Form a group and make it an official international standard.

2. Have licensing arm (like MPEGLA) to administer the patents from the standard.

3. Profit.

There is not mystery step 2 in this case. It's just like paying taxes, except instead of the government the money goes directly to the international corporations (and a few academic institutions who are in on the scam). The government and the law are just collection agents for the corporations. Combine this with treaties like the TPP and it becomes obvious that corporate interests are intent on dominating, well everything. Sovereign states become the errand boys and actual source of power is privatized.

Seriously?

[scdeimos]

Half those players were involved in DLNA (DHWG) and look how well that worked out. Hint: most DLNA servers need client-specific profiles to hack the data streams so that they render correctly on the client.

As of November 2015, there are 13 promoter members and 171 contributor members. The promoter members are: Arris, AwoX, Broadcom, CableLabs, Comcast, Dolby Laboratories, Intel, LG Electronics, Panasonic, Samsung Electronics, Sony Electronics, Time Warner Cable, and Verizon.

REF: Digital Living Network Alliance

Re:Biggest Issue: Why does anybody need this shit?

[Dragonslicer]

Actually, I want to be able to tell my Amazon Echo to turn off the lights, because I'm too lazy to get out of the bed and walk over to the light switch.

That problem was solved 30 years ago.

There's also my $10 solution, which is commonly called a "desk lamp".