STE WILLIAMS

Who needs horror films? We have the IoT. Or, more precisely, the IoST: the Internet of Scary Things!

If it isn’t creepy dolls – those WiFi-enabled, microphone-sporting, speech-recognizing, eavesdropping, interactive mouthpieces to corporates  – then it’s a thing-maker who bricks your IoT garage door opener if you dare to leave a crappy review.

Meet Denis Grisak. He’s the creator of Garadget, the garage door “futurizer”.

Did you not know that you could breathe life into your existing garage door? For $99, you get a box full of stuff.

Add your garage door, smartphone and WiFi network, and hey presto!

You’ll be able to control and monitor your garage doors “from anywhere, anytime” and receive alerts when you forget to close the garage, according to the Amazon listing. The Garadget system is equipped with laser sensors and works with your existing garage door opener.

Unless your username is R. Martin, that is. He’s one dissatisfied Garadget customer and the author of the one-star Amazon review titled “Junk – DO NOT WASTE YOUR MONEY – iPhone app is a piece of …”

That wasn’t the first time he complained about his experience. He had previously commented, on the Garadget community page, about his Garadget iPhone App not staying open and just flashing when he tried to launch it.

The unhappy customer, whose Garadget community user name is Rdmart7, must have been frustrated.

Just installed and attempting to register a door when the app started doing this. Have uninstalled and reinstalled iphone app, powered phone off/on …

The father of the Garadget was not pleased. He had, after all, spent two years developing his IoT gadget. And thus did Martin come to feel the wrath of Grisak, who banished him from the Garadget kingdom, temporarily sending the cussing customer into the wilderness of unsmart things by turning off server support for the unit in question.

The banishment got picked up by a Twitter account that goes by the name of @internetofshit.

HOW DARE YOU LEAVE A BAD REVIEW OF OUR GARAGE DOOR OPENER, SEND IT BACK pic.twitter.com/TUmm2EFZ66

— Internet of Shit (@internetofshit) April 4, 2017

From there, it went viral, rising to the top of Hacker News and getting written up by a long, long list of publications, including Ars Technica, BBC News, Mashable, The Atlantic… and, now, us.

The 1-star Amazon review was posted on April Fool’s Day. As of Tuesday, Grisak was shrugging off the hubbub and referring to it as an April Fool’s joke, reassuring everybody that Martin’s access had since been restored:

Ok, calm down everybody. Save your pitchforks and torches for your elected representatives. This only lacks the death threats now.

The firing of the customer was never about the Amazon review, just wanted to distance from the toxic individual ASAP. Admittedly not a slickest PR move on my part. Access restored, note taken.

A quote from a random guy.

PS: Anybody has Streisand’s phone number?

That “quote from a random guy” was that of Elon Musk, who has also gained infamy by throwing a tantrum over an annoying customer and refusing to sell him a car.

Must be a slow news day if denying service to a super rude customer gets this much attention

— Elon Musk (@elonmusk) February 3, 2016

Is it a slow news day when IoT products glitch, and the makers lash out at customers who complain by bricking their systems? Is this real news that deserves consideration, beyond the novelty of anti-customer-service customer service?

Let’s consider that by asking this followup question: is our security threatened when IoT gadget-makers moodily turn off our service?

We already know that our lives could, theoretically, be put at risk when it comes to the security of code that runs our WiFi-enabled medical devices. In January, five months after the Food and Drug Administration and the Department of Homeland Security launched probes into claims that its pacemakers and cardiac monitoring technology were vulnerable to potentially life-threatening hacks, St Jude Medical issued security fixes.

And then too, there are those Jeeps that automotive cybersecurity researchers Charlie Miller and Chris Valasek keep driving into ditches out by the cornfields.

Would our lives ever be endangered by a grumpy developer who bricks our WiFi-enabled, garage-door-opening apps?

Maybe not. But it’s just one more reason to question the IoT, which has already been plagued by a lack of smarts when it comes to security.

If we’re going to have smart things manipulating our home security (and letting our neighbors walk right into our locked homes while they’re at it), administering our life-saving drugs (thank you, insulin pumps) and more, then we should expect the developers behind the gadgets to at least take a deep breath before they brick.

Here are seven tips from Sophos’s Chester Wisniewski on how we can better secure the IoT.

Here are seven tips for dealing with angry customers.

And here, posted on Wednesday night, is Garadget’s ultimate mea culpa:

We at Garadet [sic] would like to thank everyone for sharing their feedback regarding the denying of server access with a client that was not happy with our product. We would like to apologize to both the individual user and our broad user base for the manner in which this incident was handled.

Follow @NakedSecurity
Follow @LisaVaas

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/TE1jybdzZQ8/