• United States



Microsoft’s automated Future Home, what can go wrong?

Jun 09, 20116 mins
Data and Information SecurityEnterprise ApplicationsMicrosoft

Most folks love to try out new apps, yet what if those location-aware apps were not for your phone but instead for your home? Would you trust apps to control your home, turn the lights off and on, control the thermostat, or unlock your front door? Smart homes have not really taken off, mostly due to costs and complications to implement futuristic automation. Yet during a tour of the Microsoft Home of the Future, there was talk of these futuristic innovations eventually coming down in cost, just as smart devices did, so this type of futuristic home would be common.

A team at Microsoft Research conducted a study of 31 people across 14 households who have futuristic automated homes before publishing a paper called, Home Automation in the Wild: Challenges and Opportunities [PDF]. Home owners were classified into two groups: 1) Do-it-yourselfers (DIY) who have installed automation themselves and 2) Outsourced households who have outsourced the installation and management to professionals. Participants in the study mostly used augmentation to add automation to their homes. Household automation was broken down into two levels, user-controlled and rule-based. Across the board, all home owners shared security issues as one of the main concerns about their futuristic homes.

A previous study by Microsoft Research found that homes need a different operating system and an app store. A “HomeOS” would “simplify application development and let users easily add functionality by installing new devices or applications.” In the Home Automation in the Wild study, it described a Home App Store from which home owners could select applications and enabling hardware. These apps would have to be location-aware. Putting “in the wild” together with home automation apps, had me questioning Microsoft about security and privacy. Security vetting for those home apps would be especially important. For example, some app developers for smartphones do not address security or privacy risks and ask for overreaching privileges for access like to the microphone or camera. Smartphones have also become much more of a target by cybercriminals. How much more tempting might it be to taint apps that control your home? I asked one of the Microsoft researchers how do you envision a “home app store” getting around the security issues that apps for phones are encountering? But my questions were passed off to Microsoft’s PR department, meaning of course there were no straight-out answers.

According to the study, the three most favorite aspects of home automation were “convenience, peace of mind, and centralized control.” Remote access offered smart home owners the ability to remotely control “lights to make a house appear occupied when no one was home, turning on heating before they arrived home, checking the state of the house using cameras, or verifying the doors had been locked.”

Yet home automation remote access also caused some of the most alarming issues. Remote access to home cameras seemed to trouble the most people. One homeowner said before he would install that functionality he would want “A drop dead firewall to prevent outsiders from logging in and wandering around your house visually.”

Smart homeowners also need to decide if they want their home to respond to text messages for tasks. One household guru, who had chosen not to hook up remote access, said “I don’t want software controlling my front door. I don’t want it opening at random whilst I am on holiday…Once something is software controlled, it can be hacked in some way.”

Manageability would also seem like a challenge, since some people cannot even keep their computers updated with patches and sufficient software protection. Would there be nightmarish possibilities of zero-day exploits popping up to target people’s homes and not phones or computers if and when smart homes become a common occurrence?

Other challenges to automated home owners included the need to setup and manage user groups for guest accounts like for when family, friends, or babysitters were staying at the house. The visitors might need to be able to control the lights, or turn heat or air conditioning off and on. Guests would need access to part of the devices in a home, but not all things would need to be accessible to everyone. One homeowner used the example of not wanting guests to have access to view a camera setup in a child’s room.

From the paper it states in the conclusion:

Our findings suggest three future research problems: eliminating the need for structural change to install home automation, providing households with simple, confidence-building security mechanisms, and the ability to compose household devices. We are beginning to address these problems.

If the cost and complication to install home automation would be greatly reduced so that smart homes were more common, would you trust apps enough to give you complete remote access to all devices in your home from your smartphone? Or would that possibly be your idea of a privacy and security nightmare?

Here’s a closer look at the Microsoft Home, courtesy of Microsoft, and some of what Microsoft envisions future smart homes will be like in the next five to ten years.

Inside a teenager’s bedroom in the Microsoft Home: “In the teenager's bedroom, every surface is an interactive display. The room's design can change to match the mood, with immersive experiences, entertainment and social connections seamlessly integrated into the environment.”

In the Microsoft Home: “the physical and digital worlds come together to provide new kinds of experiences. Using sensor technology, the Home can assemble a grocery list, suggest recipes based on available items in the pantry and refrigerator, and offer step-by-step guidance.”

“Bringing together smart connected devices, powerful cloud services and wall-sized displays, the Home can tap into the world's knowledge to make learning more fun and immersive.”

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.