Google, Amazon, and Apple Join Forces To Develop IP-based Smart Home Connectivity Standard

Google, Amazon, Apple, and other technology companies have teamed up to develop a smart home connectivity standard that makes it easier for software and devices to play ball across the smart home ecosystem. From a report: Connected Home Over IP, as the new working group is called, will be spearheaded by the Zigbee Alliance, a group of companies that develop and maintain the ZigBee standard, which enables close-proximity devices (e.g light switches, smart speakers, locks) to talk to each other in the home. Smart home devices can use any number of protocols, such as Bluetooth, Wi-Fi, Wireless USB, Z-Wave, and ZigBee. Google also develops two open source protocols -- called Weave and Thread. All of these various protocols have inherent benefits and may appeal to equipment manufacturers and IoT system makers for different reasons, but manufacturers have to invest considerable resources to ensure their devices will work with all the others. So the working group is setting out to achieve a common standard for the smart home, based on internet protocol (IP).

Can someone check?

[DontBeAMoran]

Amazon, Apple and Google are cooperating with each other.

Can someone call Satan and ask him if hell has frozen over?

Re:

[BeerFartMoron]

Amazon, Apple and Google are cooperating with each other.

Can someone call Satan and ask him if hell has frozen over?

Replacing N competing standards with N+1 competing standard is the work of Satan. And his minions are doing his work well.

Re:

[JaredOfEuropa]

There are a lot of standards that cover data transport, or define a little bit on the functional level (like Zigbee), but getting devices from different brands to work together remains a challenge. You want a GE switch to be able to turn a Philips lamp on and off, an ADT keypad to operate a Schlage lock, that sort of thing. Z-Wave achieves a high degree of such interoperability, but it comes at a price (it's closed, proprietary and not that cheap to develop for). Zigbee and other protocols do not come cl

Re:

[605dave]

No kidding. There will be xkcd jokes about standards, but this really does sound like something that could truly make peoples lives simpler. Lets see how long it takes to roll out, and how much support it actually has.

When all else fails

[mtaht]

try standardization... with open source code along for the ride. The home networking and iot mess is... a mess. With all these parties getting together maybe it could get better. It certainly can't get worse.

Re:

[Anonymous Coward]

It will get worse, much worse. They will do fuck all about security and privacy except the least amount of lip service possible. It'll be cloud based, tied to these companies with plenty of back doors for law enforcement as an added revenue stream.

Re:

[Solandri]

Depends on if the standard is just a way for devices to communicate with each other on the same LAN. Or if the standard requires Internet connectivity so these devices can phone home, allowing these companies to spy on what's going on in your home.

Re:

[cusco]

I can see Amazon and Google cooperating, it will only improve sales if their hardware could talk to each other, but why would they invite Apple, the Diva of proprietary hardware and protocols?

Re:

[Darinbob]

Don't worry, it's all about creating a new standard. This means evil is alive and well and disrupting any possible advantage to this technology.

And allying with Zigbee, after they jumped the shark by using XML data to make it less accessible to their core market of low power devices, is just more evil flavored frosting.

Re:

[jrumney]

I'd hazard a guess that voice assistants are not included in the standardization proposal. The current situation is that hardware vendors get to control access to their hardware by pushing all the data through their own portal, often via a superfluous hub device. By seeking standardization for "smart home" devices, Amazon, Apple and Google are hoping to pull in all the data to their own portals, which users of their voice assistant devices will remain locked into.

Re:

[cusco]

There are a ton of devices that can talk to both the Amazon and Google systems already, this effort appears to be to ensure that it's easier for hardware manufacturers to continue doing that down the road. Why Apple is involved is beyond me, unless they just want to make sure that whatever comes from Zigbee can't talk to their stuff.

Life imitates xkcd

[psergiu]

https://xkcd.com/927/ [xkcd.com]

enthernet? / Powerline networking? wifi? clould?

[Joe_Dragon]

enthernet? / Powerline networking? wifi?

Also need to be no forced cloud so that you don't get internet down = no control

Re:

[Fly Swatter]

Home devices should not be able to be assigned an IP outside the local network. They should require a local router to talk to the internet, that itself will continue to function without internet. Just because you can doesn't mean you should. IOT is just stupid, it's like putting the front door to your house right in front of everyone else's door, everywhere.

Re:

[cusco]

IoT is a lot more than your connected refrigerator, the **VAST** majority of IoT devices have nothing to do with your home. Smart streetlights, traffic control system, factory automation, fish ladder counters, weather stations, tide monitors, sewer output analyzers, you name it. By this time next year there will be 20 billion IoT devices deployed, home automation stuff is a drop in the bucket.

Want to bet ...

[PPH]

... that whatever solution they come up with, it will depend on some central control service supplied by Apple, AWS or Alphabet. Perish the thought of an RPi based solution, where you run your house from your own box in the basement.

Re:

[Alain Williams]

This is exactly what I want: run off my own in-home server and none of the devices call home spaffing my: power usage; lights on/off; heating temperature; ... to the Internet data vampires. Isolating all of these things onto my home DMZ will avoid many of the security problems due to the vampires & script-kiddie crackers.

Re:

[jrumney]

I think a RPi solution will be possible if they are successful, but they are banking on most customers connecting their devices through their own portals for Alexa, Siri and Google Assistant integration (which I'm sure won't be included in the standardization).

Re:

[Junta]

The problem is currently we have:
-WiFi devices that generally only support 'call home to vendor cloud' so that even if I'm on my couch and want to dim the room lights, for some reason the internet tends to be involved.
-A smattering of ZigBee and ZWave devices that work fine, but there are few of them and the lower volumes tend to cost more.

I don't want or need IP, I want unroutable devices that I can access locally. WiFi is *ok*, but I need some way to know that it has a local, open API that has a hope wit

Kickstarter for Decloudify box anyone?

[BAReFO0t]

A RPi-based box that just acts like a router between your home devices and your gateway router from your ISP.

Which deliberately MITMs all Google/Amazon/Apple/Facebook/Microsoft/Mozilla/etc connections, acts as if it is those, and runs a local "cloud" to substitute them, instead. Including DNS (with DOT and DOH).

With all data being stored in trivially easily scriptable and extractable formats, for easy migation and writing of adaptors to other stuff in a few lines of bash.

Offering an always-on OpenVPN for yo

Re:

[Junta]

Not possible. The devices will only connect with TLS services that have the correct certificate.

If they didn't, it'd be a security nightmare.

Since they do, it's impossible to 'own' your device.

The better path would be access to replace firmware (e.g. the Tasmota firmware for ESP8266 devices), though then again, security has a problem because what is customer empowerment is also a 'supply chain attack vector'.

Re:

[AmiMoJo]

They probably won't. Aside from all the stuff they are using being for local control, it makes for a really bad user experience when the internet is down and you can't turn on the light.

Certainly Google has been moving that way already for usability reasons. Pixel phones do voice recognition on the device locally now for faster response.

Better: Connected Home Universal Management...

[ToTheStars]

...Protocol. Because you're a CHUMP if you think that you need smart devices in your home, and you're a super-CHUMP if you think Google's going to sustain this "standard" for the kinds of time-scales that homes are (or at least should be) built to last.

April was 8 months ago

[Sebby]

A little late (or early) for April Fools

Oh, you're being serious?! Well, it's doomed anyways:

1. Google - they'll either just kill it [killedbygoogle.com] in 1-2 years, or they'll "adapt" it such that you'll end up being forced to use Google properties in the end (bait-and-switch)
2. Amazon: they'll just use this to get up the scale [slashdot.org] of privacy invasion.
3. Apple, since it involves two other privacy invaders (see above), this is a non-starter, assuming this isn't just vaporware [theverge.com], since this is essentially a pre-announcement of non-existe

Subnets

[Retired ICS]

Will this work across subnets so that I can keep all the nasty little craps in their own subnets? Or is it going to yet again more crap that requires a flat network topology where the filthy little insecure crap cannot be isolated to its own little playground?

I do not permit the any of the "smart home devices" to live on the same subnet as anything important. Nor do I permit them to talk to the Internet. Nor are they permitted to use UPnP to diddle with network security. This means that at present all these so-called "smart home devices" are useless.

Will this fix that problem, or is it really just an effort to allow the conspirators to steal more data?

I dunno

[beep54]

Sounds like an excellect way to get your entire home hacked at one go.

The Latest Waste

[kackle]

I know there's no stopping the widespread, delirious enthusiasm for these new, shiny, IoT toys for the home, but I'm posting this here for future historians to note that we are not all hypnotized by the wasteful, polluting, soon-to-be-landfill junk that really doesn't benefit our lives at all.

An example: In the news now is the hacked camera that was used to taunt a little girl in her bedroom via its microphone. I was wondering, if the cameras (on the extremely unlikely chance) actually did record a kidn

Security???

[rjune]

The only mention of security in the article is: Apple said in a separate statement. “The project is built around a shared belief that smart home devices should be secure, reliable, and seamless to use.” I think those items in opposite order of importance. Having all of the devices work together will just make it easier for them to be hacked.

Being an insider to IoT,

[dragisha]

I can tell - this can be good. Of course, lots of action will be their attempt to seize narrative, but I think this is their survival battle in untold-billions-of-IoT-devices space before everything else.

Nobody serious about his work will allow them to dictate how to do this or that, but some standardization is always helpful. It can help people not to have to invent everything, and spend money on making everything. Various UIs on various platforms, dashboards and things, alert managers, gateways and bridges.... It will be good if they all can speak some interoperable protocols as it can make entry easier for small players. As long as we do not allow them to teach us how to do everything and wait for them to serve it to us, in exchange to our credit card details.

Re:

[Junta]

I want an easy way to determine a device is a 'local network capable' device, where once I buy it and manage internal network access, it no longer phones home or otherwise requires that the vendor continue some presence to support my device.

Re:

[cusco]

Since they pretty much all use DHCP, and almost all of them have the MAC address printed on them that should be trivial.

Re:

[Junta]

The issue is that sure, I can block internet access and prod it. However the firmware is quite possibly signed so you can't replace it, and the firmware is designed to only allow local access to configure internet access, and all core functionality is hard coded to access designated servers from the vendor for command and control.

Re:

[cusco]

Ah, thanks for the clarification.

In many cases requiring that the IoT devices live in the Cloud is for ease of use, maintenance and future patches/upgrades, but in a lot of cases it's laziness or incompetence of programming staff who have no clue how to program a distributed network of devices to work in stand-alone mode. In either case if they program the system exclusively to reside in the Cloud they only have to worry about uptime and whether it works through a web browser. If the end user is going to

The future will be amazing...

[BAReFO0t]

... for black hats!

Cause EVERYTHING will be hackable! Like in the movies!
And it will be trivial too! Metasploit, scan, go!

The first person who gets a city-grid-wide blinkenlights-style Pong game going, wins a case of beer from me! (Cities over 500,000 people without the greater area only.)

Alljoyn

[imcdona]

Isn't this what Allljoyn was supposed to do?