The networking of "things" is not a problem as long as you can opt out of it. Can you stop the toaster of the future from talking to the vendor, the crock pot, Google, the neighbors, your router?
Policy-wise we need a requirement of opt-in: the manufacturer can try to convince you that connecting the device to internet is beneficial for you, but has to let you say no.
And on the technical side, if it needs to be authorized in your router, you already have an opt-in. If it's going to connect by default somehow, maybe by open mesh wireless or somesuch, that's a problem for privacy and security.
Implantables, and particularly life-essential ones like pacemakers, are different. They need remote access to enable updating without surgery, but it must be secured well enough to prevent the sort of vulnerabilty the article describes.
BTW, if you were intent on killing someone, wouldn't it be just as effective to direct a strong RF signal to burn out the electronics, overwhelming any access controls?
Policy-wise we need a requirement of opt-in: the manufacturer can try to convince you that connecting the device to internet is beneficial for you, but has to let you say no.
And on the technical side, if it needs to be authorized in your router, you already have an opt-in. If it's going to connect by default somehow, maybe by open mesh wireless or somesuch, that's a problem for privacy and security.
Implantables, and particularly life-essential ones like pacemakers, are different. They need remote access to enable updating without surgery, but it must be secured well enough to prevent the sort of vulnerabilty the article describes.
BTW, if you were intent on killing someone, wouldn't it be just as effective to direct a strong RF signal to burn out the electronics, overwhelming any access controls?