Did you hear Alexa’s creepy, disembodied, and irrelevant laughter the other day? If not, you can count yourself lucky. As we adopt more devices for our homes and bodies, we open the door to more vulnerabilities and errors.
Nobody expects new technology to work perfectly, but the recent system failures like and operating errors — like those of Alexa and Oculus Rift — offer a valuable lesson for consumer and developers about IoT. Basically, it illustrates just how far we are from a functional IoT future.
Amazon Alexa’s creepy cackling
In case you didn’t catch the story, Amazon Echo devices began producing quick, inhuman-sounding laughter, completely unprompted by their owners. Owner reactions to the laughter ranged from amused, noting the absurdity of its out-of-place nature, to terrified, being genuinely creeped out by a laughing robotic voice reminiscent of something out of 2001: A Space Odyssey. As social media users quickly turned to each other for reassurance they weren’t going crazy, Amazon acknowledged the problem.
If you’re curious, devices were programmed to laugh in response to the phrase “Alexa, laugh,” which produced a lot of false positives. In response, Amazon developers issued a change to a more specific phrase (“Alexa, can you laugh?”), which will result in fewer false positives, and an introductory response, “sure, I can laugh,” to prepare listeners for the laughter.
Oculus VR’s admin error
Around the same time, Oculus Rift’s VR headsets became inoperable for nearly a day thanks to an administrative error. Oculus neglected to renew one of their security certificates, preventing their headsets from running key lines of code necessary for full operation. Since security certificates are necessary to authenticate software, most computers won’t run code that doesn’t pass this screening process.
As with the creepy Alexa laughter, frustrated users were quick to turn to social media to voice their concerns. Oculus acknowledged the issue and posted a fix within a day, then offering all affected users $15 of store credit to make up for the inconvenience.
Key similarities to note
On the surface, these are very different problems. Oculus’s holdup was the result of a simple failure to update security certificates, while Amazon’s creepy laughter (which didn’t prevent Echo devices from being used) was inherent in the way the software functions.
But the curve of realization and deployment is important to recognize, for the following reasons:
1. Software updates occur in tandem
When companies release a new software update for their devices, they tend to release it all at once, pressuring or even mandating users to commit the software patch or upgrade as soon as possible. For technical purposes, it’s easier to have everyone running on the same iteration of the software; tech support gets easier, and inter-device communication is easier to manage.
However, this also introduces a bigger vulnerability; if there’s a bug in the code, it suddenly affects millions of people, all at once, rather than a single individual.
2. QA testing isn’t always as thorough as it should be
We also need to acknowledge that QA testing isn’t always as thorough as it needs to be. Developers are under pressure to make updates as quickly as possible to respond to new security threats and improve their already-popular devices to improve customer retention.
They look for high-level compatibilities, rather than trying to squash every bug. The problem is even bigger for young startups, eager to get to market with a minimum viable product as soon as possible.
3. Functionality is tentative
Just a decade ago, when you purchased a high-tech gadget, you became an independent owner of that gadget; any trouble that befell it was unique to you, and while it was destined to eventually fail, you didn’t have to worry that your device would suddenly become non-functional.
Today, functionality is often tentative; a bad software update or an incomplete connection could render your device completely useless. Without an internet connection and the ongoing support of the developers, your investment may stop working altogether.
4. Devices are everywhere
Though we’re not into “smart home revolution” territory, we still have more connected devices than ever before —about 23 billion, currently. The sheer volume of potentially affected devices makes every software update important, especially for major tech companies.
Why it matters
Today, these technical hiccups are more amusing than anything else — after all, creepy laughter does little more than give you a temporary dsstartle, and anyone can live without VR for a day. But in the near future, when smart gadgets are controlling more aspects of our lives, from the climate of our homes to our medical devices, these errors and bugs are going to become more significant.
So what do developers of IoT devices need to learn from these experiences? Here are three things, as I see it:
1. Phased update releases
Rather than issuing an update to customers all at once, companies could offer a phased update, issuing changes to a small percentage of users at once and gradually increasing to the entire population. Google’s Play Console already offers this option to developers, and many are taking advantage of it. It comes with its own set of disadvantages and concerns, but it could be especially important for updates that haven’t been tested thoroughly in a safe environment.
2. More contingencies
Developers can also institute more contingencies and safety mechanisms to protect their user base from experiencing critical issues. For example, if Oculus had more redundancy built into their admin processes, they might have had a second chance to catch that expired security certificate. Backups are important for every complex system, and they’re only going to become more important.
Company responsiveness is where Amazon and Oculus really shone in these issues. In less than a day, each company publicly admitted to the error and issued a fix. In an era with instant communication and an expectation of constant uptime, this should be the minimum standard. Developers should be on call and committed to keeping an ear out for issues, so they can react quickly and make corrections in a timely manner.
We need to take IoT and the nature of our connected devices seriously, as the next several years are going to bring explosive growth to the industry. It’s our job to hold developers more accountable for the functionality of their devices and software.