WebThings: IoT + Privacy

Philippe Coval <purl.org/rzr> #LEE 2020

lee.png

$ whois Phil Coval

IoT from past…

netcoke.jpg

cokebrai.jpg

  • UX: finger coke@cs.cmu.edu

IoT to present

  • From promises to reality:
    • Interoperability vs Silos ?
    • Security vs Privacy ?
  • Home's devices are controlled
    • by cloud operator
    • mobile apps provided to consumers

Open questions ?

  • How strategic is your:
    • Home/family/health/data/life… ?
    • Gain vs loss ?
  • Who to trust or delegate to ?
  • Data harvesting / brokers or leakage ?
  • Cost and reliability of infrastructure ?
  • Is regulation or "Cybersecurity" enough ?
  • What about resilience or sovereignty ?
  • Tech vs culture ? Choice is yours

Ethical considerations

  • GDPR Article 25 conveys the key principles
    • privacy by design (& by default)
  • Opportunity for FLOSS projects:
    • Privacy is part of community's DNA
  • Challenge: IoT with privacy
    • User and user's data centric
    • Decentralized and resilient

Privacy By Design Principles

  • Proactive not reactive; preventive not remedial
  • Privacy as the default
  • Privacy embedded into design
  • Full functionality – positive-sum, not zero-sum
  • End-to-end security – full lifecycle protection
  • Visibility and transparency – keep it open
  • Respect for user privacy – keep it user-centric
  • https://wikipedia.org/wiki/Privacy_by_design

Web as a platform

  • Designed for Interoperability
    • Built on Standards and FLOSS
    • Decentralized (as Internet)
    • Trusted runtime (Isolation in browser)
  • Hardware agnostic
  • Rich UI/UX, Progressive web apps (Mobile)
  • Programmable: REST API, WebSockets (RT)

Web Of Things (WoT)

WebThings

  • Smart-home platform born in Mozilla ET lab
  • Framework to build "native webthings"
    • Local HTTP Servers talking REST
    • CRUD Properties, Actions & Events
  • Gateway software
    • Connect all webthings devices in LAN
    • 1.0 release for EoY 2020

moz-iot-privacy.png

WebThings gateway

  • Web Application + headless server
    • Stay and run in LAN
  • Easy to deploy on GNU/Linux
    • Raspberry Pi: dump and boot SD card
    • Other SBC supported, Deb/RPM or Docker
  • Connect all "native webthings" together
  • Gives control back to users
    • UI to control/automation from browser
    • More features: logs
  • Support addons to connect more devices

WebThings ❤ Privacy

  • Everything runs in home's network
    • Discovery using mDNS
  • Devices can be shared to other apps:
    • using REST+WS with JSON Web Tokens
  • Security is handled by gateway:
    • Gateway run in user's LAN
    • Data stay at the edge, no cloud!
  • Remote access is possible using tunnel

WebThings REST API

git clone https://github.com/WebThingsIo/webthing-node
cd webthing-node && node install
node example/simplest-thing.js
$ curl -s http://localhost:8888/ 
{ ...
  "@context": "https://iot.mozilla.org/schemas",
  "@type": ["OnOffSwitch"] // capability
  "properties": {
    "on": { ...
      "type": "boolean",
$ curl -s http://localhost:8888/properties/on
{"on":true}

$ curl -H "Content-Type: application/json" \
  -X PUT --data '{"on":false}' \
  http://localhost:8888/properties/on

Addons (130+)

  • Virtual things (simulated on gateway)
  • URL Adapter (Native)
    • DiY devices built with webthings libs
  • Other device/protocols adapters
    • to map smart devices as webthings
    • eg: Zigbee, ZWave, BT, ONVIF camera…
  • And beyond (Local / Online Services):
    • Gateway hosted things (ie: IO/Sensors)
    • Social: ActivityPub, Email, OpenSenseMap
    • Logic, Calendar, Voice (deepspeech)

ActivityPub Adapter

📺 📺 📺

WebThings community

Sensehat webthings

📺 📺 📺 📺 📺

Summary

  • Privacy relies on trust of infrastructure
    • The WWW is decentralized and extensible
  • WebThings SmartHome platform
    • can connect homes devices in safe way
    • easy to interact with and automate
    • extensible with addons (online services)
  • WebThings API is simple and flexible:
    • WebOfTwins, Microblocks, VR, Hubs…

Q&A or extra demos ?

b28e4b8deb8adee9.png

Mozilla hubs w/ IoT

📺 📺

IoTivity PoC

📺 📺

Web Of Twins Robot

📺 📺 📺 📺 📺

Sensor and Actuators

📺 📺 📺 📺 📺

Resources and more:

Video Playback

📺 📺 📺 📺

More

Playlist

📺 📺 📺 📺

Created by Philippe Coval