IoT is all the rage, everybody is making an IoT product. But a big failure by an established firm last week draws attention to one of the biggest challenges in connected products: Over The Air (OTA) updates.
Companies are building Wi-Fi, Bluetooth, etc. into their products to ensure they have the latest cool features (smartphone control, scheduling, etc.), and also to ensure they are compatible with new features. For example, if I launched a Wi-Fi product before Amazon launched Alexa, and thousands of existing customers are writing bad reviews because they want to control that product with Alexa, I can send out an OTA update that adds voice control through Alexa if I built OTA firmware updates into my product. Additionally, a new bill was proposed to the senate recently that requires IoT products in government networks to have the capability of OTA updates to ensure any security flaws can be patched as they are discovered. OTA updates obviously have their pros, but they must be implemented carefully.
LockState, the company known for Wi-Fi deadbolts, sent an OTA update last Tuesday that appears to have bricked hundreds of their devices. We don’t know if it was an incorrectly implemented checksum, a corrupted firmware file, or if some admin just picked the wrong file to send out in the update. But it’s a great example of what can go wrong if OTA updates aren’t done carefully, and the outrage on twitter nails down the consequences for a brand.
— proprietresswy (@JuniperWyoming) August 7, 2017
@lockstate Your firmware update bricked at least 500 locks. Very costly. Replacement in 14-18 days? Email response over 12 hours? Not OK.
— Coffee Review (@coffeereview) August 8, 2017