I was recently told that we are moving toward a world of “Internet of Things” and more specifically, an “aware home,” where these “things” will be most helpful.

If I am away, I can still vigilantly watch what is going on at home. I can control ventilation and heating. And it won’t be long before all my misplaced possessions will tell me where they are and my front door will open for visitors when I am not home.

Ordering food over the Internet has become commonplace. However, if my fridge decides I don’t have enough food and sends me a message to ask if it should place a delivery food order, it’s a very different type of agency. It could even place the order without consulting me, with delivery set for my usual homecoming time. Maybe my laundry basket will start crowing for attention because it is too full. And goodness knows what happens when they all start talking to each other.

Currently, these systems work separately, but we are fast approaching a world in which the systems will speak to one another. This is a whole different kind of commodity product agency. Am I going to be embarrassed when my fridge and laundry basket confer and decide I fit the programmed-for persona of a slob and therefore require an upgrade of commodity decision making on my behalf?

But what does this have to do with this revolution called the Internet of Things, which I affectionately call “IoTs” (pronounced “eeyuts”). Before I start listing more of my hopes and fears for this emerging IoTs world, let’s delve into what we can expect.

A somewhat rough Wikipedia entry states the following about the Internet of Things:

“In computing, the Internet of Things refers to a, usually wireless and self-configuring, wireless network between objects, such as household appliances.”

It goes on to speculate that such connected objects would be things like “cans, books, shoes or parts of cars,” all of which would be “equipped with minuscule identifying devices.”

How is this going to be possible? Well, apparently, the next generation of Internet applications will use the IPv6 protocol, which will be able to identify more objects than IPv4, the infrastructure of our current Internet world. Apparently IPv6 will be able to instantaneously identify any kind of object. The driving scenarios for the enthusiastic Wikipedian authors of this article are that stock shortages and wasted products will be a thing of the past as a result of all this tagging. But the dream has more layers.

The weak IoTs hypothesis (version lite) is that most objects will be addressable so devices can be “pinged” to see where they are and what they are up to. But in the version-lite world, this is likely to be a network of dumb things that can be pinged and located; these locatable objects can’t, except in the most minimal ways, answer back. And aside from the most rudimentary data exchange, there will be little connection between the objects in the network. These objects will not be able to make decisions for themselves or chatter amongst themselves.

The strong IoTs hypothesis includes the world of “spime”-a concept invoked first by science fiction writer Bruce Sterling. In 2004 Sterling painted an image of a technological device that, through pervasive RFID and GPS tracking, could track its history of use and interact with the world. As more objects become addressable and develop more intelligence and agency, we will have a world of autonomous, sort-of sentient beings that communicate amongst themselves and will be able to auto-organize depending on the context. Some pundits of what has been called ambient intelligence are very excited about this dream.

To me, this all sounds really exciting. But I have a dream. And that dream calls for the development of self-organizing, sentient socks that can find each other. I want a sock drawer that resembles Noah’s ark, with neatly assembled socks stacked two by two. Right now? I see a lot of singletons wondering where their other half went.

I have been spinning this simple fantasy for a while. Years ago, Les Nelson, Tomas Sokoler, and I designed a suite of objects called “Tools That Tell Tales.” One such tale-telling tool would be the loaned wheely bag that reports back to you to say it is having a nice time on vacation with your friend. Perhaps that wheely bag is a spime-but the term didn’t yet exist. One thing to note is that the tools told you their tale only when you asked for it. We never tackled how on earth they would know whether or not to interrupt you.

I realize that I’m not sure I trust my socks to self-organize without disrupting the other inhabitants of the clothing drawer. And what if my confused and lonely socks get so distraught in their unsatisfactory search that they crash the operating system? Yes indeed, as I think about whether I would or would not trust my semi-sentient socks, I realize that, for me, the cloud on the horizon of this dream world of sentient (or at least semi-sentient) objects is trust in all its forms.

Trust is a slippery concept. Judd Antin of the iSchool at UC Berkeley and I checked out the stats: The word has appeared in the titles of papers indexed by the ACM Digital Library more times between 2005 and 2007 (149 times) than in the previous seven years combined (1998 - 2006, 131 times). Most of the reported research addresses trust in enterprises, especially in the context of e-commerce, trust as developed in mediated human-human communication contexts, or systems perspectives on trusted/untrusted networks and network security.

Research into trust is all about uncertainty and risk. In interface and interaction design, trust unpacks to the familiar concepts of reliability, predictability, credibility, and visibility/transparency. Thus, I see at least three dimensions of uncertainty and risk for IoTs to address if they are to be deemed trustworthy by experiencers (these are not necessarily users, after all; we may just be experiencing these IoTs unknowingly-the word “use” implies awareness).

First there’s system reliability, consistency, credibility, and transparency. As system designers, we know that people will not continue to use technologies that they cannot trust to do the job they are supposed to do on a regular and predictable basis. The problem is, once there has been a breach we could not have foreseen, distrust sets in. And distrust is much harder than trust to navigate. Distrust is about fear and self-protection; it is about not believing in the product, the tool. Once someone distrusts a system, it is very hard to regain their confidence. Lack of reliability and consistency are deal breakers for most people.

Let’s think about some design challenges that must be addressed to ensure user trust in the home IoTs system: exception handlers for sock drawers; incompatible sock releases; house virus updates; and operating system conflicts for merging households. How are you going to debug the house if it decides to lock the bathroom door with Auntie Elsie inside? How do you negotiate with your household IT administrator if she is 13 years old and angry at you for grounding her? And how do these systems operate in an effective decision-making hierarchy? Who gets to have the last say? Think of the power struggle if my applications are in conflict-my jeans in conflict with my T-shirts about which require my attention first. Anyone who has been around children who are arguing can understand the power struggles that come about between somewhat independent, sentient, and opinionated agents. And the question of all questions, how many buttons are there on an IoTs household remote control?

Second, there is a stickier problem, the reliability, consistency, credibility, and transparency of the network information transport-that is, the possibility for data/information leakage. Internet connections are often insecure, spewing data out and allowing others to see my actions intentionally or by accident. The boundaries between walls are permeable. What if my sock falsely pairs with a sock next door? And what if my fridge starts putting my favorite foodstuffs on my neighbor’s shopping list? Do I really want them to know that my sophisticated palate requires at least two jars of peanut butter a week? Now, there may be no malevolent entity using this data or snarfing my bandwidth, but even opportunistic information observers may enjoy this.

When I was growing up in the U.K., there was a term for nosey neighbors whose personal joy is to research your personal life: “curtain flickers.” Most of their observations took place through windows. One of the advantages of curtain flicking for the observed is that you can see the movement of the fabric and at least sometimes know you are being watched. Now curtain flickers need not even approach the window, and you receive few cues about your promiscuous data flow. The question is: Are my sentient objects going to know whom to share content with and whom not to?

Third, there is the thornier problem of malicious attack through deliberate and intentional hacks. The boundary of bricks and mortar are easy to see; unseen entryways are more difficult. Marketers of household cleaning products have for years been warning us of unseen dangers like germs and small creatures that can enter our home; the germs of tomorrow in the IoTs world are going to be those in service of humans with malicious intent. Frankly, once you get malicious or self-interested humans in the loop, all is likely to go to hell. It is worse than the days of yore, when shills and confidence tricksters used classic motivators-ego, greed, avarice, lust (in fact, all seven deadly sins)-to trap us into giving away information that in other circumstances we would not share. Worse than these kinds of social cons are unseen attackers who steal personal information like bank account details and social security numbers, without ever interacting directly with us. In these cases we may not know for some time about a breach.

The second and third aspects of trust here revolve around the permeable boundaries that the Internet creates, and in the home setting, that means a whole new angle to perimeter security. The perimeters of the home have shifted, requiring new forms of vigilance. Of course, this crossing has been happening for some time with TV shows downloaded to TiVos and so on, but with newly developing aggregated services for living environments, more and more people are crossing the residential gateway. And these Internet-enabled agents who are hackable and who live in an integrated world of data flows-where my sensitive information resides-make me feel vulnerable.

If you think I am being overly conservative, picture this. It’s a chilly evening, and as you head to bed and snuggle down, you feel safe in the knowledge that the next morning will bring a nice strong cup of coffee to break the day. But, in a hilariously titled online June 2008 entry, “All your Coffee are Belong to us,” Slashdot posted the following: “Craig Wright discovered that the Jura F90 Coffee maker, with its honest-to-God Jura Internet Connection Kit, can be taken over by a remote attacker, who can cause the coffee to be weaker or stronger; change the amount of water per cup; or cause the machine to require service (call this one a DDoC). ‘Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user.’ An Internet-enabled, remote-controlled coffee machine and XP backdoor-what more could a hacker ask for?”

Whether this coffee pot hack actually ended up causing people problems or not, I don’t know; I could not find any follow-up stories. But the unwitting Internet-enabled home device as a Trojan horse is surely something we can all imagine. One response to this is that we need to educate users-or better still, let’s just insist that users need to “be more careful.” It is a strange thing that although we see the Internet as a risky place, we do not take steps to protect ourselves. Study after study shows that people do not secure their wireless home networks. And you only need to spend 20 minutes on social networking sites to find out way too much about a person-information that could help you breach the confidentiality of their personal data. Finding out a whole heap of stuff about a person is really easy with just a little technical expertise. Sarah Palin, the running mate of defeated John McCain in the 2008 elections famously had her email hacked-her password and security questions were easily guessed from information available on the Internet.

In the end, I am talking about the complexity of systems that have more and more moving parts, what has been called the seamless aggregation of services in the home. Of course, trade-offs exist between simplicity and control, and we are still trying to work out how to build self-reflection within these multilayered sociotechnical systems regarding gateways in the inter- and intra-module data flow. But one of the other aspects of this is that as these semi-sentient objects get better, we develop relationships with them. The affective bonds we create mean that traditional, rational cognitive models of vigilance, security practices, and perceived risk do not account for the latitude that trusted “friends” get with information, or the betrayal we feel when our interactive helpers allow themselves to be hacked. We are and we will be more and more intimate with our semi-sentient devices, just as we “trust” social networking sites to safeguard our precious data and are emotionally distraught and feel betrayed when we discover a breach.

I suspect that continuous negotiation with the IoTs and with the network providers who control them is going to make me tense. All this makes me want to jump headlong into a research agenda centered on infrastructure policy and on network security, to assure a view of IoTs as the front line in the sociotechnical and emotional networks of trust, reliability, and confidentiality, not just as devices, nodes in the networks where digital information flows.

So, right at this moment, when thinking about the strong IoTs hypothesis at least, I am inclined to agree with J.K. Rowling’s character Arthur Weasley in “Dobby’s Reward” when he said, “Never trust anything that can think for itself if you can’t see where it keeps its brain.” On a positive note, there are their new employment opportunities here: interior home integrators, managed home Internet services, remote Internet locksmiths, thing-programming specialists, and thing therapists.