Case study 1: the ordering stick
Amazon introduced in 2015 the Amazon Dash Button, which is a small physical object connected to the home WiFi. Pressing this button will automatically order a particular product on Amazon, such as laundry detergent, milk, razors, etc.
This is a typical example of the deployment of the Internet of Things: a small device, built for a very specific purpose, which offers a simplified interface and can connect to the Internet at the same time. The motivation for such a product is to bring the interface for a service to end-users where they need to use that service, or simply where they think about that service: you are more likely to think about buying some new laundry detergent when you finish the previous box, which is likely to happen while you are doing laundry rather than being on your computer or smartphone.
Amazon Dash buttons are, from a location perspective, the successors of the TV remote control, which allows you to control your TV from where you watch it, of the remote thermostat, which allows you to control your heating system from places in your house where you can feel the actual temperature, or even of wireless phones, which allow you to make calls from where you want.
Amazon Dash buttons are a clear example of an ever-improving usability, and, as we have discussed throughout this course, this has an impact on security. For instance, a visitor might want to cause some damage by triggering some unwanted purchases, or an attacker might try to override the target of a button to perform some unauthorised purchases. Of course, Amazon makes sure their buttons are as secure as possible, but we have seen in the previous weeks that increased usability tend to create new, sometime unanticipated, vulnerabilities.
© Newcastle University