Your desktop 3D printer is really an IoT device in disguise

There is a double-edged sword to having internet-enabled 3D printers. Like other Internet of Things (IoT) devices, they may open potential back doors for hacking and breaches.

special feature

Harnessing IoT in the Enterprise

The tech revolution is spreading to every corner of the earth with the Internet of Things, and it's enabling data analytics and automation in ways never before imagined in business.

Read More

Depending on whose numbers turn out to be right, there will be somewhere between 20 and 200 billion "things" connected to the internet by 2020. We all know about the connected light bulbs and cameras, but so many other devices will be tied into the internet, ranging from cars to home appliances.

In the business and industrial space, expect a level of hyper-growth that eclipses even that of consumer use. Most smartly run businesses are obsessed with metrics, with control, and with careful management. There is also the value-add of being able to control and manage devices remotely and through mobile connections.

Production machinery, sensors, and even office gear can now all be connected to corporate networks, and, through those networks, to the internet at large. Therefore, we can expect vast armies of enterprise devices with their own IP addresses.

One such category of connected device is the 3D printer. I currently have five 3D printers here in the lab. Four of them have network connections.

makerbot-and-ultimaker.jpg

Monitoring print status on both a MakerBot and Ultimaker from my iPhone

In fact, the only way you can initiate a print on one of the printers, the $399 MOD-t, is via a webpage. The other printers have both mobile apps and local PC-based apps for monitoring and initiating prints. Right now, for example, I'm printing a 35-hour test print. Earlier today, while in the parking lot of the local Home Depot, I was able to check on its status and see that it was still printing.

While there may be some value in initiating a 3D print remotely, the ability to look at live video of a print process is invaluable. That's why, shortly after setting up the LulzBot Mini, I added a Raspberry Pi and a webcam.

Prints, particularly complex or large prints, sometimes run into problems. It's nice to be able to keep an eye on the printers, much as you would a baby cam or a pet cam, just to see if they're getting into trouble.

There is, however, a double-edged sword to having internet-enabled 3D printers. Like other IoT devices, they may open potential back doors for hacking and breaches.

Many 3D printers use Arduino-level single board computers, which can generally only run one program at a time. Other printers, like the Ultimaker 3, have full general purpose computers inside. The Ultimaker 3 has an A20 LIME2 Linux board inside, which is an open source hardware design.

Now, let's be clear. Ultimaker is among the most careful and well-respected producers of 3D printers, so their on-board computing capability is likely rock-solid. But there are a lot of pretty questionable 3D printers coming out, at lower and lower cost, with barely any attention being paid to quality. These printers are likely to use an open-source board and variant of Linux, and they make no serious effort to safeguard security.

As a result, it's entirely possible that a 3D printer you bring inside a firewall is not just potentially vulnerable to a hack, but may well provide all the power and capability of a Linux environment, running unchecked, within your assumed-to-be-secure perimeter defenses.

Of course, 3D printers aren't the only devices at risk. Some smart TVs are running Android. My old TiVo boxes had a variant of Linux running on them, as do many set-top devices. CNC machines, industrial machinery, and medical instrumentation are all vulnerable to breaches and hacks.

The bottom line is simple: Be aware of the IoT threat within your organization. That doesn't mean you shouldn't use internet-capable smart devices. But design your networks with security in mind, segment your networks where possible, add intrusion prevention systems to your network defense strategy, and stay vigilant. This IoT thing is going to get a lot worse, and we're going to be the folks who have to clean up the mess.

Video: Why building IoT solutions remains a challenge for developers

You can follow my day-to-day project updates on social media. Be sure to follow me on Twitter at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, and on YouTube at YouTube.com/DavidGewirtzTV.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All