Re: Zigbee? Z-Wave?
Indeed, there is something wrong with router, switch, and 802.11 for this application. Devices that communicate over protocols and media like the Internet and networks can get owned like the Internet and networks do on a daily basis.
Imagine a world in which you have to make sure that your light bulbs have the latest firmware, lest they be vulnerable to a trojan that makes them a part of a botnet, or a point of ingress into your LAN, because they're on the same WiFi network as your laptop.
Imagine that this light bulb manufacturer doesn't give one crap about the security of the network protocol of their devices, because their average customer doesn't know better, and the problem is costly to correct.
Imagine that most IoT devices and manufacturers feel this same blasé attitude toward network security, creating a vast international blanket of easily ownable network appliances.
Then, stop imagining, because that is the world that we're actually in.
I believe that if we really stop and think about what these IoT devices are FOR and what they actually need to DO, we'll see that a simple protocol similar to TR-069, which is largely a named and numbered list of supported commands and features, would more than cover any use case for a potential IoT device, without exposing the IoT world to the ravages of the IP network world.
Of course, this would require the networks to be segregated, since they speak a different language at the hardware level (by design), and would require some sort of central "brain box" in the IoT home to act as an intermediary between the IP network and the IoT network, but what's wrong with that? They could iterate on the standard as much as is necessary, and only the main "brain box" would need any real security and firmware patching, since the light bulbs and coffee pots, etc, can't do anything but what it on the enumerated list of supported features in the protocol they use, and would therefore be mostly immune, by design, from hacking.