Slashdot Mirror

← Back to Stories (view on slashdot.org)

Beware the Ticking Internet of Things Security Time Bomb

Posted by Soulskill on from the also-beware-of-all-time-bombs dept.

alphadogg writes: A panel of security experts, including from IBM, LogMeIn and formerly RSA, warn that IoT security is a growing threat because device makers haven't baked in security. IT security staffs are already inundated with safeguarding internal infrastructure and cloud-based resources, so guarding against a slew of new threats is likely to be overwhelming. LogMeIn's Paddy Srinivasan says most Internet-of-things OEMs "barely even have IT staff," so they aren't capable of developing rigorous security even if they wanted to. IBM’s Andy Thurai says most companies are rushing technology to market to try to monetize you as much as possible, and they aren't even willing to give you a cut for the data you supply. Regulations may help, but probably not enough and definitely not soon.

3 of 131 comments (clear)

  1. Re:Some 'Things' more valuable than others by 0123456 · · Score: 1, Insightful

    Older cars were generally more reliable because there were fewer things to go wrong.

    Uh, no, they weren't. You might be able to fix a 1970s car when it broke down, but they broke down a lot more. Go back to the 1930s, and there were even less things to go wrong, but you were probably doing maintenance on those things every weekend to ensure they didn't break down.

  2. Re:If an IOT device phones home DO NOT BUY IT by AmiMoJo · · Score: 3, Insightful

    I find it depressing that our attitude is now "avoid new technology" rather than "how can we make this secure?"

    Maybe it's time for an open source secure IoT platform that companies can use. As well as an OS it would need to provide stacks for doing common IoT stuff in a secure way, that has privacy controls built in.

    Buffalo ship routers with DD-WRT installed, advertised as a feature. Maybe some kind of certification process could be created, that includes the ability to do updates to the core OS and remote shut-down via blacklist if products are ever found to be vulnerable and unfixable.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  3. Re:If an IOT device phones home DO NOT BUY IT by Hognoxious · · Score: 3, Insightful

    I find it depressing that our attitude is now "avoid new technology" rather than "how can we make this secure?"

    I find it depressing that people confuse "don't waste money on useless shit" with "avoid new technology".

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."