Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why IoT Security Is So Critical (techcrunch.com)

Posted by Soulskill on from the because-people-can't-shut-up-about-it dept.

An anonymous reader writes: Software engineer Ben Dickson starts off an opinion piece about Internet of Things security with this amusing comment: "Twenty years ago, if you told me my phone could be used to steal the password to my email account or to take a copy of my fingerprint data, I would've laughed at you and said you watch too much James Bond. But today, if you tell me that hackers with malicious intents can use my toaster to break into my Facebook account, I will panic and quickly pull the plug from the evil appliance." Dickson then lays out many of the issues with securing internet-connected devices, and explains the work being done to make them more secure. He highlights areas that manufacturers must focus on: "In contrast to human-controlled devices, they go through a one-time authentication process, which can make them perfect sources of infiltration into company networks. Therefore, more security needs to be implemented on these gateways to improve the overall security of the system. ... There also must be a sound plan for installing security updates on IoT devices. Each consumer will likely soon own scores — if not hundreds — of connected devices. The idea of manually installing updates on so many devices is definitely out of the question, but having them automatically pushed by manufacturers also can be a risky business."

6 of 148 comments (clear)

  1. Why "IoT" security is so critical by Anonymous Coward · · Score: 5, Insightful

    is because morons won't stop adding devices to the "IoT" instead of leaving them dumb like they should be. FFS this is a problem created by a trend with no benefits in the first place.

    1. Re:Why "IoT" security is so critical by TheRaven64 · · Score: 2, Insightful
      Unless the toaster can also cut the bread and insert it, then there isn't much value in being able to turn it on remotely. There are lots of reasons where it might be nice to have some connectivity though:
      • If the toaster can detecting when I've finished showering, I can program it so that my toast will pop up when I've showed and dressed.
      • If my doorbell or telephone rings, then it can pause and resume later, so the toast hasn't had time to cool down before I get to it.

        Communication in the other direction would let it notify me in whatever room I'm in when the toast is ready.

      • It could communicate with the fridge that I was likely to get butter out soon, which would mean that I'd be likely to open the door soon. This would let the fridge postpone running the compressor until afterwards (no point chilling air that's just about to be removed from the fridge).

      These are just the ones that come to mind immediately. I'm sure there are other applications.

      --
      I am TheRaven on Soylent News
    2. Re:Why "IoT" security is so critical by Viol8 · · Score: 2, Insightful

      "ike ventilation systems and you have a completely different case. Thermostats that can detect not only presence of people but also power consumption in a room and predict the ventilation level needed."

      And the thermostats need to be online because....?

      "I can also think of devices like the fridge or freezer to be able to talk to the internet to be more cost efficient - cool extra during cheap hours and cool less when electricity is more expensive."

      Wtf? Perishable food needs to be kept cool regardless of the price of the electricity unless you want to risk food poisoning to save a few pennies.

      There is absolutely NO reason for ANY kitchen appliances to be online or have any kind of network presense whatsoever unless you such a bone idle sack of fat that you can't even be bothered to open a fridge door to check whats inside but would sooner do it via an app.

  2. DOA by Anonymous Coward · · Score: 3, Insightful

    Google/phone manufacturers cant even keep android phones patched more than a few years. What makes people believe that "IoT" devices will do any better?

    1. Re:DOA by peragrin · · Score: 4, Insightful

      Look at smart TV's and the number of updates that they get.

      Manufacturer's goals are not compatible with IoT concept. you own your TV for a decade or more between replacing it. Refrigerator's can go 20+ years easy.

      Do manufacturer's really want to provide support that long? if the answer is no then it doesn't belong in the Iot category.

      --
      i thought once I was found, but it was only a dream.
  3. Always the same stupid story, again and again by gweihir · · Score: 4, Insightful

    First, it was mainframes that were insecure. When they were finally secured, the same mistakes were repeated with workstations. Then the same mistakes were repeated with PCs. Now they are repeated with mobile phones and with cars. Next they will be repeated with IoT.

    The problem is that most people are completely unable to learn from experiences made by others, and so they repeat the same stupid mistakes whenever there is a new application field. The experts are available and could do better, but they do not get used, because all the bright-eyed "innovators" do not have a clue what they are doing.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.