Gatewayed networks

Date: 2016-10-24 09:14 am (UTC)
From: [identity profile] gerv.net
I think the solution is to have an architecture for the IoT, and home/business networks in general, where devices are not internet addressable by default. If you can't send it packets, you can't attack it. All IoT devices should be required to talk to the Internet via an IoT hub. The fact that the hub mediates all traffic means that you can have a lot of cheap crap devices and use the hub to make sure if one of them is vulnerable, an attack can't get through. It could also do traffic limiting (your thermometer should never need to send more than 10kbps of traffic to the outside world), SSL inspection and plenty of other useful things.

See http://blog.gerv.net/2016/03/an-iot-vision/ , https://blog.gerv.net/2016/10/security-updates-not-needed/ and https://blog.gerv.net/2016/10/no-default-passwords/ .
From:
Anonymous
OpenID
Identity URL: 
User
Account name:
Password:
If you don't have an account you can create one now.
Subject:
HTML doesn't work in the subject.

Message:

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org


 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Google. Member of the Free Software Foundation board of directors. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Expand Cut Tags

No cut tags