Breaking News
Comments
Newest First | Oldest First | Threaded View
Page 1 / 3   >   >>
Caleb Kraft
User Rank
Author
great points
Caleb Kraft   11/21/2013 4:49:02 PM
NO RATINGS
Great points all around. I'd love to see this revisited in 2 years to see what is at the top of the list then!

LarryM99
User Rank
Author
Special attention to video
LarryM99   11/19/2013 7:54:10 PM
NO RATINGS
Very good article. One thing that I would add, though, is the need to particularly lock down video feeds. This is an item that many people add to increase security but neglect to adequately lock down. Not only does that make it handy for an intruder to surveil the premises, but it can also provide a convenient open window. Peeping toms no longer have to hide in the bushes outside of a physical window.

LarryM99
User Rank
Author
Re: How about gateways?
LarryM99   11/19/2013 7:47:20 PM
NO RATINGS
I recently upgraded my home router, and I was impressed by how locked down the new one was by default. They randomized the SSID, closed down any inbound connections by default, turned off ping response, provided a unique default password, and a number of other enhancements. It is still quite possible to override these settings, but a user that doesn't do that will be much safer by default with new equipment like this.

Charles.Desassure
User Rank
Author
Come on...
Charles.Desassure   11/19/2013 1:33:42 PM
NO RATINGS
Thanks for the wonderful recommendations and suggestions.  It is not the IoT that is the problem.  The weakest link in Information security is people.  As long as the average person do not know the meaning of "outbound"; or how about "HTTPS and SSL"; and what about "backdoor."  Come on...Once again, wonderful suggestions.

chanj0
User Rank
Author
Re: How about gateways?
chanj0   11/19/2013 12:59:36 PM
NO RATINGS
Your home network gateway plays an important role to the security of your home network as well. Typically, my gateway doesn't listen to any port in the extenal network. If it does, I only allow connection from a specific IP address, e.g. my office gateway address. 5 tips in this article are very good. I am sure there will be more tips and in some IoT application, some tips may be found difficult to apply. Nonetheless, this article is a good starting point to develop a complete list. Security is no doubt the main concern in IoT. The sooner the list is nailed down, the better security we will earn.

Caleb Kraft
User Rank
Author
Re: How about remote commands?
Caleb Kraft   11/19/2013 12:53:16 PM
NO RATINGS
true, and unfortunately so much security is only advanced due to the research that malicious people do. it is very hard to predict the weak points far down the road.

Caleb Kraft
User Rank
Author
Re: How about gateways?
Caleb Kraft   11/19/2013 12:52:19 PM
NO RATINGS
If you're referring to most routers in public or in your homes, this shouldn't really be an issue. IoT devices should work just like a PC, phone, tablet etc. It should ask for an IP via dhcp just like everything else.

RichQ
User Rank
Author
Re: How about remote commands?
RichQ   11/19/2013 12:09:25 PM
NO RATINGS
Thanks for the additional information and the link, Howdy. It helps clarify some things for me.

howdypierce
User Rank
Author
Re: Howdy, Howdy
howdypierce   11/19/2013 10:03:52 AM
NO RATINGS
Cuno--

Thank you for your comments.

SSL and the related protocols are definitely a pain in the rear ... a comment that applies to security generally :)

However, at least for Wi-Fi-based products, the computational overhead of SSL is basically something you're paying for already. For instance, if your silicon is capable of joining a WPA2 network, it's capable of AES encryption. We are seeing components from several major vendors targeted at exactly this application, and they've normally got SSL, HTTPS, and so on built in at relatively decent prices, at least in volume.

If instead you are talking about Zigbee and the other 802.15.4 protocols, then yes, those chips don't normally offer SSL support (at least as far as I'm aware).  But in this case, you're typically not talking about using IP on the device; instead, the gateway between 802.15.4 and IP would translate between the non-IP protocol and the IP backhaul to the cloud, and that's the point at which you'd apply SSL.  (As I said in another comment, though, I'd want to think hard about the security of this configuration more generally.  I'm not sure I'd trust, for instance, a Zigbee-based lock on my front door.)

howdypierce
User Rank
Author
Re: How about remote commands?
howdypierce   11/19/2013 9:53:04 AM
NO RATINGS
Rich,

Thanks for the really good comments.  

Regarding the role of the gateway between the IP-based network and the 802.15.4 protocols (of which Zigbee is but one example) -- there are a whole host of issues here and probably deserving of an entire blog post. (To address Bert's comment: This configuration is common because of the very low power requirements of 802.15.4. Unfortunately, typically the IP communcations are terminated at the gateway instead of being carried all the way to the device.)  Specifically regarding the security of this configuration, I think there are likely to be vulnerabilities there, at least if you assume that attackers can get reasonably close to your 802.15.4 network.  Definitely something to worry about.

Regarding how you engineer things to statisfy my "outbound connections only" rule, I have another blog post addressing that: http://www.cardinalpeak.com/blog/?p=1791

Page 1 / 3   >   >>


Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Radio
LATEST ARCHIVED BROADCAST

What are the engineering and design challenges in creating successful IoT devices? These devices are usually small, resource-constrained electronics designed to sense, collect, send, and/or interpret data. Some of the devices need to be smart enough to act upon data in real time, 24/7. Specifically the guests will discuss sensors, security, and lessons from IoT deployments.

Brought to you by:

Like Us on Facebook
Special Video Section
Once the base layer of a design has been taped out, making ...
In this short video we show an LED light demo to ...
The LTC2380-24 is a versatile 24-bit SAR ADC that combines ...
In this short video we show an LED light demo to ...
02:46
Wireless Power enables applications where it is difficult ...
07:41
LEDs are being used in current luxury model automotive ...
With design sizes expected to increase by 5X through 2020, ...
01:48
Linear Technology’s LT8330 and LT8331, two Low Quiescent ...
The quality and reliability of Mill-Max's two-piece ...
LED lighting is an important feature in today’s and future ...
05:27
The LT8602 has two high voltage buck regulators with an ...
05:18
Silego Technology’s highly versatile Mixed-signal GreenPAK ...
The quality and reliability of Mill-Max's two-piece ...
01:34
Why the multicopter? It has every thing in it. 58 of ...
Security is important in all parts of the IoT chain, ...
Infineon explains their philosophy and why the multicopter ...
The LTC4282 Hot SwapTM controller allows a board to be ...
This video highlights the Zynq® UltraScale+™ MPSoC, and sho...
Homeowners may soon be able to store the energy generated ...
The LTC®6363 is a low power, low noise, fully differential ...