|
|
Subscribe / Log in / New account

Antipatterns in IoT security

Antipatterns in IoT security

Posted Sep 14, 2017 7:56 UTC (Thu) by lacos (guest, #70616)
Parent article: Antipatterns in IoT security

> The costs associated with securing these devices are an externality in economic terms

These devices will never be secured, if it's up to the producers and the consumers only. The manufacturers are not interested in the security of their customers, so they won't pay. The customers -- consumers of these mass-produced devices -- are also either totally uninterested in their own security, or -- on a grand scale -- aren't interested in it enough to pay up.

The consequences for society will be terrible, of course. IIRC, Schneier keeps saying that rules & regulations should be imposed by the local governments on the manufacturers / distributors. My comment is that it should occur similarly to how the safety of plain electric devices is enforced. This would effectively force the consumer population to pay for their own security, which would be better (and cheaper) for society at a large scale.

I guess this is another debate to be had between the left and the right (applied to your local government). :/

to post comments

Antipatterns in IoT security

Posted Sep 14, 2017 7:59 UTC (Thu) by lacos (guest, #70616) [Link] (1 responses)

Sigh, the article mentions Schneier. Sorry about commenting too quickly.

Antipatterns in IoT security

Posted Sep 14, 2017 14:44 UTC (Thu) by mbolivar (subscriber, #75534) [Link]

Thanks for the write-up! Sorry I ran out of time.

> Sigh, the article mentions Schneier. Sorry about commenting too quickly.

Indeed! If you check out my slides (link is in the article), one of the reasons I argue that the "security is just an externality" argument might hold less water as time goes on is exactly due to the potential for increased regulations as recommended by Schneier and others.

In particular, slide 10 mentions the introduction of the "Internet of Things (IoT) Cybersecurity Improvement Act" this year with the backing of four senators, Schneier, and other big names:

https://www.warner.senate.gov/public/index.cfm/2017/8/ena...

Antipatterns in IoT security

Posted Sep 14, 2017 15:49 UTC (Thu) by NightMonkey (subscriber, #23051) [Link]

I'm pretty happy that my electric devices have been made more "secure" by not blowing up and catching fire as much as they could without government intervention in the flow of capital from my wallet to the device company owners. Sensible regulations are needed to counter the effects of businesses treating our lives and property with contempt in the rush to extract profit. #SchneierWouldHaveWon ;)

IoT needs careful, thoughtful regulation, because the security aspect has been left as an begrudgingly handled afterthought by a consortium of wealthy businesses with employees that should definitely know better.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds