How do we fix IoT security without blocking interoperability and creating monopolies?


#1

Originally published at: https://boingboing.net/2018/06/04/island-of-misfit-dropcams.html


#2

hammer


#3

For internet-connected appliances, “reclamation” can entail work by nonprofit foundations to maintain the code for abandoned products

Code escrow already exists as a practice. It just needs to be adopted more widely.


#4

Get rid of the DMCA so we can start loading secure Linux builds to Iot devices.


#5

Even conceptually, I’m not sure that circle can be squared. The more people that you trust (interoperability) the greater the chance one of them will betray that trust. Yes, it IS more complicated than that, are there are ways to deal with people/organizations that you don’t have complete trust with, but they tend to slow down any process with elaborate chains of certificates and approvals.

Like many I just don’t see the “features” that IOT devices are supposed to give to users as worth the tradeoffs.


#6

The Internet of Things security threat was caused by multiple aggravating factors. Most of them are political. Most of these political factors decrease the value of security. To address the IoT problem, we need to make progress on multiple fronts. They include:

  • International cooperation on consumer protection standards. Manufacturers must be held accountable for dangerous defects in their devices. There must be significant product liability for software defects. Even when the sale is across national boundaries. Perhaps something like Dan & Paul’s proposal.
  • We must force the US government to reverse it’s nasty habit of levying corporate fines, instead of seeking criminal punishment for corporate crimes that threaten public health and safety. We need to return to holding corporate officers criminally accountable when they attempt to destroy or injure the rest of us.
  • We must allow our ISP’s to act for the good of ourselves and our communities. We must require them to properly handle abuse reports. We must require them to properly pass abuse reports to the owners of internet connected equipment. We must require them to disconnect misbehaving internet equipment if an abuse report doesn’t result in timely mitigation.
  • We must update copyright law to aggressively mitigate orphaned code. We need to define that code is orphaned, once disclosed vulnerabilities and exploits are not promptly addressed. When code is orphaned, ownership (and full code publication) must quickly pass to the community. In order to enable the previous point, we should require the Copyright Office to escrow source code before granting extended (beyond a few weeks) copyright protection.
  • We need to widely understand that all internet connected devices must include three fundamental, independent, non-bypass-able, owner controlled bits of functionality: An on/off switch; A “connect/disconnect from the internet” switch; An “enable/disable code changes and configuration” switch.
  • We need to assert our rights of ownership for all devices that can connect to the internet. We need to consistently apply the rights and responsibilities of ownership to all our internet connected devices. There should be no question that we are responsible for our internet connected devices. Eventually, we should fear and distrust devices that lack critical internet safety features, like we fear and distrust an un-insulated electrical extension cord.

None of these steps will individually address the IoT problems. But all of them reinforce an economy of security. As we make progress on all of them, the IoT problems will be reduced to more manageable levels.


#7

This is the one that can be implemented immediately, without being dependent on getting rules made by thousands of corrupt (or tech-ignorant, which might be worse) bureaucrats and legislators around the world.

I’m doing my part. The only Internet capable device in my house is my router. And I manage it very tightly indeed.


#8

So do you use that on IoT things?


#9

this is more my style
tumblr_lzi4y2hK5E1qg35tio1_500


#10

That’s my security plan.


#11

I have a dream, that one day, we shall have secure general purpose computing. We shall no longer need virus scanners, we shall no longer have multiple gigabyte “security updates”, and we shall no longer fear to click on a link, or try out a program… I have a dream.

General purpose computing needs to be secured, this will fix IoT as a secondary effect. There’s not enough money in small gadgets to do this the other way around. We fix IoT security the same way we fix workstation security, by deploying operating systems that don’t lubricate applications in a sea of authority, with all the explosive results.

There are operating systems that default to NO permissions what so ever, and yet are capable of getting things done. Linux, Windows, Mac OS all work by letting applications do whatever the user is allowed to do… which is pretty much anything and everything. IOS and Android attempt to sandbox off a bit of this, but still assume they can open any file, do anything, within the sandbox… over time the sandbox has more holes poked in it to let more “features” happen, and make it more porous.

Capability based security, it’s not a silver bullet, but it can fix general purpose computing, and solve IoT security as a side benefit.


#12

It’s quite simple, really. You CAN’T fix IoT security, in any truly secure way.

IMO that is; I’d love to be proven wrong.


#13

I once read a book that offhandedly mentioned that one of the fictional civilizations in it required all companies to carry externality insurance. Not for any specific source of liability, just in general. Frankly, it’s something I’d love to see IRL - let the actuaries figure out the actual risks and costs of a technology or business model, and charge accordingly, and offer discounts for reducing negative and increasing positive externalities or adopting best practices.

Are there any politicians, or better yet economists, who’ve considered this idea for real, and what it would entail?


closed #14

This topic was automatically closed after 5 days. New replies are no longer allowed.