smart home

CES: The Security Questions Nobody Wants You To Ask

A note that CES – the Consumer Electronics Show – is once again upon us. Prepare yourself for three or four days of tipsy reporting from the mainstream media about all the gee whiz gadgets that will soon be yours…or not. Let’s face it: a lot of what’s shown at CES is proof of concept stuff and some of it is just too downright silly to ever catch on. Remember HAPIFork? The “smart” fork that would warn you when you were shoveling grub into your maw too quickly? Right. Product security and data privacy are almost always lost in the excitement over the new gadgets and the TUSs. (Televisions of Unusual Size? I don’t think they exist!) That’s why, over on the Veracode blog, I put together a quick list of impertinent questions that every security-minded CES attendee should have at their fingertips. The questions cover a wide range of […]

Continue Reading

Two Faces of the IoT: A Conversation With Xively’s Philip DesAutels

Conversations about the Internet of Things often focus on its most visible outposts: consumer devices. Products like the Nest Thermostat, IP-enabled home security cameras or Samsung’s Smart TV are like ambassadors for the IoT: highlighting cool features and capabilities that just hint at the transformative power of the much larger revolution that small, powerful Internet-connected objects will herald. The truth is that although consumers are still warming to the Internet of Things, businesses and industry have already embraced it. Manufacturers of heavy equipment have outfitted their products with an extensive mesh of small sensors that provide close to real-time data on the functioning of critical components. As a measure of this, Virgin Airlines said in March that it will upgrade its network infrastructure to accommodate an “explosion” of data from a new fleet of Boeing 787 Jetliners, which will produce close to half a Terabyte of data per flight. But what is […]

Continue Reading

How Connected Consumer Devices Fail The Security Test

The Internet of Things leverages the same, basic infrastructure as the original Internet – making use of protocols like TCP/IP, HTTP, Telnet and FTP. But the devices look and act very differently from traditional PCs, desktops and servers. Many IoT devices run embedded operating systems or variants of the open source Linux OS. And many are low-power and many are single function: designed to simply listen and observe their environment, then report that data to a central (cloud based repository).   But IoT devices are still susceptible to hacking and other malicious attacks, including brute force attacks to crack user names and passwords, injection attacks, man in the middle attacks and other types of spoofing.  Despite almost 20 years experience dealing with such threats in the context of PCs and traditional enterprise networks, however, too many connected devices that are sold to consumers lack even basic protections against such threats. […]

Continue Reading

Thingful is a Facebook for Smart Devices

The data on exactly how many Internet of Things devices will be online by the end of the decade is a matter of debate. Cisco famously put the number at 50 billion by 2020, though Morgan Stanley thinks it could be as high as 75 billion. The analyst firm IDC estimates the number at 50 billion. But others have put the number lower. Gartner puts the number of connected things at around 30 billion by 2020. We might all be better off taking a cue from McDonald’s and just start using the phrase “billions and billions” by the end of the decade. As with McDonald’s hamburgers – the exact number doesn’t really matter, so long as everyone agrees that it’s going to be big. Really big. But all those devices – and the near-limitless IPV6 address space that will accommodate them – do present a management and governance problem: how […]

Continue Reading

Amphion Forum: Spotlight on Security and Internet of Things

A little more than a month from now, the world’s attention will shift to San Francisco for the annual RSA Security Conference – perhaps the biggest single IT security industry event of the year. But this week, at a much smaller venue, the focus will be about what’s amounting to the ‘next big thing’ in the security world: the Internet of Things.   The Amphion Forum focuses on a growing part of the computer security landscape that still struggles for attention in a security market still focused on the needs of large companies. Namely: the security challenges posed by mobile devices – phones and tablets and a menagerie of newly-connected endpoints, from wearable computers to implantable medical devices to household appliances. The privacy and security challenges facing organizations that wish to embrace the IoT are legion. Intelligent devices have been shown to lack basic protections against unauthorized access, such as strong […]

Continue Reading
1 13 14 15 16