Tag: Internet of Things

The Enduring Terribleness of Home Router Security Matters to IoT

Last week, home broadband router maker ASUS was the latest vendor to issue an emergency patch for a critical vulnerability in its products. This, after proof-of-concept exploit code was released for the so-called “Inforsvr” vulnerability that affects several ASUS home routers. That vulnerability -if left unpatched – would allow anyone with access to a home- or small business network that used an ASUS broadband router to, essentially, commandeer the device. The “infosvr” feature is typically used for device discovery by the ASUS Wireless Router Device Discovery Utility, but the service also allowed unauthenticated users to execute commands through it using the “root” permissions, according to researcher Friedrich Postelstorfer, who created a proof of concept exploit for the security hole and released it on January 4. The exploit code finally prompted a patch from ASUS on January 13. The company had spent months analyzing the issue and working on a fix. Patch aside, it has been a worrying month for the […]

Continue Reading

The Skinny on IoTivity, the New, Open Source IoT Framework

  In brief: The Open Interconnect Consortium (OIC) introduced a new, open source framework to connect billions of smart devices from a wide variety of vendors. But has the IoT standards horse already left the barn? 

Continue Reading

Android in the Coal Mine: Open Source, Patching and Internet of Things

In brief: Google’s decision not to patch a security hole in versions of Android used by hundreds of millions of consumers is a bad omen for the Internet of Things and will likely push some Android users to alternative versions of the operating system.  

Continue Reading

On the Internet of Things, Cheap may Cost You | VentureBeat

Venturebeat has a nice, contributed blog post by Michael Daly, of Raytheon on the lurking problem of device insecurity within the consumer Internet of Things. As Daly sees it, mass adoption of Internet of Things technologies seems destined to leave us with environments populated by low-cost and vulnerable devices whose makers don’t consider their wares valuable enough to maintain. From the article: “Offering a constant stream of security patches and updates to keep low-cost devices safe and functional for the long-term requires money. If vulnerabilities are discovered, patches or updates might be issued, but only in the first year or two. The vendor expectation is that users will need to buy a full replacement or live with the risks — not to mention that users are not very likely to manage patches and updates for non-critical devices.” In contrast to the kinds of managed networks we’re used to – with vendors […]

Continue Reading

White House Backs Raft of New Cyber Security Laws

President Obama used a speech at the Federal Trade Commission on Monday to call for a raft of new laws and reforms that would protect the privacy and online security of U.S. citizens and corporations. Speaking at the FTC, President Obama highlighted a number of policies that he will propose in his State of the Union address to Congress. They include new laws aimed at endemic problems like identity theft and online tracking of consumer behavior. The visit was notable for being the first time a sitting President has visited the FTC in 80 years, since 1937 and the administration of Franklin D. Roosevelt. Obama, who has been highlighting issues and ideas he will unveil in his State of the Union Address, said the address is one of a series of talks he will give this week focused on computer and online privacy. The President said he will follow his speech aimed at […]

Continue Reading
1 106 107 108 109 110 146