{"id":32202,"date":"2015-08-02T02:00:59","date_gmt":"2015-08-02T06:00:59","guid":{"rendered":"http:\/\/quotulatiousness.ca\/blog\/?p=32202"},"modified":"2015-07-31T21:28:35","modified_gmt":"2015-08-01T01:28:35","slug":"thinking-about-realistic-security-in-the-internet-of-things","status":"publish","type":"post","link":"https:\/\/quotulatiousness.ca\/blog\/2015\/08\/02\/thinking-about-realistic-security-in-the-internet-of-things\/","title":{"rendered":"Thinking about realistic security in the &#8220;internet of things&#8221;"},"content":{"rendered":"<p><a href=\"http:\/\/www.economist.com\/news\/leaders\/21657811-internet-things-coming-now-time-deal-its-security-flaws-hacking?fsrc=nlw|hig|16-07-2015|\" target=\"_blank\"><em>The Economist<\/em><\/a> looks at the apparently unstoppable rush to internet-connect everything and why we should worry about security now:<\/p>\n<blockquote><p>Unfortunately, computer security is about to get trickier. Computers have already spread from people\u2019s desktops into their pockets. Now they are embedding themselves in all sorts of gadgets, from cars and televisions to children\u2019s toys, refrigerators and industrial kit. Cisco, a maker of networking equipment, reckons that there are 15 billion connected devices out there today. By 2020, it thinks, that number could climb to 50 billion. Boosters promise that a world of networked computers and sensors will be a place of unparalleled convenience and efficiency. They call it the \u201cinternet of things\u201d.<\/p>\n<p>Computer-security people call it a disaster in the making. They worry that, in their rush to bring cyber-widgets to market, the companies that produce them have not learned the lessons of the early years of the internet. The big computing firms of the 1980s and 1990s treated security as an afterthought. Only once the threats\u2014in the forms of viruses, hacking attacks and so on\u2014became apparent, did Microsoft, Apple and the rest start trying to fix things. But bolting on security after the fact is much harder than building it in from the start.<\/p><\/blockquote>\n<p>Of course, governments are desperate to prevent us from hiding our activities from them by way of cryptography or even moderately secure connections, so there&#8217;s the risk that any pre-rolled security option offered by a major corporation has already been riddled with convenient holes for government spooks &#8230; which makes it even more likely that others can also find and exploit those security holes.<\/p>\n<blockquote><p>&#8230; companies in all industries must heed the lessons that computing firms learned long ago. Writing completely secure code is almost impossible. As a consequence, a culture of openness is the best defence, because it helps spread fixes. When academic researchers contacted a chipmaker working for Volkswagen to tell it that they had found a vulnerability in a remote-car-key system, Volkswagen\u2019s response included a court injunction. Shooting the messenger does not work. Indeed, firms such as Google now offer monetary rewards, or \u201cbug bounties\u201d, to hackers who contact them with details of flaws they have unearthed.<\/p>\n<p>Thirty years ago, computer-makers that failed to take security seriously could claim ignorance as a defence. No longer. The internet of things will bring many benefits. The time to plan for its inevitable flaws is now.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>The Economist looks at the apparently unstoppable rush to internet-connect everything and why we should worry about security now: Unfortunately, computer security is about to get trickier. Computers have already spread from people\u2019s desktops into their pockets. Now they are embedding themselves in all sorts of gadgets, from cars and televisions to children\u2019s toys, refrigerators [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[15],"tags":[109,129,58,1030,154,334],"class_list":["post-32202","post","type-post","status-publish","format-standard","hentry","category-technology","tag-computers","tag-hack","tag-internet","tag-internetofthings","tag-privacy","tag-security"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p2hpV6-8no","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/32202","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/comments?post=32202"}],"version-history":[{"count":1,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/32202\/revisions"}],"predecessor-version":[{"id":32203,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/32202\/revisions\/32203"}],"wp:attachment":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/media?parent=32202"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/categories?post=32202"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/tags?post=32202"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}