{"id":32537,"date":"2015-08-28T02:00:51","date_gmt":"2015-08-28T06:00:51","guid":{"rendered":"http:\/\/quotulatiousness.ca\/blog\/?p=32537"},"modified":"2015-08-27T14:25:05","modified_gmt":"2015-08-27T18:25:05","slug":"the-insecurity-of-the-internet-of-things-is-baked-in-right-from-the-start","status":"publish","type":"post","link":"https:\/\/quotulatiousness.ca\/blog\/2015\/08\/28\/the-insecurity-of-the-internet-of-things-is-baked-in-right-from-the-start\/","title":{"rendered":"The insecurity of the &#8220;internet of things&#8221; is baked-in right from the start"},"content":{"rendered":"<p>At <em>The Register<\/em>, <a href=\"http:\/\/www.theregister.co.uk\/2015\/08\/27\/smart_home_insecure\/\" target=\"_blank\">Richard Chirgwin<\/a> explains why every new &#8220;internet of things&#8221; release is pretty much certain to be lacking in the security department:<\/p>\n<blockquote><p>Let me introduce someone I&#8217;ll call the Junior VP of Embedded Systems Security, who wears the permanent pucker of chronic disappointment.<\/p>\n<p>The reason he looks so disappointed is that he&#8217;s in charge of embedded Internet of Things security for a prominent Smart Home startup.<\/p>\n<p>Everybody said \u201cget into security, you&#8217;ll be employable forever on a good income\u201d, so he did.<\/p>\n<p>Because it&#8217;s a startup he has to live in the Valley. After his $10k per month take-home, the rent leaves him just enough to live on Soylent plus whatever&#8217;s on offer in the company canteen where every week is either vegan week or paleo week.<\/p>\n<p>Nobody told him that as Junior VP for Embedded Systems Security (JVPESS), his job is to give advice that&#8217;s routinely ignored or overruled.<\/p>\n<p><strong>Meet the designer<\/strong><\/p>\n<p>\u201cAll we want to do is integrate the experience of the bedside A.M. clock-radio into a fully-social cloud platform to leverage its audience reach and maximise the effectiveness of converting advertising into a positive buying experience\u201d, the Chief Design Officer said (the CDO dresses like Jony Ive, because they retired the Steve Jobs uniform like a football club retiring the Number 10 jumper when Pele quit).<\/p>\n<p>For his implementation, the JVPESS chose a chip so stupid the Republicans want to field it as Trump&#8217;s running-mate, wrote a communications spec that did <em>exactly and only<\/em> what was in the requirements, and briefed the embedded software engineer.<\/p>\n<p>The embedded software engineer only makes stuff actually work, so he earns about one-sixth that of the User Experience Ninja that reports to Jony Ive&#8217;s Style Slave and has to live in Detroit. But he&#8217;s boring and conscientious and delivers the code.<\/p>\n<p>Eventually, the JVPESS hands over a design to Jony Ive&#8217;s Outfit knowing it&#8217;ll end in tears.<\/p>\n<p>Two weeks later, Jony Ive&#8217;s Style Slave returns to request approval for \u201cjust a couple of last minute revisions. We have to press &#8216;go&#8217; on the project by close-of-business today so if you could just look this over\u201d.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>At The Register, Richard Chirgwin explains why every new &#8220;internet of things&#8221; release is pretty much certain to be lacking in the security department: Let me introduce someone I&#8217;ll call the Junior VP of Embedded Systems Security, who wears the permanent pucker of chronic disappointment. The reason he looks so disappointed is that he&#8217;s in [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[15],"tags":[1030,334],"class_list":["post-32537","post","type-post","status-publish","format-standard","hentry","category-technology","tag-internetofthings","tag-security"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p2hpV6-8sN","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/32537","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/comments?post=32537"}],"version-history":[{"count":1,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/32537\/revisions"}],"predecessor-version":[{"id":32538,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/32537\/revisions\/32538"}],"wp:attachment":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/media?parent=32537"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/categories?post=32537"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/tags?post=32537"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}