{"id":45695,"date":"2018-11-10T05:00:23","date_gmt":"2018-11-10T10:00:23","guid":{"rendered":"https:\/\/quotulatiousness.ca\/blog\/?p=45695"},"modified":"2018-11-09T15:30:12","modified_gmt":"2018-11-09T20:30:12","slug":"dont-expect-the-internet-of-things-to-get-better-security-without-uncle-sams-pressure","status":"publish","type":"post","link":"https:\/\/quotulatiousness.ca\/blog\/2018\/11\/10\/dont-expect-the-internet-of-things-to-get-better-security-without-uncle-sams-pressure\/","title":{"rendered":"Don&#8217;t expect the &#8220;Internet-of-Things&#8221; to get better security without Uncle Sam&#8217;s pressure"},"content":{"rendered":"<p><a href=\"https:\/\/www.theregister.co.uk\/2018\/11\/09\/bruce_schneier_iot_security\/\" rel=\"noopener\" target=\"_blank\">Bruce Schneier<\/a> believes it will take government action (or as <em>The Register<\/em> phrased it, &#8220;Uncle Sam &#8230; putting boots to asses&#8221;) to get any significant improvement in Internet-of-Shit device security:<\/p>\n<blockquote><p>Any sort of lasting security standard in IoT devices may only happen if governments start doling out stiff penalties.<\/p>\n<p>So said author and computer security guru Bruce Schneier, who argued during a panel discussion at the Aspen Cyber Summit this week that without regulation, there is little hope the companies hooking their products up to the internet will implement proper security protections.<\/p>\n<p>&#8220;Looking at every other industry, we don&#8217;t get security unless it is done by the government,&#8221; Schneier said.<\/p>\n<p>&#8220;I challenge you to find an industry in the last 100 years that has improved security without being told [to do so] by the government.&#8221;<\/p>\n<p>Schneier went on to point out that, as it stands, companies have little reason to implement safeguards into their products, while consumers aren&#8217;t interested in reading up about appliance vendors&#8217; security policies.<\/p>\n<p>&#8220;I don&#8217;t think it is going to be the market,&#8221; Schneier argued. &#8220;I don&#8217;t think people are going to say I&#8217;m going to choose my refrigerator based on the number of unwanted features that are in the device.&#8221;<\/p>\n<p>Schneier is not alone in his assessment either. Fellow panellist Johnson &#038; Johnson CISO Marene Allison noted that manufacturers have nothing akin to a bill of materials for their IP stacks, so even if customers want to know how their products and data are secured, they&#8217;re left in the dark.<\/p>\n<p>&#8220;Most of the stuff out there, even as a security professional, I have to ask myself, what do they mean?&#8221; Allison said.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Bruce Schneier believes it will take government action (or as The Register phrased it, &#8220;Uncle Sam &#8230; putting boots to asses&#8221;) to get any significant improvement in Internet-of-Shit device security: Any sort of lasting security standard in IoT devices may only happen if governments start doling out stiff penalties. So said author and computer security [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":35193,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[831,84,15],"tags":[1030,334],"class_list":["post-45695","post","type-post","status-publish","format-standard","hentry","category-business","category-government","category-technology","tag-internetofthings","tag-security"],"jetpack_featured_media_url":"https:\/\/quotulatiousness.ca\/blog\/wp-content\/uploads\/2016\/06\/favicon.png","jetpack_shortlink":"https:\/\/wp.me\/p2hpV6-bT1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/45695","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/comments?post=45695"}],"version-history":[{"count":1,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/45695\/revisions"}],"predecessor-version":[{"id":45696,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/45695\/revisions\/45696"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/media\/35193"}],"wp:attachment":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/media?parent=45695"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/categories?post=45695"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/tags?post=45695"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}