The current generation of IoT devices have mostly neglected security. Some of the reasons are:
1. No immediate cost, or penalty for weak or no security: A device manufacturer does not have any reason to make the device secure as there is no penalty to the manufacturer. On the other hand, Smart meter hacks can result in direct losses to the utility and are hence being made secure. A typical example (see references) is the situation where Tripwire contacted an IP camera manufacture and got a standard dismissal.
(c) Rajesh Kanungo
Minimal Viable Security (MVS) is a trademark of Talasecure Inc.
Acknowledgment: Michael Garrison Stuber for pointing me at FAIR.
This article explores security issues with Minimal Viable Products in the IoT space and recommends methodologies for solving them.
The conversation nowadays has moved from "Is security necessary?" to "How can we make something secure?" . Which begs the question, "What does secure mean and how much security is good enough?" Would you protect your refrigerator IoT device to the same degree as your smart phone?
Security is about RISK: The probability of something happening multiplied by the resulting cost or benefit if it does. Securing products should protect the essential assets and not harm others.
Copyright (c) Rajesh Kanungo
If you like this article, feel free to share it!
What if you walk into your CEO’s office and tell him you could get rid of 95% of security bugs in your software by doing just two things? What would your CEO say?
Some fun facts (short version)
2. 5% of the security bugs are due to ignoring of return values.
Side channel attacks as defined in the Wikipedia:
In cryptography, a side-channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms (compare cryptanalysis). For example, timing information, power consumption, electromagnetic leaks or even sound can provide an extra source of information, which can be exploited to break the system. Some side-channel attacks require technical knowledge of the internal operation of the system on which the cryptography is implemented, although others such as differential power analysis are effective as black-box attacks.
Crypto Armageddon: In lay-person's terms, the underpinnings of our internet security are going to get yanked out from underneath us.
Advances in quantum computing will render today's cryptographic methods obsolete. What then?
The February 2016 Scientific American has a wonderful article on it.
The NSA started (QUIETLY) advising some US departments in August to stop using ECC-256 and to move to ECC-384 or higher. They claimed that quantum computing attacks using Shor’s algorithm made ECC very susceptible to attacks. They have now made the announcement public: