Security and the "Internet of Things" Two recent articles look at embedded devices and the "Internet of Things" with an eye toward the security problems that abound in that space. Bruce Schneier
worries about updates, especially for devices like internet routers: "
We have to put pressure on embedded system vendors to design their systems better. We need open-source driver software -- no more binary blobs! -- so third-party vendors and ISPs can provide security tools and software updates for as long as the device is in use. We need automatic update mechanisms to ensure they get installed." Peter Bright at
ars technica is more focused on smart TVs, refrigerators, and cars, but
sees the same basic problem: "
As such, there are only two ways in which smart devices make sense. Manufacturers either need to commit to a lifetime of updates, or the devices need to be very cheap so they can be replaced every couple years.
If manufacturers won't commit to providing a lifetime of updates—and again, the experience with smartphones is, I think, instructive here—then these smart devices are a liability." Food for thought on a quiet Thursday.