Forgot your password?
typodupeerror
Security

Security for the 'Internet of Things' (Video) 106

Posted by Roblimo
from the my-kitchen-sink-has-been-hacked-and-is-spewing-hot-water-all-over-the-place dept.
What happens when your oven is on the Internet? A malicious hacker might be able to set it to broil while you're on vacation, and get it so hot that it could start a fire. Or a prankster might set your alarm to wake you up at 3 a.m. - and what if someone gets access to the wireless security camera over your front door and uses it to gain access to the rest of your home network, and from there to your bank account? Not good. With the 'Internet of Things' you will have many devices to secure, not just a couple of computers and handheld devices. Timothy Lord met Mark Stanislav of Duo Security at BSides Austin 2014, which is where this interview took place.(Here's an alternate link to the video.)


Tim:
So Mark we’re here in Austin at the BSides Security Conference, and you gave a talk today and you want to help people who work here in Austin to have a little idea about security with the Internet of Things. So first of all, as a term what does the Internet of Things mean, and what are some significant aspects of it?

Mark:Sure. So Internet of Things really comes down to mostly Internet-enabled embedded devices; that’s kind of the easiest box to put it in. So a lot of the devices like IP cameras, thermostat, they are internet-enabled. Those kinds of devices that we’re all putting on our networks right now, we consider that the Internet of Things.

Tim:Okay. Now pervasiveness is one aspect of the Internet of Things, why is that significant?

Mark:Well, if we had one internet-enabled device, maybe a computer in our home, that’s not such a big deal, but when we have 5 or 10 or 12 of these devices that we’re putting on our network maybe in a couple of weeks, you have a lot of devices to update, you have lot of firmwares to consider, you have a lot of possible attack surface that maybe you didn’t have even a month ago.

Tim:And when you say attack surface, what are some examples of attack surfaces that this sort of ubiquitous computing brings in?

Mark:Sure. So lot of the devices themselves have open ports that might beon the Internet if you don’t have perhaps the right network filtering. Some of these devices have network connections that will go outbound to the Internet and then allow maybe an attacker to go through a third-party servicing, connect back into your network. So there’s just a lot of added exposure to your network that wouldn’t have been there previously without these devices.

Tim:Now, you are a security researcher, but you’re obviously not a malicious black hat hacker who is trying to break people’s networks and that kills devices for your own pure greed or anything like that, you mentioned in your talk you believe in coordinated disclosure, what does that process mean for you in this context?

Mark:Yeah. So really I think giving vendors an opportunity to fix the issues in their devices really benefits not only the vendors in terms of goodwill to the security community knowing that researchers are out there to help them and do cool projects and find out interesting things, but also give consumers a chance to have a patch device before details maybe come out that could impact their security safety privacy.

Tim:Now is that complicated by the fact that in this world there are a lot of things that are going to be coming from vendors that we haven’t heard of now, but we will hear about in 6 or 12 months. Kickstarter is one of the things you mentioned, a lot of cool projects are coming out of there, does that change the equation when it comes to disclosure?

Mark:It does, there’s a really wide path of vendors that we have to talk to now, where before it was Microsoft and Samsung and Belkin, that’s a few companies that you have to get familiar with, talk to once, get exposure to them, so they know who you are. We have a lot of vendors. If you look at the website Postscapes or Wolfram Alpha actually has a devices page now for Internet of Things, there are lot of devices out there and almost all the devices you’ve never heard of the vendor making them.

Tim:Now on that front too there is complications simply for sheer numbers, what are some examples, what sort of things do we already see and what should we expect really coming from crowd funding, from small cap companies, what are some examples here?

Mark:Sure. So I think a lot of the system on chips that we’re seeing that are actually going in Internet of Thing devices, a lot of companies are coming up, take an Arduino or Raspberry Pi, very cool chipsets, very easy to deploy and build on. We’re seeing smaller and smaller scales of those, which actually enable engineers to put those into small little shells. We are obviously kind of at this early part of 3D printing. So your ability to manufacture an entire device with a couple of bucks is becoming a reality and obviously if you have a really niche product that might be really popular in Kickstarter, you could actually deploy tens of thousands of those with a successful crowd-funding campaign and never really know about the actual security of that product before it goes to market.

Tim:Now the talk that you gave today, you mentioned some rules that you’d like to see developers follow, some sort of tips, what are some of the most important of these? If you are a developer nowadays, you really have a lot of security things to think about, if you’re making a device that’s going to control a thermostat or that might access a bank account because you are swiping a credit card through it, what are some of the rules that developers should keep in mind for security?

Mark:Yeah, even to the extent that we’ve seen, I believe Samsung actually has an oven that’s mobile enabled that you can change the temperature and so, it’s not just turning a light switch on and off as a threat, we actually have a lot of devices that could pose actual risk to either privacy or life. So simple things like not embedding secret values into firmware or passwords into a mobile app binary that you put into the app store, really basic ways of getting a product to market that is kind of a shortcut to doing things the right way is one of the biggest areas that people fall over when it comes to security.

Another thing is people just still don’t use encryption enough, they don’t do it from end-to-end encryption, whether it’s from your device to a server that they own, but also just encrypting passwords that you might be giving them on the other side of their service. So a lot of this we’ve seen year-after-year...if you’re doing web or mobile best practices, ISO standards. This isn’t anything new but the reality is that we’re putting a lot of devices online without understanding them nearly as well as we should. When we build a piece of software deployed on a Windows machine, all you have to worry about is the software, now we have to worry about the firmware, the operating system, the architecture of the chipset, we have to worry about the third-party vendors, there’s a lot more ways that an attacker could actually break into one of those devices and potentially compromise them and do bad things. There’s a lot more at stake as well, again getting back to ovens that are on the Internet. A lot worse things can happen and if we talk about security theatre, at the point that you could turn on an oven, a broiler all day for weeks on end when someone is gone, that could be a really serious consequence for someone.

Tim:One of the things you mentioned today is that instead of being 1 or 5 or 10 devices too, we may have 30 or 50 things around your household.

Mark:Absolutely. I mean the number of devices that you carry in your pocket that are WiFi-enabled, the number of devices that are meant to have a third-party service that they connect out through a phone home if you will, this isn’t going to be one or two or three things, you might have 10 things per person in a family of five, that’s a lot of devices connected to the internet whether it’s a proxy or reverse-proxy, an openport on the internet directly. There are a lot of things that we have to be cognizant about that are going to be on our networks, that we aren’t going to know exactly what they’re doing, they’re a little bit of black boxes and what does that mean to our kind of risk profile as consumers or even businesses?

Tim:A lot of weakest link things too; if they have reverse proxies you maybe exposing every other device in your network.

Mark:Sure.

Tim:Just because one thing is broken.

Mark:Breaking into one service, if they have access directly into your network to actually manage one of those devices or give you access to manage it yourself with say a mobile app, the difference between you managing a device the right way, an attacker breaking in through that proxy and then connecting through other network devices isn’t much of a leap.

Tim:Now you did some research that exposed some holes in IZON cameras. That doesn’t seem like the very worst thing that could happen. What are the biggest dangers if you can control, let’s say, all the devices that are going to be in your house, 2 or 5 or10 years from now?

Mark:So, I think a lot of it is going to be the kind of accidental exposure. So, for instance , with the IZON camera, it was just running a Linux. So you break into a Linux device over the internet and now you have access to all of the computers on that network, so all the computers that actually have your tax files, your personal information, your password lists. So perhaps it’s more of a jump point type scenario where maybe the device like, obviously compromising a camera and watching someone isn’t the most – it’s a little bit disconcerting for any consumer but it’s also not the end of the world for most cases.

Tim:It’s not immediately life threatening?

Mark:Sure. Whereas if I can break into your network and then use that camera as a point to compromise all of your other systems and now have access to all your bank accounts and all your personal documents and all of your photos, that can really change and make a consumer in a position where things like we see CryptoLocker where attacker breaks in, takes your files, encrypts them in a way that you can’t decrypt them and then ransoms them, we could see similar things happen with Internet of Things where I can break in through an IP camera, get into your network, steal all your data and then not give it back unless there’s a ransom. There’s a lot of really cascading problems here.

Tim:One of the reasons that you gave a talk is because you actually have some ideas that aren’t just leaving people with the end-of-the-world scenario, you actually got some ideas for fixing some of this. Can you talk a little bit about that?

Mark:Sure. So, out of security research projects over the last couple of years, myself and my co-researcher in a lot of ways, Zachlin here, are looking at doing a website called Build it Securely, so that’s builditsecure.oi and then we’re actually going to be having more details about that this coming April. And what we’re really trying to do is two things, primarily is give resources to vendors that want to do IoT devices, so that they’re aware of security risks, the right way to work with security researchers, some of the things that might affect their device as an engineer or a product manager or a developer and give them a little bit better of a sense of what happens when a security researcher reaches out to them with some problems and how best to approach those issues.

The second thing is, we’re actually partnering with the service called Bugcrowd and we’re going to be setting up vendors in the IoT space, small-commercial kick-started angel-invested-type small companies that don’t have the money to actually invest in their own security, don’t have the money to pay for a consultant to review how they did their information security program and actually let them go directly with security researchers and have researchers look at devices, send bugs in, triage them and then actually get results back from the vendor directly and say, hey, thanks for submitting these bugs, here is a t-shirt for the time you spent looking at our device, we appreciate you doing it.

Tim:Now just besides money, are there other barriers that small companies or new nascent companies have when it comes to this kind of review?

Mark:Well, especially in the IoT space, with the ease that we really have right now with creating a device from a $20 chipset and a shell with 3D printer, anyone can really be an IoT manufacturer right now which is great and terrifying at the same time. We’ve obviously seen security for companies, companies like Linksys and Cisco, they’ve had some of the same kind of amateur errors, if you will, over the years for some of their devices and I think it’s a fair assumption that a lot of these engineers, may know electrical engineering really well, but may not know information security best practices, TCP security, password security and what we really need to do is try to help them get down that road with us, so that when a researcher does reach out, it’s a good experience, not a bad one. So what we really need to do is formalize that a little bit more and I think using Bugcrowd as a kind of a mechanism to do that will give them a shot.

Tim:Let me ask you one more question, how often and where should developers use Telnet when developing an interface?

Mark:If we kind of do a little bit of a timewarp, 1990 would have been an okay time. Telnet, however, even though we see this on devices still today, IZON being an example, Telnet should never be used as any kind of remote access mechanism for any of these IoT devices and especially in the IZON case not to upgrade firmware. So, there’s a lot of best practices and again a lot of these people that are manufacturing products, they have the best of intentions, they’re not malicious, they’re not dumb, they just don’t know the nuances of security.

And so, I think Build it Securely will be a bridge between the gap of that lack of knowledge, but also giving them a vehicle to work with researchers in a creative way and a way that actually lets us kind of endear ourselves to vendors rather than kind of make it a bad experience where they might feel either challenged or they might feel like we’re calling them out. We want to make it about the research, about the expertise that we can lend to a situation because we do this because we’re passionate, not necessarily because we want to make a lot of money and we want to show vendors that we are here to help them and not just hurt them.

Tim:And we don’t know now whattomorrowwill be as obvious as Telnet is now because there are things that will break.

Mark:Sure. There’s always going to be things that are going to break. There’s always going to be – we saw the UPnP flaw a couple of years ago that affected a ton of internet-enabled devices. You can’t always forecast those things, but there are a lot of best practices that we can do right now we know that are good ideas or bad ideas. And if we can point people in the right direction, I think that they’re going to pick up on it and if we start helping the little companies that we can talk directly to the founders rather than having to go up a chain of command 12-deep, I think we can make a lot of impact and actually help people that are coming to market for the first time and have a lot of energy and passion for what they’re doing. And if we can really bring security to that mechanism as well, we’re going to have products that we want to buy on Kickstarter, we want to have them be secure, we don’t want to waste our money, why not help them get out the door in the most secure way possible.

This discussion has been archived. No new comments can be posted.

Security for the 'Internet of Things' (Video)

Comments Filter:
  • by ArcadeMan (2766669) on Wednesday March 26, 2014 @04:24PM (#46587289)

    Don't buy things that connect to the Internet.

    • by zarthrag (650912)

      Additionally, they should be on an isolated internal network, wired whenever possible. A server or appliance in your house can manage said "things". Every single vendor who supplies you with 'things" shouldn't force you to use their (likely vulnerable) web portal or service, just supply some drivers/documentation, and part ways.

      • by mlts (1038732) on Wednesday March 26, 2014 @04:40PM (#46587453)

        Why should they be on a network at all? My refrigerator does just fine with a basic thermostat, electrical fusing, a device to pour water into a mold, dump it in a bin when frozen, then stop dumping it when the bin fills up, a switch to turn on the light when the door opens and a fan so it runs without the need to be defrosted. The additional gewgaws don't help with core operation.

        Same with a stove or a microwave. For safety's sake, it should only be able to be turned on by someone who is physically present.

        Sometimes, there is just no real point in adding a device to the IoT, and the fewer devices that have networks, the fewer attack vectors an attacker will have to operate with.

        This doesn't mean that isolated networks are bad... for example a vehicle needs the CANBus. However, if one doesn't need to have that functionality in a toaster, why built it in?

        If we have to have a network or bus for statuses, why not a read-only bus, essentially like a serial port with the return line cut so the device can send status messages out, but not have them go back. The basic concept of a data diode. This way, one can tell if their fridge is over temperature, but a blackhat can't log on and turn the fridge off and spoil someone's steak stash.

        • by Anonymous Coward

          Same with a stove or a microwave. For safety's sake, it should only be able to be turned on by someone who is physically present.

          This isn't being advertised to the responsible people. This is being advertised to both the twitter crowd and the irresponsible crowd (heavy overlap).

          Twitter crowd advertisement: Your toaster can send automatic updates to your twitter account so everyone can see the perfection of your toast!

          Irresponsible crowd advertisement: Have you ever accidentally left a washcloth on an active stovetop? With these 5 devices, your smoke detector will alert your mobile phone and this other app will let you turn off your

        • "I didn't microwave the cat, a hacker did"

        • Why should they be on a network at all?

          As we increase the proportion of electricity generated from intermittent sources such as wind and solar, we will use spot pricing to even out the demand. When the sun goes behind a cloud, the price of electricity will bump up, and your electric meter needs to be able to communicate with your refrigerator to tell it to shut down the compressor. Once the sun comes back out, the price will drop, and then your refrigerator can use cheaper electricity to "pre-chill", so it can coast again the next time the pri

        • Think about it. You leave a pork loin in the oven before you leave for work. The oven refrigerates the meat until it's time to cook it, so its ready when you get home. You get stuck at the office. You send a text to your oven to slow the cook time by an hour.
        • Why should they be on a network at all? My refrigerator does just fine with a basic thermostat, electrical fusing, a device to pour water into a mold, dump it in a bin when frozen, then stop dumping it when the bin fills up, a switch to turn on the light when the door opens and a fan so it runs without the need to be defrosted. The additional gewgaws don't help with core operation.

          Same with a stove or a microwave. For safety's sake, it should only be able to be turned on by someone who is physically present.

          Sometimes, there is just no real point in adding a device to the IoT, and the fewer devices that have networks, the fewer attack vectors an attacker will have to operate with.

          This doesn't mean that isolated networks are bad... for example a vehicle needs the CANBus. However, if one doesn't need to have that functionality in a toaster, why built it in?

          If we have to have a network or bus for statuses, why not a read-only bus, essentially like a serial port with the return line cut so the device can send status messages out, but not have them go back. The basic concept of a data diode. This way, one can tell if their fridge is over temperature, but a blackhat can't log on and turn the fridge off and spoil someone's steak stash.

          There are appliances that I would absolutely like to have under internet access. Here are a few and my justifications.
          a) I am a working stiff: In the AM, I put a roast in the oven, I set the turn on time for 20 minutes / lb (50 min/kilo) and I leave for work. Suddenly I have to work late. I want to delay the cooking of the roast.
          b) I have a setback thermostat in the house. I would like the heat/air-conditioner to turn on to normal temp 1.5 hrs before I plan to arrive. I am coming home late, and want th

    • do not plug the RJ45 cables in. log into the wireless router, and block them.

      which reminds me, we have a PDF scanner that uses early XP at work, I have to tell the sysadmins about that unused POS.

      • by epyT-R (613989)

        Soon it'll all be done over the cell net. You won't have a choice. No connectivity after a time? No 'service' from 'your' appliance.

        • How is that going to work in a house that has abysmal cell reception? I build a new house and due to the higher grade isolation (I think, it's a guess. May be the floor heating too, that's a lot of water), cell reception is extremely bad. Outside, it's fine. Of course, I didn't know this and my alarm system is GSM based. They had to install the system under the roof, because it the basement it simply wouldn't work.
  • don't connect it (Score:4, Insightful)

    by Fluffy The Destroyer . (3594057) on Wednesday March 26, 2014 @04:26PM (#46587319)
    why the hell would you connect your house to the internet or any appliance on the Internet anyway. Getting your appliance to work on your computer or a computer so you can control it via 1 pc for various aspect is fine but connect it to the Internet and no matter how secure it is, someone will find a way in. Best security is to NOT connect it on your Internet. Hell pretty simple concept to understand
    • by Russ1642 (1087959)

      Having a thermostat that logs temperature and activity online would be fine, so long as the furnace control circuit is physically disconnected from the logging circuits. There should be no way that the furnace could be controlled from the internet. It can't be security in software but a physical limitation of the device itself. There's very little reason for home appliances to be controlled in this manner. Commercial controls, however, are already accessible online and the security is terrible. I know someo

    • by jxander (2605655)

      Because convenience and optimization.

      You can lower your energy bill by setting your thermostat to a more relaxed temperature while you're at work (hotter or colder, depending on your climate) and then remotely set it back to a more comfortable temp as you leave the office. You can fire off your dishwasher or laundry at a certain time, when energy is cheaper. If you have kids who leave the house after you, you might want to make sure they locked up, or check how many times they hit snooze after you left.

      • No one points out a secondary auth, which adds quite a bit of layering-- that admittedly might be able to be hacked through-- to prevent unauthorized settings changes.

        If only Unbreakable Linux were.....

      • by kwiecmmm (1527631)

        Then you get a programmable thermostat that does not connect to the internet and you set it to go cooler at certain hours of the day and you setup a bunch of different modes (normal weekday, weekend, vacation, ...).

        Turn on your dishwasher and laundry as you go to work or go to bed.

        Tell your kids lock the door.

        All of this stuff can be done without an internet connection and should be done without an internet connection. But as soon as someone can hack all of a specific oven, heater, dryer or other appliance

        • by jxander (2605655)

          True, there are other options aplenty... but we're living in a time when email is too slow for a lot of people and thoughts don't break the 140 character limit. A time when the convenience of one-click purchases trumps the obvious security issue therein.

          Everything is getting more online, more interconnected, more convenient ... it makes more sense to embrace the change and work to make it smooth and safe, instead of fighting back against it.

          • by epyT-R (613989)

            Wow, condescend much? It does NOT make sense to embrace something just because it's popular. Are you one of these post modern 'educated' 35yo adolescents? You know, the kind who think in blocks of 140 characters or less?

            Smooth and safe? What does that mean? Safe for whom? None of these user-hostile technologies are designed to keep the user safe. They're designed to keep the user locked into 'service plans.'

            If our ancestors worked to make life 'smooth and safe' we'd still be bowing and paying tax to t

          • by kwiecmmm (1527631)

            True, there are other options aplenty... but we're living in a time when email is too slow for a lot of people and thoughts don't break the 140 character limit. A time when the convenience of one-click purchases trumps the obvious security issue therein.

            Everything is getting more online, more interconnected, more convenient ... it makes more sense to embrace the change and work to make it smooth and safe, instead of fighting back against it.

            TLDNR you passed the 140 character limit. :-P

            I embrace change when it makes sense to do that. I will embrace a driver-less car, as it comes out (probably in the next 10 years). But many things that are new and the "wave of the future", end up dying out within a few years, because they don't solve real problems or they cause more issues than they end up solving. I haven't heard one thing here that would be so much more convenient by controlling it through the internet, that I absolutely need and am willin

      • >You can lower your energy bill by setting your thermostat to a more relaxed temperature while you're at work (hotter or colder, depending on your climate)

        We already have this with smart thermostats. No Internet connection needed.


        >and then remotely set it back to a more comfortable temp as you leave the office.

        This is only useful for people with work schedules that vary. I think most of us leave work within 30 minutes of the same time every day.
      • You shouldn't have to manually set it back when you leave work. It should know when you leave work and set it on its own, whether because you told it when or it inferred over time.
      • by BitZtream (692029)

        then remotely set it back to a more comfortable temp as you leave the office.

        I promise you that if you do that, your electric bill will always be higher than mine.

        Changing your thermostat on a daily basis is a stupid fucking idea that wastes massive amounts of energy. I've you're going to be gone for a week? Sure. While you're at work for the day? No, thats extremely wasteful.

    • > why the hell would you connect your house to the internet or any appliance on the Internet anyway.

      So you can check up on your cats during the day while you're at work, and reassure yourself that the house hasn't gotten broken into in a way that somehow managed to avoid setting off the alarm. And dispense treats for them from the Magic Invisible Food God if you start to feel guilty about leaving them home alone all day. And drive the Roomba-platform-mounted webcam around to their favorite hiding spot (s

    • by epyT-R (613989)

      The internet of things is not there to serve you. It is there to serve you to the customer: marketers and nosy government officials.

  • by noh8rz10 (2716597) on Wednesday March 26, 2014 @04:28PM (#46587335)

    I thought a lot about this when there were dueling announcements with iOS and Android in the car. The two approaches are completely different. The android approach is to be a central hub that all components can plug into, as well as you can download apps. iOS is the exact opposite, a gated system that only has access to the screen and input buttons. Android wants to be the car's brain, and iOS wants to be the car's entertainment console.

    The concern, what happens when a hacker exploits one of android's (many) security weaknesses? they have the keys to the kingdom. Can they kill the engine while you're on the freeway? in contrast, what if a hacker pwns your iOS? maybe they change the apple maps to drive you into a lake?

    The stakes just seem a lot higher when you start letting others into your car's electronics system. These also apply to other things, like the oven in the summary.

    • .. but what if somebody commandeers my iOS-based entertainment system and programs it to ALL Bieber? That would, of course, be catastrophic!

      Dear Internets of Things,
      You suck.

    • by Sloppy (14984) on Wednesday March 26, 2014 @06:29PM (#46588447) Homepage Journal

      If someone changing a map can "drive you into a lake" then YOU have already been hacked, and it doesn't matter how [in]secure your car is. You (not one of your computers) have been owned. You don't exist anymore, because your body (which had previously been a person) has become an unconscious fully-trusting map-executing machine.

      That's cause for concern, but I wouldn't worry about their computers' security problems.

      • by noh8rz10 (2716597)

        yes yes, a bit of an exaggeration on my part. the point being, if somebody owns your iOS in the car, they can get at your phone stuff but not the can bus or other car stuff.

  • If you have to explain what the "Internet of Things" is every time you reference it, maybe we should consider using a more self-explanatory term? Just saying.
  • I looked at X10, nice and all....but.... you mean anybody could buy some X-10 equipment and trivially fuck with me? I heard about the student who did up his whole dorm room with x-10 stuff and my first thought was....in a dorm? Thats asking for pranks.

    So far, I have yet to hear any definite evidence that any of the off the shelf stuff is any good in this way. People just don't think about security until after they get bit, for the most part.

    Whenever I have seen anyone look at any home automation equipment w

  • by Capt.Albatross (1301561) on Wednesday March 26, 2014 @04:45PM (#46587499)

    We can just secure our things the same way that the things currently on the internet - power plants, dams, oil refineries - are secured.

  • by jandrese (485) <kensama@vt.edu> on Wednesday March 26, 2014 @04:45PM (#46587503) Homepage Journal
    If your oven catches fire because it was turned on too long, you have a defective oven.
    • If your oven catches fire because it was turned on too long, you have a defective oven.

      I think the general idea, at least in terms of this discussion, is that someone who can remotely access your stove via exploits can also probably bypass any safety mechanism that would prevent the stove from overheating.

      Unlike the 1980's era Lady Kenmore I had when I first bought my house, that was happy to catch fire without the need for external stimuli.

      • >I think the general idea, at least in terms of this discussion, is that someone who can remotely access your stove via exploits can also probably bypass any safety mechanism that would prevent the stove from overheating.

        That weird assumption would seem to make the discussion pointless. There would be no reason to connect the safety functionality to the remote start functionality. If you build an over that poorly, you'd be sued out of existence the first time the shoddy design was exploited.
        • >I think the general idea, at least in terms of this discussion, is that someone who can remotely access your stove via exploits can also probably bypass any safety mechanism that would prevent the stove from overheating.

          That weird assumption would seem to make the discussion pointless. There would be no reason to connect the safety functionality to the remote start functionality. If you build an over that poorly, you'd be sued out of existence the first time the shoddy design was exploited.

          And yet, we've seen evidence that automotive manufacturers have done just that - connected critical systema to non-critical ones, in a way so that compromise of one system equates to compromise of both - accessing the seat heaters through a CANbus tap also gives access to the brake and steering systems. I'd link to the recent demonstration of this particular hack, but A) pretty sure we all know about it by now, and B) inserting html is a bitch-and-a-half on this damn tablet.

          Anyway, while I may agree with th

      • Unlike the 1980's era Lady Kenmore I had when I first bought my house, that was happy to catch fire without the need for external stimuli.

        Sure it wasn't the cook?

        /ducks

  • Maybe checking the status of an oven (or oven timer?) over the net is useful, but there's no reason to allow the network to turn it on. Separate device control from device status at the hardware level, and you at least keep people's houses from burning down.

    • Because you might want to have an oven that doubles as a fridge. Put dinner in keep cold all day and start when you leave work.

      • That's fair enough, I can see that being useful, especially for those who have jobs that semi-routinely don't hold to any sort of fixed hours.

        There can be a happy medium between access and security. I don't think anyone is really arguing the security of checking the status of a device - it's pretty easy to implement that read-only. I can quickly come up with the thought that the network connection could also allow you to activate a function or program but not make changes to it - that would require physical

        • Sane limits and limits outside of software are important. Take the same oven, if it's gas it should have some sort of interlock that turns off the gas if burner did not light. That is not something that should ever be controlled by software or remotely. So sure software could turn on the gas and not set off the spark but the gas would shut off in short order. I probably need a few more cases to take care off like repeatedly trying to light it etc etc. But you get the point the safety bit has to respond

  • There is absolutely no reason not to have your oven networked, so long as it is properly designed. Hardware can't do what it can't do. You simply do what toaster and oven manufacturer's already do, which is to make sure that it passes UL Standards, and that no matter what the software tells the hardware to do, the hardware simply is incapable of complying with dangerous requests.

    The hacker might burn your dinner, but he isn't going to "start a fire and burn your house down". Period.

    I'm actually pretty s
    • by noh8rz10 (2716597)

      Why would I want my oven to be online? Seriously? If you can't think of advantages to having appliances capable of communicating over the internet, and being controlled by same, then you aren't thinking.

      Enlighten us please.

    • by epyT-R (613989)

      Yeah well, with consumer appliances and electronics designed and built in china, that is a bad assumption. Really, the answer is keep it simple stupid. If it's not needed, don't have it.

      This crowd's been around the block enough times to know that liberty, privacy and control over one's domain are more important than trendy 'convenience.' Always connected appliances allow too many detrimental temptations for vendors and governments.

      • I'm assuming you don't use a word processor. Pencil and paper is so much simpler.

        "This crowd's been around the block enough times to know ..."

        Evidently you didn't compare SlashIDs with me :-)

    • by BitZtream (692029)

      There is absolutely no reason not to have your oven networked,

      Please show me your unexplainable software. Go ahead, the world will wait while you present this solution that evidently you and you alone were able to figure out that solves all software exploits and engineering flaws.

      • Ah, yes .. the old "quote a tiny portion of a complete explanation, and then present it as if it was everything written" approach.

        I especially like how you follow it with a complete non-sequitir! The way "Please show me your unexplainable software." couldn't possibly relate to the assertion: "There is absolutely no reason not to have your oven networked" is truly astounding!.

        Don't worry. I'm sure nobody but me will notice that you ignored every part of my OP where I specifically address why it doesn't
  • That is so 1990's.
    We install a VPN router to connect to the home network through that? So the only thing we need to secure are the VPN?
    Everything else is insanity and who wants to spend all their free time checking up on all their appliances to see if they are secure with the latest patches? Most of them probably won't be and the hardware will outlive the software updates.
    Will there be security updates for your heatpump in 10 or even 5 years? I doubt it. But it is damn to be able to turn on the heat or cold

    • I can see it now. You update the firmware in your fridge because it kept ordering milk too early and end up bricking the whole thing when there is a bug with the new version. Turns out the manufacturer doesn't make that model anymore and installing a replacement chip is more expensive than just buying another fridge. Yes, that sounds like fun.
  • ...connecting some things to the internet is simply a dumb idea?

    Why would I want my OVEN connected to the internet.
    One has to be there to put the ingredients, etc in, no?
    And if it's going to cook food while I'm not there...will it then eat it for me too?

    Seriously, the technophilia is just stupid sometimes.

    • by DarkOx (621550)

      I forget what brand it was a few homes ago. I did have another heading on timer, you could preset the temperature and have a come on in a particular time you specified. This man for instance you can put casserole in the oven and head off to the movies. You knew about you get home you knew the thing in 45 minutes to bake, you could arrange for to be just about ready when you walk in the door.

      And I was just with a simple timer was quite nice. Of course there was always the risk that you might be delayed,

      • Of course there was always the risk that you might be delayed, which of course meant your dinner might burn. I haven't seen this feature in a while...

        Any relatively higher end oven has this feature. Mine does - I can set the oven to turn on at the time and temperature I want and then turn off after a set period of time as well. If you're delayed by a lot, maybe it will be cold again when you get home. There is an issue I suppose of putting something that really shouldn't sit at room temperature all day in there first thing in the morning, although someone above alluded to some really fancy ovens that have built in refrigerators as well. That's above my p

  • securing is easy but requires internet giants to give up control to users. we must know why, what, when, and where the data flows, and users must be in control, to be able to selectively allow or not such connections.
  • by mspohr (589790)

    This has been a problem for many years as this old cartoon shows:
    https://dl.dropboxusercontent.... [dropboxusercontent.com]

  • Why would my oven be connected to the Internet?

    You know, there are plenty of "normal" computers that aren't connected to the Internet for this very reason: they are just too dangerous/important to get hacked. I would think you'd want the same for your oven, a massive heat-generating device.

  • by koan (80826)

    Would I be stupid enough hot put my oven online?

On the Internet, nobody knows you're a dog. -- Cartoon caption

Working...