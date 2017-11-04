Experts Propose Standard For IoT Firmware Updates (bleepingcomputer.com) 13
An anonymous reader quotes a report from Bleeping Computer: Security experts have filed a proposal with the Internet Engineering Task Force (IETF) that defines a secure framework for delivering firmware updates to Internet of Things (IoT) devices. Filed on Monday by three ARM employees, their submission has entered the first phase of a three-stage process for becoming an official Internet standard. Titled "IoT Firmware Update Architecture," their proposal -- if approved -- puts forward a series of ground rules that device makers could implement when designing the firmware update mechanism for their future devices. The proposed rules are nothing out of the ordinary, and security experts have recommended and advocated for most of these measures for years. Some hardware vendors are most likely already compliant with the requirements included in this IETF draft. Nonetheless, the role of this proposal is to have the IETF put forward an official document that companies could use as a baseline when designing the architecture of future products. This document could also serve as a general guideline for lawmakers who could draft regulations forcing manufacturers to adhere to this baseline. Some of the main requirements put forward by three ARM engineers in their IETF draft include: The update mechanism must work the same even if the firmware binary is delivered via Bluetooth, WiFi, UART, USB, or other mediums; The update mechanism must work in a broadcast type of delivery, allowing updates to reach multiple users at once; End-to-end security (public key cryptography) must be used to verify and validate firmware images.
Slight flaw: even if this costs 0.00000001 cents per device that's 0.00000001 cents too much.
End-to-end security (public key cryptography) must be used to verify and validate firmware images.
Sounds good to prevent bootloader trojans etc. But it does mean you cannot tinker with the device yourself unless the vendor allows the mechanism to be bypassed. And what happens if the vendor goes out of business - then noone can create new firmware?
Overall, I think it is a reasonable measure to prevent massive botnets running on all kinds of devices, but I do hope there is a physical bypass of the verificatio
If the device private key is distributed in electronic form the the user then a trojan could scour their computer looking for it. I'd prefer a physical mechanism as that prevents remote manipulation. A sticker on the device with the private key would work. A dip switch or similar inside the device would work too.
How about a standard for IoT security (Score:4, Interesting)
I'm thinking of something akin to the FCC Title 47 CFR Part 15. You know, the "this gadget can handle interference and doesn't broadcast interference" sticker you find on every piece of equipment sold in the US. By law, these things have to comply to this.
How about a "this gadget can handle malformed and malicious signals from the internet and does not broadcast any" sticker? And noncompliance gets you slapped with a fine from here to Albuquerque.
You can't do that? Then stop putting an internet connection on your fucking toaster and you're fine!
Common Sense, isn't common. (Score:2)
"...security experts have recommended and advocated for most of these measures for years."
This tends to highlight the chances of security experts being heard this time around.
I've come to the conclusion that manufacturers like burning themselves on the proverbial stove over and over again. It's reached a level of ignorance that is beyond reproach. Watch and see how proposed standards will be ignored due to a potential impact on profits. Greed is all that matters.