Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Intel Security Technology

Intel, Arm To Help Create New IoT Standard For Device Onboarding (crn.com) 60

Intel is working with rival Arm to create a new industry standard for an important issue in the Internet of Things market: making sure that devices are properly configured and connected to the cloud. From a report: The Santa Clara, Calif.-based chipmaker announced on Wednesday that the company is a founding member of the new IoT Technical Working Group within the FIDO Alliance, an industry consortium founded by PayPal, Lenovo and others in 2012 to develop standards for password-less authentication. The goal of FIDO's IoT Technical Working Group, which will also include experts from Microsoft, Google and Amazon, is to create a standard specification for "large-scale IoT onboarding," the process in which devices are configured and connected to IoT cloud management services at the time of installation. Lorie Wigle, the executive in charge of Intel's platform security efforts, told CRN that it is important to create a standard around IoT onboarding because many companies currently face challenges with the practice when it comes to handling large-scale deployments and security. [...] Once FIDO develops the standard, market forces will compel companies to adhere and participate, according to Wigle, who said it will also increase device variety, lower costs and accelerate deployments.
This discussion has been archived. No new comments can be posted.

Intel, Arm To Help Create New IoT Standard For Device Onboarding

Comments Filter:
  • While it's nice that such a group exists, I have to wonder why Apple is not a member - Apple very much makes things that also connect to networks.

    • by tlhIngan ( 30335 )

      While it's nice that such a group exists, I have to wonder why Apple is not a member - Apple very much makes things that also connect to networks.

      Probably because this group wants cloud based systems to do it. Apple's doing a very good job pretending to be all about privacy, so they won't be interested in such things - first off, HomeKit devices are generally local only - they're not allowed Internet access for various reasons. (Apple does do security scans for approved devices - probably not much more than

      • first off, HomeKit devices are generally local only

        Nope.

        I believe you need either a Mac or an AppleTV if you want to have HomeKit accessible over the Internet so they can be the gateway.

        Or an iPad. But this is only for the HomeKit external access. The device can have its own kind of external access (and often do)

    • Perhaps because Apple has zero interest in devices connecting to anything other than the iDevices in your home? (HomeKit)
      That's my guess.
    • by Ross Finlayson ( 17913 ) on Wednesday June 26, 2019 @02:55PM (#58830178) Homepage

      "Finlayson's Law of Industry Consortia": To understand the real purpose of an 'industry consortium', note which prominent member of the industry is *not* a member.

    • Nobody wants Apple in a standards group after they tried to blow off Vulkan.

  • by xack ( 5304745 ) on Wednesday June 26, 2019 @11:04AM (#58828612)
    We don’t need it to be too easy to connect botnet nodes. Offline by default should be the standard.
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      I'm not sure offline by default is enough. Not to take away from your point, because I agree with you.

      I guess what I mean, is regardless of how things are configured by default, everything should be open, transparent and a little more local than "cloud".

      If setting up some sort of automation for your home or business, you should be able to have them route only with one another, you should know how and when things get turned on and are activated, you should be able to update and maintain both the hardware an

  • No! (Score:2, Insightful)

    by Anonymous Coward

    Connected to the cloud is part of the problem! Inaccessible by other networks is how it should be. LAN of Things not Internet of Things.

    • Inaccessible by other networks is how it should be. LAN of Things not Internet of Things.

      Then how do I control my refrigerator settings from my cellphone?

    • But they made up a new word to describe it, doesn't that mean you'll stop hating it??

    • by dAzED1 ( 33635 )
      part of the insecurity is a lack of robust methods for...securely communicating. Without knowing who you're talking to, there's no reason to be secure.
    • by skids ( 119237 )

      Ironically given the general security nightmare of cloud gadgets, full TNC [strongswan.org] stacks were abandoned by pretty much everyone but certain IoT endeavors.

  • by rtkluttz ( 244325 ) on Wednesday June 26, 2019 @11:19AM (#58828732) Homepage

    If you are having to ask another entity to authenticate your device, it isn't secure. Cloud apps are fine. Cloud apps you don't control are not. Cloud doesn't have to mean outsourced to someone else.

    • If you are having to ask another entity to authenticate your device, it isn't secure.

      It's not supposed to be secure . . .

      Only collect data which Intel and ARM can sell . . .

  • My preferred tool for 'configuring' IoT devices is a waffle-faced framing hammer.
  • Ha ha ha ha ha. That's cute. How about no, fark you, gov forces should compel you to stop making horribly insecure products that invade privacy without informing the consumers. "market forces" don't do anything other than invade privacy even more.
  • First they verbed the nouns and I rolled my eyes but said nothing. Then they verbed the adjectives and I threw up a little in my mouth but said nothing.

    At least my spell check is advanced enough to reject "verbed."

  • https://xkcd.com/927/

    I already know of different standards from Amazon, Google and Microsoft for their IoT cloud.
    • There is nothing insightful about pointing at individual companies calling their preferred system a "standard." That's not what a standard is.

      If ARM is involved in a standard, that is big news because it might really be an actual standard. Most of these devices are programmed using CMSIS (Cortex Microcontroller Software Interface Standard) compatible libraries which largely standardize the common interfaces. If this ends up being part of that ecosystem it will take over and most of the companies you list wi

    • Also relevant to IoT/cloud stories: https://xkcd.com/2166/ [xkcd.com]

  • is a security standard. A mandated security standard. With crap not meeting it being disallowed from being sold.

    And with that security standard NOT being defined by companies that have an interest of it being weak enough that it could just as well not exist at all.

    'til we have that, don't bother waking me.

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]

Working...