The European Commission is drafting new cybersecurity requirements to beef up security around so-called Internet of Things (IoT) devices such as Web-connected security cameras, routers and digital video recorders (DVRs). News of the expected proposal comes as security firms are warning that a great many IoT devices are equipped with little or no security protections.The problems with IoT security are legion: devices are very cheap and so profit margins are razor thin, leaving little desire to invest in good security. The owners are non-technical and may not even care if the devices are compromised so long as they continue to work. Things are likely to move to web-based control protocols, meaning that ISPs won't be able to help by blocking management protocols like Telnet and SSH.
This is a real mess, and looks like it will get a whole lot messier.
This is great. The same folks who wanted to regulate the amount of curves in bananas and cucumbers will regulate security. So the EU will make drop a few hundred pages of regulations that will work until ways around them are found, and then the EU will be incapable of responding fast enough to do any good. In a race between the big, bloated bureaucracy and the small and nimble, don't bet on the big one.
ReplyDelete