Tuesday, October 11, 2016

Government about to regulate Internet Of Things security

This is a mess, and the mess is so bad that government intervention might actually help:
The European Commission is drafting new cybersecurity requirements to beef up security around so-called Internet of Things (IoT) devices such as Web-connected security cameras, routers and digital video recorders (DVRs). News of the expected proposal comes as security firms are warning that a great many IoT devices are equipped with little or no security protections.
The problems with IoT security are legion: devices are very cheap and so profit margins are razor thin, leaving little desire to invest in good security.  The owners are non-technical and may not even care if the devices are compromised so long as they continue to work.  Things are likely to move to web-based control protocols, meaning that ISPs won't be able to help by blocking management protocols like Telnet and SSH.

This is a real mess, and looks like it will get a whole lot messier.

1 comment:

  1. This is great. The same folks who wanted to regulate the amount of curves in bananas and cucumbers will regulate security. So the EU will make drop a few hundred pages of regulations that will work until ways around them are found, and then the EU will be incapable of responding fast enough to do any good. In a race between the big, bloated bureaucracy and the small and nimble, don't bet on the big one.

    ReplyDelete

Remember your manners when you post. Anonymous comments are not allowed because of the plague of spam comments.