Tag Archives: Internet of Things

The Internet of Things Will Turn Large-Scale Hacks into Real World Disasters

More and more, looking at security protocols and evangelizing for practical InfoSec and OpSec habits, I feel like I’m eventually going to turn into Battlestar Galactica’s Commander Bill Adama: “I will not have a networked computer on my ship!” Much of our vulnerability is thanks to Congressional “protections” such as the CFAA and–especially–the DMCA which specifically outlaws security research and penetration testing.

The rise of the Internet of Things threatens to make it much easier to cause real-life damage through cyberattacks.

Source: The Internet of Things Will Turn Large-Scale Hacks into Real World Disasters | Motherboard

Now You Can Hide Your Smart Home on the Darknet

The privacy-focused Tor Project backs a new initiative that lets you use Tor to keep your home’s Internet-of-things devices hidden from hackers.

Source: Now You Can Hide Your Smart Home on the Darknet | WIRED

Google reaches into customers’ homes and bricks their gadgets

Normally, when I publish a link to another article, I publish a direct link. Today, though, I don’t think I could much improve upon Cory Doctorow’s commentary. However, I will add my own opinions here.

What sort of a world do we live in when “corporate interests” dictate whether or not you can use the technology you legally purchased? Imagine if you purchased a Blu-Ray player that not only refused to play any 20th Century Fox films, but destroyed itself in the process. Imagine if you bought a car that would simply refuse to start if you made the mistake of putting in Shell gas instead of Chevron. Imagine if that car automatically died when the next model was imminently available. Imagine if you took your iPhone to a 3rd-party repair shop, only to have it bricked when the next software update automatically downloaded (oh, wait, that last one actually happened….)

This, folks, is why the DMCA is an existential threat to freedom. Freedom of commerce, freedom of innovation, freedom of legal use, freedom of repair, freedom of choice…. Devices are more and more often being built with planned obsolescence, but (usually) consumers can keep their devices in good repair or even hack them to suit their own needs. Unfortunately, the latter is a violation of federal law. The former could technically be as well–given the correct judicial environment. John Deere and General Motors tried a similar move recently, and they were only stopped when the Library of Congress (the “keepers of the copyright”) finally yielded to massive public outcry. Let us cross our fingers that the same thing will happen for Nest.

This is also why I tend to look at building my own automation devices and solutions: the concept of ownership. Devices you “buy” at the store are no longer yours to tinker with. This was fine back when the worst damage you could do was to break the gadget and void the warranty. Now, if you break the gadget, you face criminal charges in addition to a voided warranty. If the hardware isn’t based on open principles, and the firmware isn’t open-source, I really don’t want a part of it. Part of my shopping process for devices is researching to see if there are alternative firmware builds available or if there is an active development community. Basically, I don’t want some some silver-spoon jerk-off in a San Jose ivory tower coming into my home and telling me what I can and cannot do with the hardware I legally purchased (that includes Cupertino as well as Mountain View).

One last note: Although Google purchased Revolv, since the corporate restructuring under the Alphabet umbrella, Nest now owns Revolv. Google was the company whose unofficial motto said “Don’t Be Evil”, and no such culture exists at either Alphabet or Nest. Let that soak in for a second.

Revolv is a home automation hub that Google acquired 17 months ago; yesterday, Google announced that as of May 15, it will killswitch all the Revolvs in the field and render them inert. Section 1201 of the DMCA — the law that prohibits breaking DRM — means that anyone who tries to make a third-party OS for Revolv faces felony charges and up to 5 years in prison.

Source: Google reaches into customers’ homes and bricks their gadgets / Boing Boing

How libraries can save the Internet of Things from the Web’s centralized fate

God bless the librarians, for they are the stewards of the future and the guardians of freedom.

The American Library Association Code of Ethics says: ”We have a special obligation to ensure the free flow of information and ideas to present and future generations.”

Source: How libraries can save the Internet of Things from the Web’s centralized fate / Boing Boing

‘Search Engine For Sleeping Babies’ proves IoT manufacturers consider your security forfeit.

Make sure you learn how to lock down your devices if you’re going to buy them off the shelf.

Shodan search engine is only the latest reminder of why we need to fix IoT security.

Source: “Internet of Things” security is hilariously broken and getting worse | Ars Technica

Introducing the ‘right to eavesdrop on your things’

I was once in charge of one of the first Coca-Cola machines on the Internet. This was the late 20th century at MIT, where we thought it was pretty awesome that you could, in theory, make the machine dispense a Coke from your desktop computer without having to walk over to it. (Of course you still had to walk there to pick up your Coke in the end.)

Source: Introducing the ‘right to eavesdrop on your things’

How Can the Internet of Things Fight Fires?

Firefighters might have embedded sensors in their protective suits, alerting them about external temperatures and chemicals.

Source: How Can the Internet of Things Fight Fires?