The challenge with internet of things security so far has been the cost of implementing hardened features. It’s cheaper and faster to develop a product without spending time and resources on security. Devices rush off the line without adequate protections, often riddled with bugs, and rarely have a mechanism for manufacturers to distribute patches. An attacker who penetrates those IoT devices can potentially steal data, rope the unit into a botnet, or even use it as a jumping off point to infiltrate other parts of a network.
Source: Wired Magazine
Date: December 7th, 2017
1) “It’s cheaper and faster to develop a product without spending time and resources on security.” This happens with almost every systems design project. How might security be “built-in” instead?
2) “Everyone is touting that they are secure, but we know that there is no such thing as truly secure. The best you can hope for is have you ‘secured’ it? So if there are compromises and attempts to compromise—and there will be inevitably—that you can resist and that you can recover.” How does this make you feel about your iPhone, Alexa device or Google voice?