I Thought He Came With You is Robert Ellison’s blog about software, marketing, politics, photography, time lapse and the occasional well deserved rant. Follow along with a monthly email, RSS or on Facebook. About 7,250,102,787 people have not visited yet so it might be your first time here. Suggested reading: Got It, or roll the dice.

Securing the Internet of Things

Securing the Internet of Things

We can’t trust manufactures to build secure connected devices and so routers need to be updated to solve this problem once per network.

The distributed denial of service (DDOS) attack on Friday, October 21 was apparently caused by dodgy webcams. But next time it will be Nest or Alexa or Hue - not picking on Google, Amazon or Philips specifically here, those just happen to be the IOT devices currently plugged into my home network. My washing machine and drier would be as well but fortunately LG’s dismal app has saved me from myself by not working for toffee. Oh, I have some DropCams too. And my car is connected. The next attack will probably just come from me.

My fix: update routers to sandbox these devices. A Nest thermostat can only talk to nest.com. If it wants to DDOS Reddit too bad, no connection allowed no matter how badly the device is compromised.

When a new device is connected the router looks it up (MAC address registry?) and then puts it in the appropriate sandbox.

If Nest needs to connect to weather.gov to check the forecast then Google would need to proxy this via nest.com. If the device goes bad it’s only got one domain to attack (so there’s a pretty good incentive for the manufacturer to make sure it doesn’t).

The only downside is new routers or new router firmware. Given the current state of IOT I’d buy one.

As usual if any of my billionaire investor readers are interested get in touch.

Add Comment

All comments are moderated to weed out spam. Email address is optional and is only used to display your Gravatar.