Please login or register.

Login with username, password and session length
Pages: [1] 2 3 ... 8

Author Topic: Proposed standards for Internet of Things  (Read 46208 times)

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Proposed standards for Internet of Things
« on: March 28, 2014, 07:04:41 AM »

While it does not address security, per se, a proposal from several major manufacturers that would create interoperability standards for IoT devices is encouraging. Their interest is industrial applications but I think it inevitable that similar standards will evolve for the types of devices of interest here.
« Last Edit: March 28, 2014, 07:10:24 AM by dhouston »
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Re: Proposed standards for Internet of Things
« Reply #1 on: April 08, 2014, 06:32:37 AM »

An article in today's NYT indicates that 25%-75% of corporate network hacker penetration comes by way of third party devices/systems connected to the corporate network.
HVAC systems, vending machines, even online menus from restaurants frequented by employees are among the exploits. As IoT devices proliferate in homes, hackers are sure to follow.
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Re: Proposed standards for Internet of Things
« Reply #2 on: April 11, 2014, 07:48:00 AM »

The OpenSSL Heartbleed bug, currently in the news, is likely to affect a multitude of embedded devices (e.g. routers) used in home networks, most of which use open-sores versions of Linux.
You should check with the manufacturers of your various devices to see whether their hardware is affected and, if so, how to fix the problem.
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

dave w

  • Community Organizer
  • Hero Member
  • ***
  • Helpful Post Rating: 139
  • Posts: 6116
Re: Proposed standards for Internet of Things
« Reply #3 on: April 17, 2014, 08:21:36 PM »

I think it only a matter of time before we have our own Fukushima or total collapse of the grid, do to hacking. Seems like the "IoT" will only exacerbate that threat.
Logged
"This aftershave makes me look fat"

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Re: Proposed standards for Internet of Things
« Reply #4 on: April 17, 2014, 09:49:47 PM »

And I've expected a catastrophic cloudburst ever since cloud computing became the latest thing.

I had to change a couple of online passwords where OpenSSL was in use. My wireless router did not use it but I'm not sure how to check whether my Smart TV uses it nor how to update it in case it does.

EDIT: Vizio tech support tells me my TV is not affected by Heartbleed.
« Last Edit: April 18, 2014, 11:39:48 AM by dhouston »
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

Brian H

  • Community Organizer
  • Hero Member
  • ***
  • Helpful Post Rating: 305
  • Posts: 13295
Re: Proposed standards for Internet of Things
« Reply #5 on: April 18, 2014, 06:05:48 AM »

There was a news story here in CT. On constant attacks on the utilities from all around the world. In hopes of taking down the power grid and other utilities. As most are controlled by computers.  ???
Logged

HA Dave

  • Hero Member
  • *****
  • Helpful Post Rating: 175
  • Posts: 7127
Re: Proposed standards for Internet of Things
« Reply #6 on: April 18, 2014, 10:33:29 PM »

There was a news story here in CT. On constant attacks on the utilities from all around the world. In hopes of taking down the power grid and other utilities. As most are controlled by computers.  ???

Doesn't the nations communications (network and phone) backbone run through there too?  

I think it only a matter of time before we have our own Fukushima or total collapse of the grid, do to hacking. Seems like the "IoT" will only exacerbate that threat.

I think it's already happened! Actually I am pretty positive the NSA already has complete access to all PC's, and phones (mobile and landline), along with the records of all the traffic by the device users. And if the bumbling idiots in the government can do that... who can't?!?!?!?

There are no secrets... and any device.... gadget or structure can be broken into. Your phones, your PC's, your steel clad front door, the fireproof safe.... all are easy to get into. A half a century ago.... the police had devices that could listen to conversations whispered in a bedroom. Privacy... is an illusion. 
« Last Edit: April 18, 2014, 10:48:43 PM by HA Dave »
Logged
Home Automation is an always changing technology

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Re: Proposed standards for Internet of Things
« Reply #7 on: June 02, 2014, 07:34:02 AM »

The author of this article in the NYT shares my concerns with IoT security.
While it doesn't address IoT security explicitly, here is an excellent security primer for those using iOS or Android devices.
« Last Edit: June 02, 2014, 09:21:59 AM by dhouston »
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Re: Proposed standards for Internet of Things
« Reply #8 on: June 03, 2014, 09:56:57 AM »

A Heartbleed variant called Cupid allows hackers to penetrate networks (home and commercial) through WiFi routers.
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

Brian H

  • Community Organizer
  • Hero Member
  • ***
  • Helpful Post Rating: 305
  • Posts: 13295
Re: Proposed standards for Internet of Things
« Reply #9 on: June 04, 2014, 06:12:18 AM »

I have seen web posts. That some of the larger Cable Companies {Comcast for one} now use the WiFi interface they supply. For local hot spots for their systems.
Customer does not see the data used by the hot spots as part of their monthly data usage.

IMHO.
Going to cloud storage and use is a real bad idea.
I have seen the Insteon HUB users standing out in the cold. When the cloud service went down.
Logged

HA Dave

  • Hero Member
  • *****
  • Helpful Post Rating: 175
  • Posts: 7127
Re: Proposed standards for Internet of Things
« Reply #10 on: June 04, 2014, 01:10:03 PM »

.....
IMHO.
Going to cloud storage and use is a real bad idea.
I have seen the Insteon HUB users standing out in the cold. When the cloud service went down.

Of course you're correct! As the world... and our technologies.... get more advanced/complex the more interdependent and fragile they become. But what do we do? Kerosene lamps, wood burning stoves, letter writing instead of email, and [automation] club memberships instead of forums? To be honest.... that doesn't sound half bad. But it's never going to happen.

We've eliminated the drudgery of cleaning soot from lanterns and chimneys... with the boredom of updating software and running virus scans. The recent events with X10 have taught us all that all things sooner or later do fail. Efforts and risks will forever alter and change. We just keep changing and altering with them. Nothing lasts forever. 
Logged
Home Automation is an always changing technology

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Re: Proposed standards for Internet of Things
« Reply #11 on: June 04, 2014, 02:56:59 PM »

I'm no Luddite - I tend to surf the bleeding edge of technology - but I do think it important to be aware of the security issues that these new technologies present and to point to 'best practice' methods.

I try to avoid clouds, preferring the sunny side of the street. Not only are there those issues noted about Insteon Hub cloud services and X10 servers but I see no reason why security cameras need to connect to remote servers. For data backup, I prefer local HDDs. I have a 500GB USB HDD connected to each PC plus a 1TB USB HDD connected to my router, providing common storage for all my network devices. While I have to worry about security issues vis a vis my router, I don't have to worry about little birdies (NSA drones) flying through remote clouds coming across my data.

A little more about 'best practices'...
My WiFi router does not advertise its presence, is password protected and uses MAC filtering for all WiFi connections. My main PC runs an antivirus scan daily. Other PCs, which are only on occasionally, run a virus scan at least once a week. I have implemented most, although not all, of these 'best practices'...
« Last Edit: June 05, 2014, 08:13:40 AM by dhouston »
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

JeffVolp

  • Community Organizer
  • Hero Member
  • ***
  • Helpful Post Rating: 122
  • Posts: 2300
    • XTB Home Page
Re: Proposed standards for Internet of Things
« Reply #12 on: June 04, 2014, 06:53:49 PM »

For data backup, I prefer local HDDs. I have a 500GB USB HDD connected to each PC plus a 1TB USB HDD connected to my router, providing common storage for all my network devices.

I agree with you.  All the PCs I've built have at least 2 physical hard drives, and the second is used for on-line backup.  More recently I'm using the huge memory sticks for off site backup.  I just bought another 128G for $40 to back up all our photographs.  It is incredible how cheap storage has become.

Jeff
Logged
X-10 automation since the BSR days

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Re: Proposed standards for Internet of Things
« Reply #13 on: June 04, 2014, 07:17:01 PM »

It is incredible how cheap storage has become.
Agreed! Yesterday I saw an eBay vendor selling 32GB microSDHC cards with SD adapter for $0.99 + $2.00 shipping.

When I later tried to order, the page appeared to be a mistake as neither the Buy Now or Add to Cart buttons would work. Going to the vendors store revealed a $9 price + $2 shipping.
« Last Edit: June 06, 2014, 08:37:01 AM by dhouston »
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Re: Proposed standards for Internet of Things
« Reply #14 on: June 04, 2014, 07:23:23 PM »

...some of the larger Cable Companies {Comcast for one} now use the WiFi interface they supply. For local hot spots for their systems.
Those might prove to be more tempting targets for war-drivers than run-of-the-mill home routers.
And, they are also likely to be vulnerable to man-in-the-middle attacks by exploiting a newly discovered 10 year old bug in OpenSSL.
And now comes yet another OpenSSL bug. This one is 15 years old. So much for the virtues of open-sores software.
And, it continues - seven security flaws have NOW been found and patched in OpenSSL.
« Last Edit: June 08, 2014, 09:20:23 AM by dhouston »
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston
Pages: [1] 2 3 ... 8
 

X10.com | About X10 | X10 Security Systems | Cameras| Package Deals
© Copyright 2014-2016 X10.com All rights reserved.