Sign in / up

back to article Tech giants warn IoT vendors to get real about security

The heavyweights behind the Broadband Internet Technical Advisory Group (BITAG) are sick of Internet of Things (IoT) startups foisting insecure rubbish on consumers, and have fired a report that looks like a stern warning that IoT bandwagon-hoppers need to get their houses in order. The group – which counts vendors like Cisco …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Android updates

    Given how long and difficult and even unsuccessful this has been I can't see IoT improvements happening. The only way to implement it will be whitelists of devices in network kit from the likes of Cisco.

    Then of course the trade war with China begins in ernest.

    4 1 Reply
  2. Anonymous Coward
    Anonymous Coward

    А васька слушает да ест

    There is an excellent extra Fable in Krylov's retelling of Lafontaine's/Aesop's fables in Russian.

    It is the fable about the Cook and the Cat. The Cook catches the cat in the act of stealing a big slice of ham and starts to chastize it. You bad kitty, yadda, yadda, yadda. And the cat listens and continues eating (А Васька слушает, да ест).

    There is no baseball bat here. The kittie will CONTINUE EATING until all SOHO routers by default come with blacklist/whitelist for UPNP firewall traversal based on MAC. Not in an approved list of people who update their firmware - sorry no NAT traversal for you so no access from the Internet, bad kittie, bad kittie - no ham for you.

    The issue is that these erstwhile "giants" are not even in possession of a bat to threaten anyone with. They divested from most of their Broadband CPE business and for the little they still make (Cisco Cable) the software is NOT WRITTEN IN HOUSE. So there is no bat (except just Google which has the staggering CPE share of <0.0001%). So Vaska can continue eating while the cook can continue to chastize. Nothing happened here. Move along. These are not the "broadband giants" you have been looking for.

    10 1 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: А васька слушает да ест

      Interesting and relevant fable -- but I upvoted it because cats.

      2 0 Reply
    2. joed
      Reply Icon

      Re: А васька слушает да ест

      Much simpler idea. Instead of whitelisting, just ship them routers with UPNP disabled or even not available. This protocol is just as much the cause of security issues as cheap IoT junk.

      2 0 Reply
  3. Anonymous South African Coward Bronze badge

    "The industry is going to resist, because even implementing one of the report's many sets of recommendations – that the industry imitate enterprise IT's systems of vulnerability reporting, updates, life cycle management, secure updates and the like – falls entirely outside the economic model of a consumer gadget."

    Narf, they will continue with business as usual. Was about to say "So what? Increase your pricing to ensure a budget for testing etc" but that have the same chances of an ice cube in hell.

    Just an interesting thought - what if IoThings start to bombard Chinese IP's with everything they've got for a whole month? Or will they specifically avoid Chinese IP's and target world+dog that's not Chinese?

    1 0 Reply
  4. Spanker

    Just got back from a 'conference' held by yet another minor talking shop hoping to net some of the millions doled out by clueless government hoping for some iot street cred.

    I bought up the very point. I was asked what needs to change and I said we need i) isp routers to ban anything not accredited, stamp a green padlock on each thing and ii) a successor to uPnP, which has to die a horrible death.

    This was pooh-poohed. A non-starter. Let's publish another consumer leaflet instead and talk about getting Chinese manufacturers onboard. Sigh.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like