nanog mailing list archives
Re: Spitballing IoT Security
From: Valdis.Kletnieks () vt edu
Date: Wed, 26 Oct 2016 18:24:16 -0400
On Wed, 26 Oct 2016 15:02:46 -0700, "Ronald F. Guilmette" said:
i.e. a multitude of wall plates in every room, each one bristling with a multitude of RJ11 sockets into which all manner of shiny new IoT things will be directly plugged, thence to be issued their own IPv6 addresses directly via DHCP from the local provider.
Actually, it seems to be going to wireless/bluetooth, and DHCP from the household router. Note that although a minor difference, it's one that can be leveraged. If we can change the dynamic from "plug it in and it Just Works" to "plug it in, and click the pop-up from your router confirming that you just added a device, and it Just Works after that", the battle is 3/4 won. The other 1/4 is the device initially telling the router what sort of device it is. - and we already know how to do that for USB and BlueTooth...
Given that, and given that "OpenWRT and kin" often provide the end-user with readily accessible dials and knobs via which the user can force the device to *exceed* legal/FCC limits on power output, I am not persuaded that open source WiFi router firmware actually represents a shining example of a methodology to prevent inexpensive devices from behaving badly.
Given that out of the box, the default config is in bounds, and it requires actual user interaction to exceed the limits, and that we don't see a very large problem out in the wild, I think we have prior art for the concept that "shipped with default and clued user can reconfigure" is a workable design.
Attachment:
_bin
Description:
Current thread:
- Re: Spitballing IoT Security, (continued)
- Re: Spitballing IoT Security Mike Hammett (Oct 24)
- Re: Spitballing IoT Security Hugo Slabbert (Oct 24)
- Re: Spitballing IoT Security Mike Hammett (Oct 24)
- Re: Spitballing IoT Security bzs (Oct 24)
- Re: Spitballing IoT Security Rich Kulawiec (Oct 26)
- Re: Spitballing IoT Security Eric S. Raymond (Oct 26)
- Re: Spitballing IoT Security Mel Beckman (Oct 26)
- Re: Spitballing IoT Security Eric S. Raymond (Oct 26)
- Re: Spitballing IoT Security Mel Beckman (Oct 26)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 26)
- Re: Spitballing IoT Security Valdis . Kletnieks (Oct 26)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 26)
- Re: Spitballing IoT Security Jean-Francois Mezei (Oct 26)
- Re: Spitballing IoT Security Ronald F. Guilmette (Oct 26)
- Re: Spitballing IoT Security Leo Bicknell (Oct 26)
- Re: Spitballing IoT Security Jean-Francois Mezei (Oct 26)
- Re: Spitballing IoT Security JORDI PALET MARTINEZ (Oct 26)
- Re: Spitballing IoT Security jim deleskie (Oct 26)
- Re: Spitballing IoT Security Jean-Francois Mezei (Oct 26)
- Re: Spitballing IoT Security Ken Matlock (Oct 26)
- Re: Spitballing IoT Security Mark Andrews (Oct 26)