The future is weird: we used to protect our privacy by shying away from microphones and webcams. Nowadays, we install them everywhere and call them Siri or Alexa.
As the Internet of Things (IoT) continues to proliferate, infusing itself into everyday objects, it’s up to developers to build devices that don’t sacrifice consumer security nor privacy.
Update – Build a Secure Update Mechanism
If NASA can remotely update the Mars Expedition Rover from over 30 million miles away without bricking it, your IoT device should also be capable of being updated across the Internet in a secure manner without turning the device into an expensive paperweight.
A secure update mechanism ensures that only authenticated and authorized updates are allowed to be installed on the device. These requirements are typically implemented via a code signing mechanism.
Prior to applying the update, the device will compute the cryptographic hash of the update to ensure it hasn’t been corrupted in-transit. The update package could be updated in-transit due to transmission errors or a man-in-the-middle (MitM) attack, where an attacker intercepts the connection and sends his own malicious update package, with the intent to install malware or otherwise steal sensitive data.
While you may not think this is a big deal, remember how much of your personal information is stored on these IoT devices to make them function the way you like (to make them so “user-friendly” and “helpful,” that is).
In order to prevent these types of malicious attacks, an update’s signature must be verified against the computed hash and the certificate examined to ensure only updates signed by the specific manufacturer is allowed.
An in-depth signature verification will also validate the certificate authority which signed code signing certificate is on a trusted white list. Certificate authorities have failed in the past and (Read more...)
This is a Security Bloggers Network syndicated blog post authored by Jeffrey Tang. Read the original post at: Cylance Blog