internetofthings

Securing the International IoT Supply Chain

| | academicpapers, Cybersecurity, hardware, internetofthings, securitypolicies, supplychain
Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: ...
Schneier on Security

Analyzing IoT Security Best Practices

| | academicpapers, internetofthings, nationalsecuritypolicy, securityengineering
New research: "Best Practices for IoT Security: What Does That Even Mean?" by Christopher Bellman and Paul C. van Oorschot: Abstract: Best practices for Internet of Things (IoT) security have recently attracted ...
Schneier on Security

Security in 2020: Revisited

| | cloudcomputing, consumerization, historyofsecurity, internetofthings
Ten years ago, I wrote an essay: "Security in 2020." Well, it's finally 2020. I think I did pretty well. Here's what I said back then: There's really no such thing as ...
Schneier on Security

Lousy IoT Security

| | internetofthings, securityengineering
DTEN makes smart screens and whiteboards for videoconferencing systems. Forescout found that their security is terrible: In total, our researchers discovered five vulnerabilities of four different kinds: Data exposure: PDF files of ...
Schneier on Security

Measuring the Security of IoT Devices

| | computersecurity, Cybersecurity, internetofthings
In August, CyberITL completed a large-scale survey of software security practices in the IoT environment, by looking at the compiled software. Data Collected: 22 Vendors 1,294 Products 4,956 Firmware versions 3,333,411 Binaries ...
Schneier on Security

Zipcar Disruption

| | cars, internetofthings
This isn't a security story, but it easily could have been. Last Saturday, Zipcar had a system outage: "an outage experienced by a third party telecommunications vendor disrupted connections between the company's ...
Schneier on Security

The Latest in Creepy Spyware

| | airtravel, alarms, google, internetofthings, Privacy, spyware, surveillance
The Nest home alarm system shipped with a secret microphone, which -- according to the company -- was only an accidental secret: On Tuesday, a Google spokesperson told Business Insider the company ...
Schneier on Security

Security Flaws in Children’s Smart Watches

| | GPS, internetofthings, securityengineering, tracking
A year ago, the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also ...
Schneier on Security

Japanese Government Will Hack Citizens’ IoT Devices

| | backdoors, botnets, Exploits, firmware, Hacking, internetofthings, Japan, passwords, Vulnerabilities
The Japanese government is going to run penetration tests against all the IoT devices in their country, in an effort to (1) figure out what's insecure, and (2) help consumers secure them: ...
Schneier on Security

Consumer Reports Reviews Wireless Home-Security Cameras

| | cameras, internetofthings, securityengineering
Consumer Reports is starting to evaluate the security of IoT devices. As part of that, it's reviewing wireless home-security cameras. It found significant security vulnerabilities in D-Link cameras: In contrast, D-Link doesn't ...
Schneier on Security
Load more