Archives For Internet of Things

The offending PCA serial cable linking the comms module to the motherboard (Image source: Billy Rios)

Hannibal ante portas!

A recent article in Wired discloses how hospital drug pumps can be hacked and the firmware controlling them modified at will. Although in theory the comms module and motherboard should be separated by an air gap, in practice there’s a serial link cunningly installed to allow firmware to be updated via the interwebz.

As the Romans found, once you’ve built a road that a legion can march down it’s entirely possible for Hannibal and his elephants to march right up it. Thus proving once again, if proof be needed, that there’s nothing really new under the sun. In a similar vein we probably won’t see any real reform in this area until someone is actually killed or injured.

This has been another Internet of Things moment of zen.

20140122-072236.jpg

A report from Beecham research on challenges in securing the IoT, my favourite quote from the press release, “Security in the Internet of Things is significantly more complex than many system designers have previously experienced...”.

I’ll be interested to see whether they put the finger on Postel’s robustness principle (RFC 793) as one of the root causes of our current internet security woes or the necessity to starve the Turing beast.

The recent Cisco Internet of Things (IoT) grand security challenge is a tacit recognition that the current security problems of the connected world may not be sustainable when scaled to well, to everything. Last year of course there was the well publicized security flaws of Belkin’s WeMo, and the subsequent response is a poster child for what we can expect as the Internet of Things (IoT) turbocharges the the second great crisis of computing, i.e security.

Continue Reading…