On Thursday, February 11, 2016 7:15 AM, Stephen Farrell wrote: > On 11/02/16 15:02, Russ Housley wrote: > > http://www.theguardian.com/technology/2016/feb/09/internet-of-things-s > > mart-home-devices-government-surveillance-james- clapper?CMP=share_btn_fb > > > > > Yeah, that's a shocker eh;-(
Many of the appliances are designed to "report to the cloud," and have a business model based on the "big data" that they acquire. If we design appliances like that, it will be hard to keep "big brother" away. > FYI, I did try to argue for defining a padding scheme in the COSE wg [1] but > nobody else seems to care, so at present, I think they won't define a > mechanism. > > Padding of course isn't anywhere near sufficient but if we don't add such > mechanisms to our protocols, then ISTM that we're making that kind of > tracking easier. > > More broadly, if someone has expertise in this space, and would like to do a > presentation at a saag session at an IETF meeting, I think that'd be good. > Contact Kathleen and I if so. Sure, encrypting the communications between the appliances and the cloud cannot hurt. But we should also look at standardization, so that appliances can communicate directly, or so that people could easily switch the "appliance monitoring" services. In the absence of such standards, we get lots of info concentrated in few places, which becomes of course a target for all kind of spying. -- Christian Huitema _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
