And why would I (as an intel analyst) care about getting data directly off a bunch of behind-the-firewall devices when I can just compromise the link between the IoT startup and their cloud providers to get *all* the data conveniently packaged and preanalyzed?
On perimeters: I agree, but there's still a lot of scope for reducing the exposure of devices with, shall we say, a relaxed approach to software engineering, operational security, and security vulnerability testing and management. The MUD approach (draft-lear-mud-framework) seems promising for helping to shore up the perimeter of home and enterprise frameworks, but the fact that that needs shoring up is more an implementation-level failure than an "IoT architectural" one. The architectural failure in a world where we care about mass surveillance of civilians is the centralization-eases-monetization pattern, which is the entire thing driving IoT through the hype cycle in the first place. Cheers, Brian > On 12 Feb 2016, at 10:01, Robin Wilton <[email protected]> wrote: > > True... but as I say, a large proportion of those devices will generate data > which comes out from behind the firewall and therefore becomes accessible. > Businesses based on the monetization of personal data stand to gain from IoT > because it represents a massive increase in the generation of their 'raw > material'; but to be useful, that raw material has to get to them and be > mined. > > R > > Robin Wilton > > Technical Outreach Director - Identity and Privacy > > On 12 Feb 2016, at 03:54, "[email protected]" <[email protected]> wrote: > >>> Yup - so much for the dire warnings about the Internet "going dark"... >> >> The IoT will be why the percentage of the network that is dark, >> that is to say unreachable, will approach 99%. They will get their >> addresses from DHCP4/6 and will be behind a firewall that will >> prevent inbound connections by default. The default-routable >> customer network is history. >> >> And if that turns out to not be the case, the world will then truly >> be the traffic analyst's oyster. >> >> --dan >> > > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
