EPIC Asks Congress To Secure The Internet Of Things

Status
Not open for further replies.

firefoxx04

Distinguished
Jan 23, 2009
1,371
1
19,660
Why would you ask congress to do that :epic fail:. Sure they will try, while also slipping in a bunch of BS into their proposed laws and arguing non-stop, getting NOTHING done.
 

Slatteew

Honorable
Nov 27, 2013
45
0
10,530
While I agree security is necessary, I don't agree with asking Senators to legislate and create "regulations" on products. I don't agree with most regulations. Government over reach and crony capitalism. If consumers want security, people will make it. If they don't bad things can happen, but then people will stop buying those products.
 

jdlech

Honorable
May 31, 2016
168
1
10,715
Kinda like asking the NSA to help secure your networks. Sure they will, but they'll leave a few back doors for themselves (and for anyone else who finds them).
 

gigabob

Distinguished
Sep 7, 2009
11
0
18,520
Bruce Schneier has it right of it -

http://nymag.com/selectall/2017/01/the-internet-of-things-dangerous-future-bruce-schneier.html

But under a president whose command of facts is illusory, denies climate change and does not believe the Russians had any impact with their hacking, the probability of positive progress is poor. More likely we get stoopid intervention at the next crisis.

IoT is too big for industry to secure. As with every major technology impacting the public, Trains, Planes, Autos, Ships, Nukes, Finance..., a Government Agency using a consortium of the best and brightest to establish and review cyber-rules, regulations and enforcement protocols is needed. Ultimately an International body is needed.

IoT and the "network Everything" mentality that goes with it need to be altered in favor of a connectivity security hierarchy with access rules depending on device function. For example - in a hospital, patient infusion pumps, cardio stimulators, MRI's etc should be on closed local networks without internet access. These devices should report data and have local management that allows observation only from the outside - nothing should allow external input to alter functions. Today that is not the case. We need security to be constantly tested and challenged, and that again is not the case. Thus we have bad security and penalize those responsible for finding gaps instead of rewarding them. This all goes back to the days of manufacturing "ABC's", promulgated by Demming, but applied by the Japanese. They were so methodical that defects became so rare that when one surfaced it was cherished for what it told managers about process change priorities. If a positive path is not chosen, the World Wide Robot we are currently constructing will be realized and the potential for un-intended consequences such as hostile emergent properties, could be dire. And I am an optimist.
 
Status
Not open for further replies.