[AusNOG] What are we going to do about IoT (in)security?

Jonathan Brewer jon.brewer at gmail.com
Mon Jun 12 20:10:48 EST 2017


Hi Mark,

I think you (and many others on the list) are conflating IP connected
devices and the IoT, which is a mistake. Sure there's market-speak out
there that calls IP connected (especially Wi-Fi connected) devices "IoT".

When you talk about durable goods, what appliance manufacturer really wants
to field support calls because someone's home Wi-Fi isn't working, if they
can spend $5 per year for an IoT SIM to avoid that swamp. And think about
(increasingly connected) cars. Can you imagine a car manufacturer wanting
to think about residential gateways? I hope not - they would fail. They're
all using cellular networks already. Airplane engines? Satellite networks.
Smart meters? Anything *but* Wi-Fi.

*If you take anything away from this, please let it be: The IoT revolution
will not be Wi-Fi enabled.*

1.) Narrow-band IoT (nbIoT), the cellular operator's answer to GPRS (an
evolution of the Weightless protocol), is inherently secure. I know, I read
the Weightless spec years ago and they did it right. PKI all over the
place. nbIoT is already running on many cellular base stations around the
world now, and I expect within two years every major cellular carrier in
the world will be running nbIoT in sub-GHz spectrum alongside their 3g/4g
services. They'll do this without adding new hardware anywhere on their
network - it's just a software load & it will replace a GSM or GPRS carrier
padding out their 3g services now.

2.) LTE-MTC, the cellular operator's answer to machines that are currently
connected via 3G, is inherently secure. It's LTE. Let me know when someone
compromises LTE (without taking advantage of a fallback attack). It won't
be soon.

3.) SigFox, an international IoT network running in the ISM space that's
meant to replace automated meter reading, is inherently secure.
(authentication, integrity, encryption, anti-replay, anti-jamming, etc,
etc.)

4.) LoRaWAN, in my eyes the "Wi-Fi" of IoT networks (as you don't need to
be a carrier to deploy), is inherently secure. It's got everything that
SigFox has and more. I operate a LoRaWAN network covering most New
Zealanders. All the features you see in SigFox are there, plus mandatory
application-level encryption. As a network operator I cannot ever see a
customer/end user data payload. It's not possible. This isn't my choice,
it's how LoRaWAN works.

Sure there are plenty of people out there hacking stuff together with
Wi-Fi. Plenty of Kickstarters, plenty of press. It's an echo chamber. If
you're still backing Kickstarters you don't know who the patsy is.

*The IoT revolution will not be Wi-Fi enabled. *Best thing you can do is
understand the options & steer your customers & peers in the right
direction.

-JB




On 12 June 2017 at 12:31, Mark Delany <g2x at juliet.emu.st> wrote:

> It seems that this is a disaster just waiting to happen.
>
> If network appliance companies can't get security right, the chances of
> white-goods manufacturers doing so has got to be even less likely. E.g.,
> the
> latest model of my electric toothbrush has bluetooth connectivity so
> Internet access is surely just a step away. Does a toothbrush manufacturer
> attract top-notch security programmers (yet alone think they need them)? I
> doubt it.
>
> A natural choke point is the residential router/modem. Has any work been
> done to define the capabilities or profile of such a choke point that might
> inherently protect IOT devices?
>
> Without thinking too hard, I envision a residential router might create a
> number of local networks that are constrained in certain ways such as no
> inbound connections, no outbound connections, no cross-device connections,
> filtered list of external destinations, that sort of thing.
>
> Such constraints might be implemented as separate VLANs or wifi networks or
> both, managed in a user-friendly manner. Something that most modern
> residential routers could implement today.
>
> When a new device is added to the network, the router portal could be used
> to allow it access and place it in the appropriate VLAN. Address-space
> management might also work - such as link-local address allocation. Heck,
> an
> IoT device might identify itself in some way and the router could
> automatically spin up the appropriate VLAN and firewall rules without any
> human intervention.
>
>
> Beyond constraints, there are also service needs. My new AV receiver likes
> to contact their manufacturer's HQ for an NTP service. That could readily
> be
> offered locally rather than opening up wider access. One imagines some sort
> of local service discovery might work here, such as Bonjour. Again
> something
> that most modern routers could implement today with ease.
>
> Serendipitously, NBNCo has a list of approved VDSL modems. One wonders
> whether that could be extended to a list of modems that support an IoT
> security profile?
>
> Sorry about the ramble, but improving IoT security seems like a
> multi-faceted problem that we can't afford to ignore. Does anyone disagree?
>
>
> Mark.
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170612/d4e8d8c7/attachment.html>


More information about the AusNOG mailing list