Secure IoTs? Depends on what you mean by that. Standards like Z-Wave and Zigbee are already somewhat safer from remote tampering than WiFi-enabled devices since they operate on their own network. Hacking into them remotely or making them send data to a 3rd party involves hacking the central controller (if that controller even is connected to the Internet, though it often is). Certainly possible but it's a considerable extra hurdle. The networks themselves are fairly easy to hack, though the new version
Zigbee is old and crusty, the newest version is just strange and bloated and no one has really adopted it. It may die off except that big companies keep demanding Zigbee as a check-off box. The standards of this are new and evolving, and security isn't always there but the device makers are adding it anyway (and if you insist on alliance led standards for security then you'll get crap like WPA as a result when a manufacturer might actually have something better).
Big problem is with the dumb IoT, devices that you really don't need but which want to be on the network and in the cloud. Thermostats and baby cams and such. But tell the Gen Z couple that they want a secure VPN to connect to their baby cam and their eyes will glaze over, since they just want an app on their phone. The makers in this fad market are hoping to monetize all that data in the cloud so that they can finally go IPO and retire before they turn 30.
We really need to split up IoT into categories. After all any device or computer that is addressable on the internet is a part of the IoT, and some people even consider point-to-point bluetooth links to your phone to be IoT just so they can jump on that buzzword. IoT for home automation and baby monitors should not be in the same category as IoT devices for utility infrastructure or scientific data collection.
Too late (Score:5, Insightful)
The convenience is worth the risk. The dumb-ass majority has spoken.
Re: (Score:5, Insightful)
Fair point. But did they have any other options?
Are there secure IoTs?
Maybe, just maybe, the developers/manufacturers are at some fault.
Re: (Score:2)
Re:Too late (Score:2)
Zigbee is old and crusty, the newest version is just strange and bloated and no one has really adopted it. It may die off except that big companies keep demanding Zigbee as a check-off box. The standards of this are new and evolving, and security isn't always there but the device makers are adding it anyway (and if you insist on alliance led standards for security then you'll get crap like WPA as a result when a manufacturer might actually have something better).
Big problem is with the dumb IoT, devices that you really don't need but which want to be on the network and in the cloud. Thermostats and baby cams and such. But tell the Gen Z couple that they want a secure VPN to connect to their baby cam and their eyes will glaze over, since they just want an app on their phone. The makers in this fad market are hoping to monetize all that data in the cloud so that they can finally go IPO and retire before they turn 30.
We really need to split up IoT into categories. After all any device or computer that is addressable on the internet is a part of the IoT, and some people even consider point-to-point bluetooth links to your phone to be IoT just so they can jump on that buzzword. IoT for home automation and baby monitors should not be in the same category as IoT devices for utility infrastructure or scientific data collection.