SECTIONS - Caught in the Crossfire
April 20, 2017

Is Security IoT's Achilles Heel?


At IoT Evolution in Fort Lauderdale, Fla., Ken Briodagh and I took opposing views as to how bad the IoT security problem is. According to Ken, I lost, but since this is my column, I will offer an alternate truth.

Ken’s contention was that we have never as an industry hardened our devices as well as we should have, and that has left lots of vulnerabilities. My brother, James Ford of ADP, voiced this in response to a blog post this way.

“IoT seems to be built on 40-plus years of microprocessor and software prior art. It would be hard to create something truly Big Bang in my opinion, since everything has been incremental. The security posture appears to be a problem with living too far up the abstraction model and not understanding what is really going on at the kernel or micro code level. Too many developers are grateful their project compiled or loaded and do not profile or examine how it works. In the container space, there is a lot of talk about Least Privilege Model that tries to turn off everything that the container does not explicitly need. If IoT wants a Big Bang, it will need to move toward a least privilege model and spend the time to minimize the threat surface dragged along by living too far up the abstraction ladder. Standing on the shoulders of giants is great, building on top of ancient programming models with implicit trust models is not.”

His statement about containers is very appropriate because the layer of abstraction with SDN and NFV changes the fundamentals of the internet (and whatever we rename the public switched telephone network).

It is my contention that as the industry moves all the traffic up to the session layer, the network has a chance to cure a lot of ills from the past. Perhaps it’s a matter of perspective. If you see the world like a consumer, technology gets swapped out relatively quickly. As a recovering Bell head, I am aware that telecom technology and law stay in place for decades.

However, the core of the network is often updated. So if I start from the core, I can isolate the problems at the edge. I recognize that neither side is perfect, but I feel my contention is more efficient. It also reflects the situation we are in today.

We are evolving. Everywhere I look I see paradigm shifts in communications. Mobile is becoming data centric and virtual, POTS service is being phased out, and China is taking over.

A friend who owns a major manufacturer shared his concern that China has become a dominant player worldwide and is choking innovation. If you make a presentation to a major carrier and you leave your deck behind, you can assume that if the Chinese see it they will offer some things for free.

So our security breach may be at Layer 10 more than at Layers 1, 2, and 3. If I had President Trump’s ear, I would advocate for a security standard that works like Intel Inside, and I would invoke a tariff on the hardware side. On the network side, I would admit the PSTN is dead and force a retool as we did for HDTV.

On the patent side, I would support a stronger arbitration system and better protections for the entrepreneurs. Particularly on patents issued that don’t get deployed immediately or the parent company dies, I might want to rethink how they can support the public good.

It’s not my nature to be this protectionist, but it is clear we are living in interesting times. Peter Zeihan points out that we are headed to a post-Bretton Woods world in which America first will have large implications. It is my contention that the world is rapidly becoming China first technologically, while we are building physical walls.

And that is our Achilles heel!




Edited by Ken Briodagh


Back to Homepage
Comments powered by Disqus

MORE ARTICLES



MEET THE EDITORIAL TEAM

Rich Tehrani
CEO, TMC
Since 1982 Rich has led TMC © in many capacities. Rich Tehrani is an IP Communications industry expert, visionary, author and columnist. He founded INTERNET TELEPHONY ™ magazine... READ MORE

Paula Bernier
Executive Editor, TMC
Paula Bernier is Executive Editor at TMC where she writes, edits and manages editorial content for INTERNET TELEPHONY, M2M Evolution, and CUSTOMER magazines... READ MORE

Carl Ford
Partner and Community Developer, Crossfire Media
Today as a partner at Crossfire Media, Carl is developing programs that bring to light an understanding of the issues required for delivering broadband wireless Internet... READ MORE

Erik Linask
Group Editorial Director, TMC
Erik oversees the editorial content and direction for all of TMC. Erik has contributed literally thousands of features during his 5-year tenure, with a focus... READ MORE