[iot-wg] "The Internet of Threats: Fighting FUD with MUD"

...and now bringing my question/suggestion to the mailing list.

Previously on topic: we've agreed (haven't we?) that MUD is not
currently targeting industrial IoT and connected health. So, smart
homes.

(By the way, it is more proper to directly specify the issue you're
handling before proposing a solution. As MUD doesn't solve the
security problem of IoT in general, let's then call it a solution for
smart homes, but not a solution for IoT.)

The issue with smart homes, wearables etc. is that a contemporary
commodity IoT device is not connected to the Internet in order to
really provide a service to the customer. Instead, it collects,
processes and sends data and telemetry which is precious for its
vendor, which said vendor would then be able to sell.

- https://www.theverge.com/2017/7/24/16021610/irobot-roomba-homa-map-data-sale
- https://www.warc.com/newsandopinion/news/general_motors_generates_new_radio_advertising_insights/41073
- et cetera.

Expecting a vendor to cut their own cables themselves is a strange
move, isn't it. Hence, "default policy is no access" stuff isn't just
going to fly.

And, setting a firewall will only slightly help because of countless reasons.

a) We have agreed today (haven't we?) that an IoT device needs to be
updated frequently, and probably via the Internet. Let's now phrase it
in a different way: we have agreed that an IoT device has a right to
connect to a server of its vendor and exchange encrypted data with
that server. Good luck telling updates from telemetry streaming then.

b) Given a), a vendor will have an 100% legitimate excuse for denying
you a service (i.e. remotely switching off a device, or more
precisely, *not switching it on*) if the device doesn't have an
Internet connectivity.

c) Moreover, if a data collected by roombas would be actually worth
selling, we can prophesize that ToSes for devices would start to
*include* that connectivity requirement. I.e. if you don't want to
share data with a vendor, then you must not buy this $9 vacuum cleaner
but should rather go for that $199 vacuum cleaner, because it costs
$150 to produce the device and for the former, the remaining $141 are
covered by selling the data you don't want to share now. I'd be
thrilled to see if anyone would be really going to spend additional
$190 for privacy and security.

d) Also, if said data is worth selling, setting up a firewall won't
help because an IoT device will then use whatever radio technology
built-in to connect to the Internet without your nice firewall. The
only outcome would be an increased manufacturing cost because of
additional radio module (and yes, it's the customer who's gonna pay
for this). Sorry guys. Nothing personal, it's just business.

e) You cannot possibly set a firewall between the Internet and
wearables, SmartTV, cars, etc.

...

I'm curious how does MUD address those concerns.

| Töma Gavrichenkov
| gpg: 2deb 97b1 0a3c 151d b67f 1ee5 00e7 94bc 4d08 9191
| mailto: ximaera at gmail.com
| fb: ximaera
| telegram: xima_era
| skype: xima_era
| tel. no: +7 916 515 49 58