[iot-wg] "The Internet of Threats: Fighting FUD with MUD"

Dear Töma,

first of all a great thanks for your talk on RIPE 77 - nice to see we 
have the same favourite band ;)

> Previously on topic: we've agreed (haven't we?) that MUD is not
> currently targeting industrial IoT and connected health. So, smart
> homes.
> 
> (By the way, it is more proper to directly specify the issue you're
> handling before proposing a solution. As MUD doesn't solve the
> security problem of IoT in general, let's then call it a solution for
> smart homes, but not a solution for IoT.)
> 
> The issue with smart homes, wearables etc. is that a contemporary
> commodity IoT device is not connected to the Internet in order to
> really provide a service to the customer. Instead, it collects,
> processes and sends data and telemetry which is precious for its
> vendor, which said vendor would then be able to sell.
> 
> - https://www.theverge.com/2017/7/24/16021610/irobot-roomba-homa-map-data-sale <https://www.theverge.com/2017/7/24/16021610/irobot-roomba-homa-map-data-sale>
> - https://www.warc.com/newsandopinion/news/general_motors_generates_new_radio_advertising_insights/41073 <https://www.warc.com/newsandopinion/news/general_motors_generates_new_radio_advertising_insights/41073>
> - et cetera.
> 
> Expecting a vendor to cut their own cables themselves is a strange
> move, isn't it. Hence, "default policy is no access" stuff isn't just
> going to fly.

The question here to me seems what we want to achieve. I’m totally on
your page in terms of data collection and privacy. But that’s to a large part
the end users choice - even if I have to admit most of them simply don’t care, 
just look at the amount of data people share via facebook: Happy social
engineering!

My concern is more the integrity of the network infrastructure and how to
reduce the impact of hacked IoT devices used by DDOS attacks.

MUD files can help to identify what’s a devices purpose and monitoring if
the device is doing what it’s supposed to do. I agree that we should not
have much hope that the device makers will do their job but I’m sure a
community fueld MUD proxy could play a role here.

> d) Also, if said data is worth selling, setting up a firewall won't
> help because an IoT device will then use whatever radio technology
> built-in to connect to the Internet without your nice firewall. The
> only outcome would be an increased manufacturing cost because of
> additional radio module (and yes, it's the customer who's gonna pay
> for this). Sorry guys. Nothing personal, it's just business.
> 
> e) You cannot possibly set a firewall between the Internet and
> wearables, SmartTV, cars, etc.

That’s totally true in terms of privacy and data mining, but here - as said -
it’s the customer’s choice (given all the cons we all know). In therms of
preventing IoT devices being abused for DDOS firewalling can help. 

What’s not been adressed so far is the fact that a hacked IoT device could
be used to hack other IoT device in an end user’s network. That can not 
be prevented by firewalling in most cases but there are a few things that
can be done (separate network segments for differnet IoT device classes, 
isolation for wirelessly connected devices, UPnP control etc.).

The SPIN project 

	https://www.sidnlabs.nl/a/weblog/spin-a-user-centric-security-extension-for-in-home-networks <https://www.sidnlabs.nl/a/weblog/spin-a-user-centric-security-extension-for-in-home-networks>

and the activities of the IETF home network working group presented in 
Michael’s talk on Thursday follow similar approaches and I think we should 
work into that direction.

Regards,
Peter

Peter Steinhäuser, CEO
embeDD GmbH · Alter Postplatz 2 · 6370 Stans · Switzerland
Phone: +41 (41) 784 95 85 · Fax: +41 (41) 784 95 64
 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/iot-wg/attachments/20181021/5a9e2dc5/attachment.html>