This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[iot-wg] "The Internet of Threats: Fighting FUD with MUD"
- Previous message (by thread): [iot-wg] "The Internet of Threats: Fighting FUD with MUD"
- Next message (by thread): [iot-wg] "The Internet of Threats: Fighting FUD with MUD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Peter Steinhäuser
ps at embedd.com
Mon Oct 22 15:50:56 CEST 2018
> I was talking to Cristian at lunch also about integrating SPIN, so yes, detecting and quarantining infected IoT device is important, but the big question is what do we do with the infected device. Basically using the same quarantining used for new devices would be sufficient: a) drop all connections to the „outside" b) if the device is connected wirelessly isolate it at AP level c) inform the end user and recommend to remove it from the network (?) I don’t know in detail how you implemented the quarantining, are there any papers about it? >> -----Original Message----- >> From: Peter Steinhäuser <ps at embedd.com> >> Sent: October 22, 2018 1:51 PM >> To: Jacques Latour <Jacques.Latour at cira.ca> >> Cc: Jelte Jansen <ripe at tjeb.nl>; Jim Reid <jim at rfc1035.com>; RIPE IoT WG List >> <iot-wg at ripe.net> >> Subject: Re: [iot-wg] "The Internet of Threats: Fighting FUD with MUD" >> >> Unfortunately MUD does not solve the possibility of corrupted/hacked update >> servers. This is a highly likely attack type we will see in the future. >> >> I highly appreciate your approach of detecting behaviour pattern changes of >> devices, it could help reducing the effects of hacked devices as well as from >> corrupted firmware updates. >> >> I also think a collaboration with the SPIN project would be really beneficial, they >> work on similar concepts and solutions and can contribute a lot. >> >>> Yes, we just talked about this at lunch, MUD would be useful to lockdown your >> smart TV to netflix and youtube only + vendor firmware update. >>> >>> >>>> -----Original Message----- >>>> From: Peter Steinhäuser <ps at embedd.com> >>>> Sent: October 22, 2018 10:02 AM >>>> To: Jacques Latour <Jacques.Latour at cira.ca> >>>> Cc: Jelte Jansen <ripe at tjeb.nl>; Jim Reid <jim at rfc1035.com>; RIPE IoT >>>> WG List <iot-wg at ripe.net> >>>> Subject: Re: [iot-wg] "The Internet of Threats: Fighting FUD with MUD" >>>> >>>> Hi Jacques, >>>> >>>>> I just joined this group. Today's and tomorrow's smart television >>>>> are more a >>>> full blown computer with screen and keyboard, and it difficult to pin >>>> down exactly what the device should be doing in a MUD profile. It's >>>> not a real IoT device. >>>> >>>> nevertheless a MUD file could be used to describe service classes of >>>> a TV, like „TV Streaming“, „Social Media“ etc. to give the end user >>>> simple choices and at least some control about what the device should be >> allowed to do. >>>> >>>> Regards, >>>> Peter Peter Steinhäuser, CEO embeDD GmbH · Alter Postplatz 2 · 6370 Stans · Switzerland Phone: +41 (41) 784 95 85 · Fax: +41 (41) 784 95 64 -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/iot-wg/attachments/20181022/b3216f41/attachment.html>
- Previous message (by thread): [iot-wg] "The Internet of Threats: Fighting FUD with MUD"
- Next message (by thread): [iot-wg] "The Internet of Threats: Fighting FUD with MUD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ iot-wg Archives ]