This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[iot-wg] "The Internet of Threats: Fighting FUD with MUD"
- Previous message (by thread): [iot-wg] "The Internet of Threats: Fighting FUD with MUD"
- Next message (by thread): [iot-wg] "The Internet of Threats: Fighting FUD with MUD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Peter Steinhäuser
ps at embedd.com
Tue Oct 23 09:22:04 CEST 2018
> Am 22.10.2018 um 23:38 schrieb Michael Richardson <mcr at sandelman.ca>: > > The SHG crew are looking towards some kind of crowd-sourced service where > people collaborate to improve MUD files. It would be as simple as a github > repo on which people can send pull requests, but the curration activitiy > would require too much human resources in such a simple situation. In > particular, we'd want a MUD-diff program that presented the changes in a much > easier to understand format. With voting up/down... so think > stackexchange.com/serverfault/uservoice/etc. instead. having currated MUD files would make a lot of sense, indeed > >> Another concern is how far CPE/home gateway manufacturers would adopt >> related technical proposals. So far most firmwares are based upon >> chipset maker’s SDKs that serve the purpose of selling chipsets instead >> of providing reliable and secure solutions. The lastest FCC and ETSI >> rulings (=> RED discussion) did also not make it easier to provide >> alternative firmware solutions (i.e. OpenWRT), let’s see how the RED >> ruling goes. > > I'd say a lot depends upon whether or not ISPs will put out an RFP > that asks for an IoT firewall based upon MUD in future products. > Maybe some one here would like to test the waters with an RFI. What I’ve seen with ISPs is that - unfortunately - they are mostly concerned about cost. We had several cases where ISPs chose inferior solutions which cost them more money in the long run. But somebody in the purchase department got a raise. As long as the ISPs do not understand the cost that can result from hacked IoT devices I doubt will ask for something that doesn’t bring them additional revenue. Another issue are the ODMs. The software development here is rarely focused on longevity - it’s important to get the products out of the doors with minimum effort. So even if an ISP is requiring an IoT firewall they will build something that works somehow. Maybe providing an OpenWRT package as reference might help...
- Previous message (by thread): [iot-wg] "The Internet of Threats: Fighting FUD with MUD"
- Next message (by thread): [iot-wg] "The Internet of Threats: Fighting FUD with MUD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ iot-wg Archives ]