{"id":34,"date":"2016-10-06T22:30:57","date_gmt":"2016-10-06T22:30:57","guid":{"rendered":"https:\/\/www.jasonsblog.place\/?p=34"},"modified":"2016-10-07T23:14:27","modified_gmt":"2016-10-07T23:14:27","slug":"the-problems-with-the-internet-of-things","status":"publish","type":"post","link":"https:\/\/www.jasonsblog.place\/index.php\/2016\/10\/06\/the-problems-with-the-internet-of-things\/","title":{"rendered":"The Problems With the Internet of Things"},"content":{"rendered":"

As more and more Internet of Things (IoT) devices are bought and set up, there is a growing concern for what they can do, in addition to their normal purpose.\u00a0 The security researcher, Brian Krebs, had his website brought down by a Distributed Denial of Service<\/a> (DDoS) attack.\u00a0 The company who formerly hosted Krebs and his security, Akamai, said that the attack was brought on by hundreds of hacked IoT devices (he has since started using Google’s protective services).\u00a0 This didn’t use reflection or replication attacks, either; it used traditional methods of denial of service, by flooding his site for requests.\u00a0 Akamai says that this is the largest DDoS they have ever seen.\u00a0 This brings me to the question: how can we prevent and\/or mitigate these sort of attacks?<\/p>\n

This attack was brought on mainly by unsecured, un-maintained IoT devices.\u00a0 More recently, these devices have been manufactured, released, and not updated.\u00a0 The average consumer of these IoT devices know that the features of the device make it such that one can easily control it from afar, often times with one’s mobile phone.\u00a0 What they do not realize is that hackers can also break into these devices and use them, too.\u00a0 Often, the manufacturer will throw in a free OS (such as GNU\/Linux), add on their thin, proprietary layer, and sell it.\u00a0 They do not realize the problem they are creating, as exemplified in the attack on Krebs’ website.<\/p>\n

It is true that there is a cost to updating and maintaining these devices.\u00a0 Which company wants to have a costly developer staff just to update the software on their line of light bulbs?\u00a0 Then again, which company wants to be known for the product which aided in bringing down Google’s servers?\u00a0 Either way, there’s going to have to be a way for these devices to get updated.<\/p>\n

Usually what a user will find on these IoT devices is an embedded OS like GNU\/Linux.\u00a0 So why not develop a distribution that utilizes open standards and receives regular update?\u00a0 Similar to Android, yet with stricter guidelines.\u00a0 A company could, for instance, set up a distribution with safety, compatibility, and interoperability in mind.\u00a0 They could work with the IoT device manufacturers in making products that work together, and can be updated regularly.\u00a0 Though let’s not just talk about the manufacturers; the consumer also has a responsibility, too.\u00a0 (It’s worth noting that there is an embedded GNU\/Linux distribution<\/a> that can be easily built and configured for IoT devices.)<\/p>\n

The average consumer of IoT devices will have to learn about the extended benefits of these IoT devices, and they must realize that they come with a much greater risk.\u00a0 Indeed, one cannot put a simple toaster in the same category as a light bulb which one can control with a mobile phone.\u00a0 They must be made aware that an attacker can take control of their IoT devices and used for malicious purposes.\u00a0 This doesn’t mean that they need to be scared into acting, though, because actions made in fear are, often times, poor choices.\u00a0 They should be informed that it’s possible for this to occur, and that there are forces in place which are trying to counter these attacks.<\/p>\n

Going forward, companies that make IoT devices, and consumers of IoT devices, must be more safety conscious, for there are malicious forces in the world who are ready and able to make use of these devices for their own nefarious purposes.<\/p>\n","protected":false},"excerpt":{"rendered":"

As more and more Internet of Things (IoT) devices are bought and set up, there is a growing concern for what they can do, in addition to their normal purpose.\u00a0 The security researcher, Brian Krebs, had his website brought down by a Distributed Denial of Service (DDoS) attack.\u00a0 The company who formerly hosted Krebs and […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[22,20,18,21,19],"class_list":["post-34","post","type-post","status-publish","format-standard","hentry","category-information-technology","tag-ddos","tag-distributed-denial-of-service","tag-internet-of-things","tag-iot","tag-krebs"],"_links":{"self":[{"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/posts\/34","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/comments?post=34"}],"version-history":[{"count":5,"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/posts\/34\/revisions"}],"predecessor-version":[{"id":39,"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/posts\/34\/revisions\/39"}],"wp:attachment":[{"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/media?parent=34"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/categories?post=34"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jasonsblog.place\/index.php\/wp-json\/wp\/v2\/tags?post=34"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}