LOS ANGELES — The security perils inherent in Internet of Things (IoT) devices are painfully obvious at this point in 2017, but why are there so many security issues? At a session during the Open Source Summit here Marti Bolivar, senior software engineer at Linaro detailed what he described as "anti-patterns" that ultimately lead to negative security outcomes.
Bolivar started his session by defining what security in IoT is really all about, by pulling a quote from security engineer Ross Anderson.
"By securing, I mean: “building systems to remain dependable in the face of malice, error, or mischance," Bolivar said.
Do Nothing
The anti-patterns are things that are done by engineering teams for different reasons including timing, cost and lack of knowledge. The first anti-pattern in IoT security detailed by Bolivar is to do nothing.
"This approach just accepts every risk, so it’s not very good at mitigating them" he said.
Do It Yourself
Another anti-pattern is the so-called security by obscurity approach which is what do it yourself models of security engineering often employ In that model, developers hope that their insecurity is hidden and will not be discovered.
Simon Says Security
The Simon Says approach to security is a truism such that because someone important says the system is secure, than it must be so.
Just Add Crypto
A popular anti-pattern is for developer to use cryptography and encryption to secure data or communications. Simply by having crypto the system is assumed to be more secure. Bolivar said that Crypto may be duct tape, but it isn’t magic and can often be misconfigured. Additionally there are lots of worrisome vulnerabilities in crypto itself as well.
Security Grab Bag
When the system is secure because it uses many security technologies. Simply by using multiple security technologies doesn't make a system more secure, often it does the opposite.
Aim for Perfection
When you try to build the perfect system. Bolivar said this model doesn't work because the perfect system never ships.
Release and Forget
With release and forget, all vulnerabilities become unfixable. Bolivar said This can happen because your company is in a commodity market and faces tight margins, because it’s a new startup or otherwise doesn’t know any better.
Kill the Messenger
When the system is secure because you’ll sue anyone who says otherwise. Instead of being open to security researchers, this model aims to shut them down through legal threats.
So what are the positive patterns for IoT security? Bolivar offers a few somewhat obvious steps:
- Don’t connect or collect unless you need to
- Iteratively build and use threat models
- Use your existing workflows to threat model
- Manage customer and community relationships
- Be ready for when problems arise
Overall, Bolivar emphasized the developers should keep the anti-patterns in mind a be sure to avoid them.
"Keep researching vulnerabilities, both in your market segment and elsewhere and apply what you learn," he said.
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.
JOIN THE DISCUSSION
Loading Comments...