On 11/03/2016 15:22, Eliot Lear wrote:
On 3/9/16 6:41 PM, Livingood, Jason wrote:
Sure, WiFi security is an issue for IoT. But there are probably much more
fundamental IoT security issues. IMHO I think one of the largest is the
lack of a secure & automatic (no end user interaction) software update
channel.
Even if it's there day 0, it won't be there at some point. And the
device will be.
Eliot
A conventional s/w update channel is only appropriate for some devices.
For very cheap sealed devices, the update channel is via the garbage can.
For devices that only offer one way (outbound) communications the
update channel is via physical access.
For devices that only offer one way (inbound) communications the
update channel could be over the communications channel (STB's
do this today) but will be very much resource (device and
communications channel) constrained.
- Stewart