Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

[STDS-802-11] Bruce Schneier: Regulating the Internet of Things

--- This message came from the IEEE 802.11 Working Group Reflector ---

Regulating the Internet of Things

IoT security will change our industry, because failure will affect the world in a direct physical manner. Schneier discusses how.

Bruce Schneier at RSA

Security is not composible, take two secure systems and together, the result is not necessarily secure

The class break happens when the whole class of things becomes vulnerable

There are collective action problems the market cannot solve

Truisms:

Most software is poorly written and insecure – written fast and cheap

The extensibility of computerized systems means everything can be used against us

The complexity of computerized systems results in new insecurities

There are new vulnerabilities in the interconnections

Computers and networks are vulnerable in different ways

19 IOT guideline docs on Bruce's blog early February https://www.schneier.com/

Paradigm A – get it right the first time (planes) [ex ante (before the fact)]

Paradigm B – make sure security is agile, fix it fast [ex poste (fines for insecurity)]

in the middle – labels, consumer reports

Cost of failure vs cost of fix; security vs safety

law and technology have to work together – law can subvert technology, technology can subvert law

-- 
Peter Ecclesine
"Time doesn't fool around"  "Without Prejudice" U.C.C. 1-308

This email has been checked for viruses by Avast antivirus software.
www.avast.com

_______________________________________________________________________________

If you wish to be removed from this reflector, do not send your request to this reflector - it will have no effect.

Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html _______________________________________________________________________________