Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

[STDS-802-11] Bruce Schneier: Regulating the Internet of Things



--- This message came from the IEEE 802.11 Working Group Reflector ---

Article http://nymag.com/selectall/2017/01/the-internet-of-things-dangerous-future-bruce-schneier.html

Regulating the Internet of Things

https://www.rsaconference.com/videos/regulating-the-internet-of-things

https://youtu.be/b05ksqy9F7k


IoT security will change our industry, because failure will affect the world in a direct physical manner. Schneier discusses how.

Speaker

Bruce Schneier CTO IBM Resilient and Special Advisor to IBM Security, IBM Resilient

Regulating the Internet of Things

Bruce Schneier at RSA

https://www.rsaconference.com/videos/regulating-the-internet-of-things


Security is not composible, take two secure systems and together, the result is not necessarily secure

The class break happens when the whole class of things becomes vulnerable

There are collective action problems the market cannot solve


Truisms:

Most software is poorly written and insecure – written fast and cheap

The extensibility of computerized systems means everything can be used against us

The complexity of computerized systems results in new insecurities

There are new vulnerabilities in the interconnections

Computers and networks are vulnerable in different ways


19 IOT guideline docs on Bruce's blog early February https://www.schneier.com/


Paradigm A – get it right the first time (planes) [ex ante (before the fact)]

Paradigm B – make sure security is agile, fix it fast [ex poste (fines for insecurity)]

in the middle – labels, consumer reports


Cost of failure vs cost of fix; security vs safety


law and technology have to work together – law can subvert technology, technology can subvert law


-- 
Peter Ecclesine
"Time doesn't fool around"  "Without Prejudice" U.C.C. 1-308



Avast logo

This email has been checked for viruses by Avast antivirus software.
www.avast.com


_______________________________________________________________________________

If you wish to be removed from this reflector, do not send your request to this reflector - it will have no effect.

Instead, go to http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11 and then press the LEAVE button.

If there is no LEAVE button here, try http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-RO.

Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html _______________________________________________________________________________