back to article Geofencing: The ultra-low power frontier for the Internet of Things

How are the next 10 billion devices going to connect to the internet of today, tomorrow? Having all of these gizmos talk to one another over your standard 2.4Ghz Wi-Fi is not going to happen, so how will all those gizmos connect to the wider internet, and how will we keep them all safe, happy and updated? The internet of …

  1. W Donelson
    Coffee/keyboard

    Internet of Lawnmowers ! WOOT !

    Internet of Lawnmowers ! WOOT !

    Internet of broken things! WOOT !

    1. Anonymous Coward
      Anonymous Coward

      Re: Internet of Lawnmowers ! WOOT !

      Internet of Suddenly Rich Orthopedic Reconstructive Surgeons! WOOT !

  2. Anonymous Coward
    Anonymous Coward

    " If I leave the stylus behind, the phone freaks out ..."

    Brilliant! We get to outsource our OCD now as well? :-)

    1. Dave W

      Re: " If I leave the stylus behind, the phone freaks out ..."

      Indeed, I await the dawn of smart cutlery, where a fork can scream for help if (heaven forbid) it should be placed in the knife section of the cutlery drawer.

      1. Jimmy2Cows Silver badge

        I await the dawn of smart cutlery, where a fork can scream for help if ...

        ...it's put next to the wrong piece of cutlery on the table. Never again will we have to suffer the insult the main course fork being placed on the outside of the appetiser fork. Thank our stars those days are finally behind us.

        1. Wzrd1

          Re: I await the dawn of smart cutlery, where a fork can scream for help if ...

          Mental note: Upon death, shovel coal upon the place in hell Emily Post sits.

  3. Anonymous Coward
    Anonymous Coward

    "I await the dawn of smart cutlery, where a fork can scream for help if [...]"

    ...it is not held in an approved etiquette manner.

  4. Anonymous Coward
    Anonymous Coward

    If I were a gambler I would bet that all these devices will connect to each other using a plain text identifier over said network meaning that with a little effort you could manipulate your neighbor's lawnmower to mow your lawn which is a very interesting use of the wonderful IoT.

    1. Bob Dunlop

      Lawn mowers

      Oh just leave your message or a logo cut in your neighbours lawn.

      1. Paul Crawford Silver badge

        Re: Lawn mowers & logo

        Same for unsecured 3D printers. Its all about the willy...

      2. Ole Juul

        Re: Lawn mowers

        Or manipulate them all to attack you neighbour in the night. Murder by IoT!

        1. Wzrd1

          Re: Lawn mowers

          Or, they begin communicating in an uncontrolled fashion and name the resulting gestalt "Skynet".

  5. Pascal Monett Silver badge

    Why does this stuff need to update ?

    IoT is about inserting Internet connectivity to stuff that we're already using for dubious purposes. I'll pass on the fact that, apart from Wifi, Blutooth or video (for which we already have dedicated hardware that works satisfactorily), nobody has found anything remotely compelling to put into a IoT thing.

    Now they state that updates are a requirement. I understand that security is something that every vendor would like to put at the top of the bullet list without paying a dime for, but is security really the kind of thing I want to see in a light bulb ? Is there no other way of defining the utility of a network-connected chair ?

    Maybe security should be designed, not into the IoT thingamabobs, but into the router/switch/hardware that talks to them. Let me clarify : a light bulb may be able to talk over the Internet, but only if there is hardware from an ISP connecting the household to the Internet. Yes, I know about the WiFi Ethernet attempts. One thing at a time.

    If IoT can only work with a hardware portal to the Internet, then it is those things that can handle the security. The router could very well be configured so as to 1) not allow general interaction from the Internet or the local network to the IoT thingies, and 2) handle updates from the Internet to a given IoTmabob, on condition that said update is properly signed and comes from the proper domain (no use BitTorrenting an update here).

    Would that not solve a bunch of possible issues ?

    Just wondering.

    1. Jimmy2Cows Silver badge

      Re: Why does this stuff need to update ?

      Maybe security should be designed, not into the IoT thingamabobs, but into the router/switch/hardware that talks to them. Let me clarify : a light bulb may be able to talk over the Internet, but only if there is hardware from an ISP connecting the household to the Internet. Yes, I know about the WiFi Ethernet attempts. One thing at a time.

      If IoT can only work with a hardware portal to the Internet, then it is those things that can handle the security.

      No no no no no no no no no no no no no! NO!!

      Might as well not bother. We all know full well how (in)secure most routers are, and that only seems to be getting worse not better.

      The only way to do security is design it in from the ground up. That requires protocols for shared interaction, time taken to research, develop and do things properly. Dare I say it even committees and working groups (argh!).

      But no, have to rush to market with some pointless IoT-connected leaf mulcher just to beat the other guy who is also making a pointless IoT-connected leaf mulcher. Security by assumption someone else will deal with it higher up the chain is not security.

      You might be happy enough for anyone to be able to turn on your lights and sky-rocket your electricity bill because you were reliant on your router to not let them into your IoT network. I doubt many other people would be so pleased.

      1. danbi

        Re: Why does this stuff need to update ?

        "Security by assumption someone else will deal with it higher up the chain is not security."

        This is precisely what people do when they rely on a government to ensure their security which one of the primary reasons for government's existence. They don't complain about it then, why the complaint now? ;-)

      2. Wzrd1

        Re: Why does this stuff need to update ?

        "The only way to do security is design it in from the ground up."

        No, no and fucking no!

        I'd be out of a job if things suddenly were designed to be secure.

    2. Anonymous Blowhard
      Headmaster

      Re: Why does this stuff need to update ?

      "IoT is about inserting Internet connectivity to stuff that we're already using for dubious purposes"

      What "dubious purposes" are you using your stuff for?

      Also, would it be too much to ask for this IoT crap to be IPv6 compliant from day one? I want to be able to get on the Internet, for any purpose, without finding I've been NATed back to the stone age because all the IPv4 addresses are in use by lawnmowers!

      1. Yet Another Anonymous coward Silver badge

        Re: Why does this stuff need to update ?

        Yes every lawnmower, toothbrush and toilet to have a unique IPv6 address and be individually accessible from t'internet with only a perfectly configured free modem from crap-cable-provider(tm) to secure it.

        1. danbi

          Re: Why does this stuff need to update ?

          And every such IPv6 address should be government assigned and properly recorded in the books, to declare that you do own the thing. Anything else would not be secure.

        2. Wzrd1

          Re: Why does this stuff need to update ?

          "Yes every lawnmower, toothbrush and toilet to have a unique IPv6 address and be individually accessible from t'internet with only a perfectly configured free modem from crap-cable-provider(tm) to secure it."

          Well, *my* network is connected to a Catalyst 4506 switch routing internal traffic, appropriate firewall in between and a *real* router, configured by myself, to the crap-cable-provider(tm).

          The negotiations to actually succeed in doing so was far less than negotiating with the Taliban.

          Both, a regrettable experience in my real life.

      2. Robert Helpmann??
        Childcatcher

        Re: Why does this stuff need to update ?

        Also, would it be too much to ask for this IoT crap to be IPv6 compliant from day one? I want to be able to get on the Internet, for any purpose, without finding I've been NATed back to the stone age because all the IPv4 addresses are in use by lawnmowers!

        I think it would be better to have IoT devices run a non-routable protocol. It would seem to make more sense to have them all report to a local control device or server than to have to open a port in your home firewall (as if consumers are going to grasp this concept) for every stereophonic light bulb and smart toilet in our personal chateaus. Yes, this may provide a single point of failure for at least a class of devices in our homes, perhaps assuming that devices involving security are controlled by separate systems than entertainment and similar, but also provides for a much smaller attack surface.

      3. Wzrd1

        Re: Why does this stuff need to update ?

        'What "dubious purposes" are you using your stuff for?

        Also, would it be too much to ask for this IoT crap to be IPv6 compliant from day one? I want to be able to get on the Internet, for any purpose, without finding I've been NATed back to the stone age because all the IPv4 addresses are in use by lawnmowers!'

        Televisions, well, some, are known to send out every spoken word within range of their microphones.

        Don't worry about the lawnmowers. My straight razors already took up those IP's. The remainder was taken by my bathroom paper dispensers, toothbrush and socks.

    3. Charles 9 Silver badge

      Re: Why does this stuff need to update ?

      "If IoT can only work with a hardware portal to the Internet, then it is those things that can handle the security. The router could very well be configured so as to 1) not allow general interaction from the Internet or the local network to the IoT thingies, and 2) handle updates from the Internet to a given IoTmabob, on condition that said update is properly signed and comes from the proper domain (no use BitTorrenting an update here)."

      Because, given the wireless nature of it all, what's to stop an interloper: someone inserting THEIR router into your network, masquerading as yours, and hijacking your devices? How do you reconcile this problem while at the same time making it easy enough for Joe Computer-Illiterate to use?

      1. Mark 85 Silver badge

        Re: Why does this stuff need to update ?

        Therein is a problem. I live in a subdivision here in the States and at any given time, I see 6 other routers on, 4 of which are wide open and unsecured. So, I install my shiny new wireless light bulb and it seeks a connection... Yes, I can get it to connect to my router, but what stops the other folks from connecting to it also? If the light bulb comes on "by itself" or via one of the other routers, I'd rip it out and forget about IoT. But what about other IoT things.. things that might be security related or health related?

        At this point, any IoT coming into my house had best be cable connected or have some security associated with it that allow only me to talk to it. I hate to deal with the aggravation of some kiddie fiddling with my devices.

    4. Wzrd1

      Re: Why does this stuff need to update ?

      "Maybe security should be designed, not into the IoT thingamabobs, but into the router/switch/hardware that talks to them."

      Bloody piss, have you never heard of not defining a default gateway or DNS servers to IP configuration?

      Now, just *where* did I store those laser wearing sharks...

      Screw it, the security droids will suffice.

  6. Anonymous Coward
    Black Helicopters

    Primetime

    Crunchy on the outside, soft in the middle has not not worked as a security model. The list of hacked routers actively in use as part of a botnet right now is in the millions and these are brand names, not off the boat unsupported junk. IT's time to put our game face on lest all our devices join the routers as well.

    I'm sure the NSA will be delighted to collect from IoT manufacturers who have to find 20 billion primes to create the public key crypto required. Just hack each manufacturers keyspace database. Come on, you know they will.

    1. Wzrd1

      Re: Primetime

      "Just hack each manufacturers keyspace database. Come on, you know they will."

      More like, already did.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021