Bruce Schneier: ‘We Need to Save the Internet From the Internet of Things’

Bruce Schneier, writing for Motherboard:

What was new about the Krebs attack was both the massive scale and the particular devices the attackers recruited. Instead of using traditional computers for their botnet, they used CCTV cameras, digital video recorders, home routers, and other embedded computers attached to the internet as part of the Internet of Things.

Much has been written about how the IoT is wildly insecure. In fact, the software used to attack Krebs was simple and amateurish. What this attack demonstrates is that the economics of the IoT mean that it will remain insecure unless government steps in to fix the problem. This is a market failure that can’t get fixed on its own.

Schneier’s reasoning for calling for government intervention is simple: The market won’t fix this because neither the buyer nor the seller cares.

Friday, 7 October 2016