back to article Some Things just aren't meant to be (on Internet of Things networks). But we can work around that

What exactly is the Internet of Things? According to Gartner and IDC, it's a network of endpoints capable of interacting with each other and the world via IP connectivity. Consultant McKinsey & Company defines IoT as sensors and actuators embedded in physical objects, from roadways to pacemakers, that churn out huge amounts of …

Page:

    1. Charles 9 Silver badge

      Re: DHCP

      Unless you're Joe Stupid. Think about this problem from his angle: not knowledgeable enough to handle this on his own yet vulnerable anyway. What's needed for him is a turnkey solution, yet everyone here is claiming no such thing is possible. Perhaps one can PROVE that in plain English so they can present the problem before a legislature...

      1. JohnFen Silver badge

        Re: DHCP

        Not Joe Stupid -- don't confuse ignorance with stupidity.

        Your fundamental point is right, though, which is why it's highly irresponsible to sell these sorts of devices to ordinary people unless they're part of a larger system that imposes some sort of security.

        "yet everyone here is claiming no such thing is possible"

        They are? I think people here are saying that no such solution is currently available for naive users, which is true (and IoT manufacturers have zero interest in making one, because similar efforts in the past have sold badly). That's not the same as saying it's not possible.

        1. a_yank_lurker Silver badge

          Re: DHCP

          @JohnFen - You are correct about the real problem. These turds are being sold to Joe User who not networking guru. Then security 'experts' expect him to have the knowledge and time to properly connect the turd to his home network. And to add insult to injury these same 'experts' fail to grasp that home networking kit in not the same as enterprise level kit nor does have the same price.

    2. Anonymous Coward
      Anonymous Coward

      Re: DHCP

      Just wait for IPv6 become widely used... it will make even harder for non IT skilled people to manage and keep track of addresses. Automatically assigned addresses will be the norm.

  1. Androgynous Cow Herd

    You can’t spell IDIOT without IOT...

    I studiously avoid most of this fluff as unneeded to my lifestyle... if I need to know what’s in my refrigerator I open the door etc.

    However, recently I was gifted a sous vide cooker. If you’re not familiar, this is a recirculating water heater that you use to slow cook meat to specific levels of doneness. The great hook is, it is impossible to overcook with this method. So long as you cook for the minimum time, the meat is just done, whether you like rare, medium well, etc. The method works great.

    If there was ever a device that did not need network connectivity, this is it. However, to use it, I am supposed to ...

    Download an app

    Connect to the device via Bluetooth

    Use the app to identify the device

    Configure the device for WiFi connectivity, which requires me to register with the manufacturer (who of course will allow me to identify myself via Faecesbook...)

    Then, I can heat water.

    Alternately, I can use another device, that has a power switch, and a rheostat to set the temperature.

    I use that one.

  2. s. pam
    Megaphone

    Just setup a separate Wifi network, name it "InternetOfShit"

    Put all the IoT crap on a separate Wifi network, leave it open to the Internet, and let it eat itself. Easy when it's fucked to not take down your home/office.

    1. Stoneshop Silver badge
      Devil

      Re: Just setup a separate Wifi network, name it "InternetOfShit"

      Put all the IoT crap on a separate Wifi network,

      With you so far.

      leave it open to the Internet, and let it eat itself.

      It will have no connectivity to the outside world. Nothing, zero, nada, zilch.

      1. Anonymous Coward
        Anonymous Coward

        Re: Just setup a separate Wifi network, name it "InternetOfShit"

        Wanna bet? It'll probably have a Whispernet connection, and breaking the antenna probably counts as tampering and will void the warranty. Oh, and it probably won't work if put in a Faraday cage, either. And soon you find out it's legally mandated (for "national security" reasons). Not to mention required to avoid a massive raise in your insurance rates...

  3. David Hall 1

    Reg taking the piss? Or too hot for journalism.

    "For example, a former colleague of mine has the option of adding Ethernet adaptors to the emergency generators on his data room but has decided not to – simply so the vendor's engineers have to visit to do maintenance rather than being allowed to break and crash things from afar."

    Yeah. Guy is a genius. Totally thinking he runs a comms room rather than a proper DC.

    1. Anonymous Coward
      Anonymous Coward

      Re: Reg taking the piss? Or too hot for journalism.

      "simply so the vendor's engineers have to visit to do maintenance rather than being allowed to break and crash things from afar"

      Wanna bet that gets reflected in the invoices? Accounting may wanna have a word with you at some point...

  4. Ken Moorhouse Silver badge

    I had a surreal conversation with a plumber recently...

    All I did was to give a BT-HomeHub its last rites and stick in another consumer Modem Router.

    My client sounded more perplexed than annoyed when he rang to tell me "The boiler's not working on my Iphone."

    I then spoke to their plumber who started talking about "switching it off and switching it back on again". Before I could say "Hang on a minute m8, that kind of language is reserved for IT people" he was telling me to look out for a MAC address on the side of the boiler controller.

    It took a while to sort that one out, but at the end of the exercise the boiler manufacturer agreed that they had given us duff information about what to do if your router is changed. Some configuration was needed at their end.

    How many IoT device users have abandoned their devices because it is just such hard work trying to maintain them?

    I mentioned this to my client, but having just spent a lot on the boiler it is not something you can rip out and say is unacceptable just because the app doesn't work reliably. Before replacing it he should bizarrely be discussing his choice with an IT person, as well as his plumber.

  5. Anonymous Coward
    Anonymous Coward

    Isn't just easier, and more rational, to keep a cattle prod, a roll of carpet and some quicklime handy while flat out banning anything that might fugg up your wonderful network. Never let Lusers take control of anything, let alone install something that you then have to manage for them. That is a violation of rule 1 & 2 of the BOFH book, Rule 1 being "We don't talk about Luser-installed network attached hardware", and Rule 2 being "We don't talk about what happens to Lusers who install network attached hardware".

    1. Kernel

      "That is a violation of rule 1 & 2 of the BOFH book, Rule 1 being "We don't talk about Luser-installed network attached hardware", and Rule 2 being "We don't talk about what happens to Lusers who install network attached hardware"."

      And Rule 3 is "Try to remember that many of those 'Lusers' will be the people who actually generate revenue for the company so it can continue to exist and employ those who are merely a cost centre and weight around the ankle of said Lusers."

      Just because someone isn't an IT expert doesn't make them stupid or ignorant or a Luser - it just means they probably know a whole lot of specialized stuff you don't - even if it's only how to shovel shit out of the gutter 5 days a week without ruining their back in the process. Shoveling shit brings money into the company when the customer pays for it to be done.

      Yes, I know you used the joke icon, but I've seen some crap work from IT professionals who should've know better, over the years - if fact, a number of the major data leakages we read about on El Reg seem to involve a degree of incompetence on the part of those professionals who should know better, particularly in the area of failing to secure/configure deployed systems properly.

      1. dajames Silver badge

        Rule 3 is "Try to remember that many of those 'Lusers' will be the people who actually generate revenue for the company so it can continue to exist...

        So ... shouldn't they be doing that, then, rather than spending time attaching unauthorized devices to the company network?

        Leave the networking to those whose job that actually is.

        1. Loyal Commenter Silver badge

          "Try to remember that many of those 'Lusers' will be the people who actually generate revenue for the company so it can continue to exist

          I'd just like to echo the commenter above and add that if someon'e job involves adding unsecured network hardware to a corporate environment without permission, then that person is not a revenue-generating asset (no matter how high their opinion of themselves). They are a liability. Increasing risk exposure in an uncontrolled manner is never revenue-generating, and if you have people like that in your organisation, they need to be shown the door. Or the nearest window. By applying a voltage if necessary.

          1. Anonymous Coward
            Anonymous Coward

            Problem is, what if they're (a) masochists (who get off on stuff like cattle prods) and (b) over your head (meaning they can reverse or counter any actions you attempt against them)?

        2. Anonymous Coward
          Anonymous Coward

          "Leave the networking to those whose job that actually is"

          I worked for companies where the problem exactly lied in those whose job should have been networking - always trying to minimize the work they had to do instead of addressing users' needs.

  6. Frumious Bandersnatch Silver badge

    "Some Things just aren't meant to be ... on [the] Internet"

    Don't you mean "You know we aren't meant to exist on the outside world?"

  7. A Dark Germ

    Disagree with definition of IoT, only fools build IoT with IP access. IDIOTS.

    IoT is edge true.

    We use LoRa modems to connect with a main LoRa hub, example IoT.

    But it never talks direct with IT systems.

    That would be mad from a design point of view.

    To many attack vectors.

    This LoRa hub represents many edge nodes and uses secure technology

    to talk over TCP/IP to the back end.

    We pick MQTT for this over TCP/IP.

    To say all IoT uses IP is mad and totally wrong.

    The understanding of IoT & IT is easy to see, when you build systems.

    Most folk don't understand the difference.

    We don't let 100,000,000 IoT edge nodes attack the IP infrastructure that would be madness people.

    WAKE UP.

    https://lo5t.me/

  8. GSTZ

    IoT vs. Industry 4.0

    Maybe we should distinguish between consumer-oriented gadgets (typically connected to the Internet just to enable consumers to brag with their ability to toy around with said gadgets via smartphone apps) and serious technology used in production, logistics, transportation and other areas. The Germans have coined the term "Industry 4.0" for such technology.

    Here, typically some industrial control system (ICS) would be involved, and the machinery controlled by this would not necessarily need to be connected to the Internet. For instance, you could order some furniture in a webshop specifying the exact dimensions you want, but the related production gear might run totally separated behind an air-gap ...

    1. Charles 9 Silver badge

      Re: IoT vs. Industry 4.0

      Trouble is, the vulnerable consumer-grade stuff can be leveraged to force magnify and take on the industrial-grade stuff to force multiply further. That's what Mirai taught us. If it's out there, it can be exploited to take down more secure stuff and start a domino effect. And it's only going to get worse. Like a zombie apocalypse. Sure, you're all hunkered down right now, but the horde can just find more victims outside to grow and eventually overwhelm you...

  9. A Dark Germ

    Wake up people IoT is not IT!

    Real IoT does not talk TCP/UDP/IP

    IoT edge nodes talk to a IoT hub.

    This IoT hub is the only part that talks over TCP/UDP/IP via MQTT & HTTPS

    The hub should be based around a secure core like Microchip's SAML11.

    The edge nodes should use 508a/608a from Atmel now Microchip!

    for public key cryptography to talk over LoRa only.

    Not LoRaWAN as it uses fixed symmetric AES keys per device that you need to store in a database. Madness here. No one stores AES keys in a database apart from fools.

    These edge nodes can also use NFC/BLE adverts, but do not support the full BLE stack for TCP/IP access.

    You must all understand IoT is a subset on the edge of IT.

    Yes the venn diagram has a common area the IoT HUB.

    Designs that use hardware cryptography in IoT are the same idea as U2F from FIDO is for human access control using the internet. In fact U2F can work over IoT for door access control also.

    People really need to go back to school, your all very poorly educated here online.

    N.B Personal IoT that does not talk to a IoT HUB but uses peer to peer can use TCP/UDP/IP but then these devices can and are used to attack the internet infrastructure. I don't count peer to peer as real IoT. Please understand this main point. The boundary between IT & IoT has two stages. One close range and the real IoT with long range measured in km.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019