nanog mailing list archives
Re: IoT security
From: valdis.kletnieks () vt edu
Date: Thu, 09 Feb 2017 15:18:15 -0500
On Thu, 09 Feb 2017 14:54:26 -0500, William Herrin said:
Is there some way an industry association could overcome this? Perhaps have some trivial way to assign each model of IoT device some kind of integer and have the device report the integer instead of its plain text manufacturer and hardware model number? Where the assigned integer is intentionally not published by the industry association though of course trivially determinable by anyone who owns one of the devices.
Or anybody who knows how to use the internet to look for reports of owners who have issues. All it takes is one smarter than the average bear user posting "I've got a MobyWombat 3000 light bulb, and it keeps sending 1193432542 to some server someplace...."
Wouldn't especially impair building a database of vulnerable devices but it would raise the bar for trying to turn the
If it doesn't *heavily* impair building a database of vulnerable devices, it's not a solution to the problem under discussion.
Attachment:
_bin
Description:
Current thread:
- Re: IoT security, (continued)
- Re: IoT security clinton mielke (Feb 08)
- Re: IoT security valdis . kletnieks (Feb 08)
- Re: IoT security clinton mielke (Feb 08)
- Re: IoT security valdis . kletnieks (Feb 09)
- Re: IoT security clinton mielke (Feb 09)
- Re: IoT security Marco Slater (Feb 10)
- Re: IoT security clinton mielke (Feb 10)
- Re: IoT security clinton mielke (Feb 10)
- Re: IoT security Rich Kulawiec (Feb 09)
- Re: IoT security William Herrin (Feb 09)
- Re: IoT security valdis . kletnieks (Feb 09)
- Re: IoT security bzs (Feb 09)
- Re: IoT security William Herrin (Feb 07)
- Re: IoT security Michael Thomas (Feb 07)
- RE: IoT security Keith Medcalf (Feb 09)
- Re: IoT security Rich Kulawiec (Feb 10)