 |
| Photo by author |
If
you're going on a long trip, you can't pack clean underpants for every day. We
did not seriously consider the option of turning a pair inside out after use
and wearing it again the next day. No, really.
Fortunately,
many hotels have a guest laundry. That is always a hassle. For starters, you
usually need coins in the local currency. I had the ambition to make this a cashless
trip. At our hotel in Seattle, I miraculously got away with this: the front
desk manager asked how much we needed, pulled out his purse, and gave us the
quarters we needed. In another hotel we could pay with a credit card. But most
of the time we really needed coins. It left me with a colorful collection of
international change.
But
tumble dryers are also a hassle. Usually you have three options, which do not
match the options in my mother tongue: cold, permanent press and hot.
The first does little to help, while with the latter one might expect ending up
with gnome clothes; at home we only throw towels in the dryer, which makes that
option extra scary when you are traveling. That word "permanent" in
the middle option also sounds pretty definitive, but since it's the middle
option, it must be okay. At least, that’s what we thought. The laundry still
came out clammy. Even after one more round. And that all takes time that you
actually wanted to spend on tourist activities. And you can’t just leave: you
keep the machines occupied, or you’ll find your laundry in a corner somewhere upon
your return, while you have no idea who and what touched it. Ugh.
A
hotel in Tokyo tackles this mild form of fear of contamination in a striking
way. Their combined machines (washing and drying, already a godsend for
tourists anyway) are equipped with a code lock. When you start your laundry you
have to think up a code, and you will only get your laundry back after entering
that same code. This way you are assured that nothing and no one can access
your belongings. Of you are not supposed to keep the machine occupied all day long.
But at least your laundry is safe.
That ‘s
security where you do not expect it, but are happy with it. Do we have
something similar in ICT? I thought about it for a long time, but I couldn't
come up with anything. This is probably because in ICT we expect a lot from
security and we would be surprised if this was not implemented these days. Even
in situations where you find security a nuisance, you resign yourself to it –
it's normal.
There
are still plenty of opportunities. IoT equipment (the Internet of Things) still
too often lacks proper security. We now have quite a few of those things at
home. The dishwasher, the dryer, the solar panels, the air conditioning and the
sound system: they all talk to our phones. But once installed, none of those
devices ever ask: who are you? The solar panels only provide data, but I can
instruct the other devices via my smartphone to do something or to stop doing
so. And a hacker can do damage with that. Turn the stereo to max volume when no
one is home and you're bound to have a neighborly fight. Dishwashers and tumble
dryers may overheat or leak water if operated inappropriately. Fortunately, we
don't have a smart kettle or toaster, because overheating is much easier to
achieve with such devices.
IoT
device manufacturers need to do better. “The letter S in IoT stands for
security”. Yes exactly, that letter is not in the abbreviation at all. What
also doesn't help, is the absence of a security section in the manual for
devices that want to connect to my home network. The inner workings of security
is explained nowhere, and I'm afraid that I already know why that information
is missing. Meanwhile, all those devices know the password of my network.
What
can you do yourself? If a "progressive" device has a password, change
it immediately upon installation - otherwise the entire world will know your
password. You could also place IoT devices in a separate network, for example
your guest network. This prevents an intruder from accessing your data. Then
again, many devices only communicate with your phone if they are on the same
network. But with that phone I want to be on the trusted network, not on the
untrusted network on which I allow everyone.
There
is still a lot to be done in the field of IoT security. Surprise me.
And in the big bad world…
This section contains a selection of news articles I came across in the
past week. Because the original version of this blog post is aimed at readers
in the Netherlands, it contains some links to articles in Dutch. Where no
language is indicated, the article is in English.
- you can read more about IoT security here.
- LinkedIn is under attack.
- this cybercrime gang has a problem with its own infrastructure.
- computer clocks sometimes run wild.
- Meta
is diligently looking for a way to color within the lines of the GDPR. [DUTCH]
- shame
for mistakes sometimes harms security.
[DUTCH]
- identity orchestration helps in the transition to cloud services.
- this short course makes you
aware of manipulation by social media. [DUTCH]
- your iPhone is a willing victim for spoofing.
- China is just as afraid of us as we are of them.
- attacks via QR codes are not just theoretical.
- most
ransomware attacks start with a phishing
attack. [DUTCH]
.jpg)
No comments:
Post a Comment