Don’t let security ‘shock stars’ ruin M2M

Have you noticed how Security seem to think they’re the new rock and roll now?

Not in a good way, sadly, says Nick Booth. They’re not all into wild parties and devil-may-care attitudes. Today’s IT security is like the Bono/Sting era of rock and roll, which is increasingly pious and sanctimonious. Anyone can become a security ‘shock’ star, as long as you can pick up on a riff and shout loudly enough from a stage to frighten the bejeebers out of the older generation.

Once you’re raking in the millions, you can jet around the world, lecturing people about everything from home automation to global warming.

Naturally, the deference shown to these Shock Stars soon goes to their head. Instead of trashing hotel rooms, they tour cyberspace, inhabit other people’s blog spaces and trash their editorial property.

Nick Booth, Freelance IT and communications writer
Nick Booth, Freelance IT and communications writer

“This is the possibly the worst security advice I’ve seen on a security blog,” reader S.A. wrote under one of my columns recently. Was I upset? Hell, no! If a Shock Star pays you a visit and takes time giving you their signature insult, that’s one of the highest compliments you can be paid in this business.

What he (it’ll inevitably be a he) was saying, in effect, was that he’s read my column right the way through. The ‘advice’ that he’d got the wrong way around was at the end of the piece! Let me tell you, it’s a massive achievement to hold anyone’s attention in the digital age, let alone the addled thought processes of a Shock Star.

Since Security became the new rock and roll, a whole new genre of Shock Stars have taken to the stage and launched careers. As ever, they all seem to have similar influences and all seem to be singing from the same song sheet.

I mention this because a number of leading lights in the machine-to-machine (M2M) world have come under fire for sins against security. Motorola, for example, has been heckled for ‘exploits’ on its outdoor security camera range, the Motorola Focus 73. Its lapses inspired a range of pious protest songs about firmware, default passwords and the lack of encryption.

The story goes that Motorola security cameras could have been hijacked by malicious hackers who could have surveyed the people who were actually running surveillance. To quote a line from the “Turning Tables” report (by corporate rock star Adele), “I can’t keep up with your turning tables [so] I won’t let you close enough to hurt me.”

Having had a massive hit with that, the Shock Stars all followed up with another howl of outrage, this time over the fact that a group called The Researchers found an insecure children’s toy made by Fisher-Price. The toy is a teddy bear and watch combo designed to help parents keep track of their kids’ movements over GPS. But not in the eyes of The Researchers, who released an anthem called Hackers: You Turned My Teddy Bear Into a Demon Toy.

Sadly, this was another smash hit protest song about the Internet of Things.

Now, don’t get me wrong, it’s possibly a bit remiss of the developers employed by Motorola, who unwittingly made it easy for potential hackers to get a home network’s Wi-Fi password and take over the pan-tilt-zoom controls. The developers created a private Wi-Fi security key that ended up being transmitted unencrypted over an open network, using only basic HTTP authentication with the username as ‘Camera’ and the password as ‘000000’.

Well, we’ve all done that haven’t we? I’m rather fond of Motorola, since my cousin worked there for a long time creating mobile systems and loved it. I imagine those poor developers working for them were in a rush to complete this task and move on to their next multi-million pound gig. The developer has now released a follow-up to its original release (entitled I’m Gonna Update Yo Firmware!)which seems to have silenced the aggrievance (I believe that’s the collective noun) of Security Shock Stars.

Maybe, the lesson to be learned from this is that M2M is going to be huge and there’s massive pressure to tour the world playing massive arenas. But it might be a good idea to slow down and take stock before you move on to the next big gig. Otherwise, nobody will ask you back for an encore.

The author of this blog is freelance IT and communications writer, Nick Booth.

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow


9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

Infineon and Rainforest Connection create real-time monitoring system to detect wildfires

Posted on: October 22, 2021

Munich and San Jose, California, 21 October, 2021 – Infineon Technologies AG a provider of semiconductors for mobility, energy efficiency and the IoT, announced a collaboration with Rainforest Connection (RFCx), a non-profit organisation that uses acoustic technology, Big Data and Artificial Intelligence / Machine Learning to save the rainforests and monitor biodiversity.

Read more

Infineon simplifies secure IoT device-to-cloud authentication with CIRRENT Cloud ID service

Posted on: October 21, 2021

Munich, Germany. 21 October 2021 – Infineon Technologies AG launched CIRRENT Cloud ID, a service that automates cloud certificate provisioning and IoT device-to-cloud authentication. The easy-to-use service extends the chain of trust and makes tasks easier and more secure from chip-to-cloud, while lowering companies’ total cost of ownership. Cloud ID is ideal for cloud-connected product companies

Read more