Stories
Slash Boxes
Comments

SoylentNews is people

Sustainable Security for Durable Goods

posted by janrinok on Thursday March 08 2018, @03:21AM   Printer-friendly
from the internet-or-security dept.

canopic jug writes:

Ross Anderson in the Security Group at the University of Cambridge Computer Laboratory asks some questions about whether durable goods such as cars can be Internet-connected and yet provide sufficient privacy and safety. It's not a deep discussion but it does raise a few other pertainent questions.

Perhaps the biggest challenge will be durability. At present we have a hard time patching a phone that's three years old. Yet the average age of a UK car at scrappage is about 14 years, and rising all the time; cars used to last 100,000 miles in the 1980s but now keep going for nearer 200,000. As the embedded carbon cost of a car is about equal to that of the fuel it will burn over its lifetime, we just can't afford to scrap cars after five years, as do we laptops.

Meters and medical devices are two more examples of hardware that can cause great harm when control of the integrated software is taken over by malfeasants.

Source : Making security sustainable.
and Making Security Sustainable: Can there be an Internet of durable goods? (warning for PDF)

Original Submission

 
This discussion has been archived. No new comments can be posted.
Sustainable Security for Durable Goods | Log In/Create an Account | Top | 41 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by driverless on Thursday March 08 2018, @11:31AM (2 children)

    by driverless (4770) on Thursday March 08 2018, @11:31AM (#649436)

    That's a problem with some of the standards for security being written today, which are driven almost entirely by a few large silicon valley companies who assume the whole world is online 24/7 and anything can be updated within 24 hours. There's no backwards compatibility or future planning, just "lets throw in every cool feature we need for our purposes, we can always roll out new patches whenever we feel like it, and deprecate anything we feel like". There's no way to reconcile this with devices that have to operate in the field for five, ten, twenty years. "We've got what we want, and everything else doesn't exist".

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 3, Insightful) by anubi on Thursday March 08 2018, @12:33PM

    by anubi (2828) on Thursday March 08 2018, @12:33PM (#649464) Journal

    And then one day they sell out to someone else who turns off the server.

    Then you are left holding a bunch of technology that no-one ( due to Intellectual Property rights ) knows what to do with if its broke.

    Might as well toss it and start all over.

    I find that paradigm very nauseating. I feel if I can't fix it, I really question what business I have with it. It would be like a business hiring an employee, but having no control over him.

    The exception is cheap generic consumables.

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]

  • (Score: 4, Insightful) by JoeMerchant on Thursday March 08 2018, @01:40PM

    by JoeMerchant (3937) on Thursday March 08 2018, @01:40PM (#649472)

    I just "felt a bomb dropped" when one of our developers told me that the WebRTC source code was 5 to 6 GB... for a comms layer!

    The world is truly screwed if we're depending on 5 million pages of code just to shuttle data from A to B in a "open" format.

    --
    🌻🌻 [google.com]