by Brandon Butler
The Internet of Things needs regulation 2/6/2021

Bruce Schneier in The Washington Post:

Any computer brings with it the risk of hacking. This is true of our computers and phones, and it’s also true about all of the Internet-of-Things devices that are increasingly part of our lives. These large and small appliances, cars, medical devices, toys and — yes — exercise machines are all computers at their core, and they’re all just as vulnerable. Presidents face special risks when it comes to the IoT, but Biden has the National Security Agency to help him handle them.

Not everyone is so lucky, and the rest of us need something more structural. […]

Internet security is national security — not because the president is personally vulnerable but because we are all part of a single network. Depending on who we are and what we do, we will make different trade-offs between security and fun. But we all deserve better options.

Regulations that force manufacturers to provide better security for all of us are the only way to do that. We need minimum security standards for computers of all kinds. We need transparency laws that give all of us, from the president on down, sufficient information to make our own security trade-offs. And we need liability laws that hold companies liable when they misrepresent the security of their products and services.

When you bring an IoT-device into your home and add it to your network, you are effectively giving it — and whoever has access to that device — control of your computers, phones, cameras, and mics. I can only really hope that the company that made my lightbulb gave a shit about security, but lawmakers have done nothing to regulate this.