Internet of Things (IoT) means everything is potentially connected everywhere and with everyone. Assume it is all compromised.
As the volume of IoT grows, we should better understand the implications a bunch of tiny powerful computers connecting to each other brings with them. These devices need the same strong attention we are placing on smartphones, laptops, servers, and services.
Among the IoT devices are routers, thermostats, refrigerators, and automobiles. Routers are particularly unnerving, as they have gotten a lot smarter and are extremely capable. They are also a perfect place to sit, wait, and watch. If you have time, read Coding Horror’s Blog post on this topic[1].
Now that we have had a healthy dose of paranoia, one of the more promising developments for the IoT is the Internet Security Research Group work on Let’s Encrypt[2].
One way for us to ensure that IoT devices are more properly secured (assuming everything is compromised) is to encrypt all communications. Elliptic Curve Digital Signature Algorithm (ECDSA) is a cryptographic algorithm used by Bitcoin, and is targeted to be used by Let’s Encrypt later this year[3].
There is promise for improved and encrypted communications and IoT[4]. If the process for using digital certificates everywhere is available and made easier for us, doesn’t it make sense to encrypt all communications?
[1] Welcome to the Internet of Compromised Things: http://blog.codinghorror.com/welcome-to-the-internet-of-compromised-things/
[2] Internet Security Research Group: https://letsencrypt.org/isrg/
[3] ECDSA https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm
[4] How it works – Let’s Encrypt: https://letsencrypt.org/howitworks/