[Cryptography] Schneier's Internet Security Agency - bad idea because we don't know what it will do

Mon Feb 27 16:14:52 EST 2017

At 11:36 AM 2/27/2017, Ray Dillinger wrote:
>From: Ray Dillinger <bear at sonic.net>
>
>I would not expect an IoT device to even be *able* to connect to
>the Internet until I configure it with the key for my house-area
>network, and with the certificate it needs to communicate with
>the proxy server to get packets across my outbound firewall.  The
>fact that many IoT devices expect this is laughable.  The firewall
>on outgoing packets tells me what devices I need to disconnect
>and destroy.
>
>Perniciously, it is the case that some devices, especially cameras
>and printers, which are not marketed as Internet-enabled, still
>attempt to send outbound packets.  Many routers which are configured
>for local network only still attempt to send outbound packets onto
>the wide open Internet.  My desktop mill's goddamned CNC controller
>made a DNS request the instant I plugged an ethernet cable into it
>to transfer G-code to it! It got replaced with an arduino board.
>
>Even if I wanted an Internet-enabled device, and even if it *had*
>the wifi and proxy info to connect from anywhere in my house, I
>wouldn't want it to attempt to connect to the Internet before I
>told it what certificates it should use, exactly where to connect
>to, and exactly what certificates its only valid connection partners
>have.  If it connects to anything else, or communicates with
>anything that does not present that certificate, or communicates
>with anything at all using any other certificate besides the one I
>give it or communicates at all via unsecured protocols, then the
>busted pieces of it go into the trash.
>
>Until somebody starts selling devices whose architecture implements
>that standard of behavior, I'm not buying IoT devices.  But sometimes
>I discover that I have bought one unintentionally.  That's one of
>the reasons I keep a fire axe handy.

It's going to get a whole lot worse.  My (relatively cheap) non-Nest thermostat keeps begging me to hook it up to the Internet for *my* "convenience".

How hard is it for a wifi device to search for all SSID's (including hidden ones) & find one that is either open already or WEP-protected, and then trivially break it?  BTW, it does NO GOOD to block such a device from YOUR own wifi network, because there are perhaps 5-15 wifi networks IN YOUR NEIGHBORHOOD that ARE accessible.

Virtually every device you purchase these days is wireless-enabled -- "dumb" TV's, refrigerators, washing machines (!?!).  Even if/when such a device doesn't automatically attempt to "call home" on the Internet, it advertises an SSID itself, and becomes instantly hackable by anyone within wireless distance.

God knows what will happen when these very low cost Verizon/ATT/etc cellular-connected IoT devices become ubiquitous, and where the device manufacturer pays for the cellular connection.  I don't think there is any law that prohibits such a device from calling home w/o your permission.  In such a situation, jamming devices will become *essential*.