[Cryptography] Great IoS quote from LCA 2017

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Jan 31 07:16:41 EST 2017 

Henry Baker <hbaker1 at pipeline.com> writes:

>Sadly, after touring the exhibits at CES2017 this month, too many of the
>"embedded systems" work just fine

I'm not sure that you can say that an IoS device works fine just from seeing
it at a trade show, you need to actually use it for awhile to see how many
times you need to reflash it, reconfigure it, or reinstall it to keep it
running.  I have a pile of SCADA/embedded gear that I need to operate for
testing purposes, and then a bunch of IoS that's partially also for testing
and partially for fun.  The SCADA gear is all custom hardware designs,
typically running an RTOS, and created by people who understand SCADA and how
to keep things up and running (watchdogs, keepalives, timeout management,
consistency checking, etc).  I don't think I've ever needed to reflash,
reinstall, or even reboot any of them, some of them have been running for
years without being touched.

The IoS OTOH is a completely different story.  In the last couple of weeks,
all three of the Pi-based systems have had to be reflashed due to them
trashing their filesystem, one as it came out of the box from the vendor, one
reboot and it kernel-panicked due to a corrupt filesystem.  That's not
surprising, the combination of no power protection or management circuitry,
using a FS that's totally unsuited for flash use, using the flash as if it was
a hard disk, and the only way to reset/reboot the device being to pull the
power plug pretty much guarantees it's going to fail at some point.  It's 
pre-disastered.

The non-Pi stuff isn't much better, all of it needs more care and feeding then
a two-year-old.  A lot of this stuff seems to be being created by people who
are used to desktop PCs in which the OS does a lot of the failure handling for
you and the user can be relied on to click Reconnect to WiFi or whatever when
it drops out.  Look for reviews on Amazon of virtually anything that's IoS and
WiFi-based, you'll find endless complaints about it not connecting, losing the
connection, going catatonic, and other variants, with no ability for the
device to recover without external human intervention.  I've gone out of my
way to get devices that have less negative reviews than many of their
competitors, and I still have to do ridiculous amounts of babysitting to keep
them running.

Security-relevance of all this: If your device can't even manage to keep a
stable network connection, imagine what the security in it must be like...

Peter.

More information about the cryptography mailing list