[Cryptography] FBI: Don't trust IoT devices
fungi at yuggoth.org
Wed Dec 11 11:13:26 EST 2019
On 2019-12-10 10:57:30 -0800 (-0800), Henry Baker wrote:
> To a first approximation, just consider isolating
> each device in such a way that it can't "see" any
> other device, but it can still talk to the internet.
For wired LANs, the most common solution is referred to as "port
isolation" or "Private VLAN" but Cisco has a patent stranglehold on
the concept laid out in IETF RFC 5517 and has litigated against
perceived infringers who don't bow to their demands for license
For IEEE 802.11 wireless, many WAPs implement something called
"wireless client isolation" or "AP isolation" to prevent client
systems from communicating with anything besides the Internet
So the options are there, but I agree, if I hadn't spent years as a
network engineer I probably wouldn't begin to know what to look for.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 963 bytes
Desc: not available
More information about the cryptography