[Cryptography] FBI: Don't trust IoT devices

Jeremy Stanley fungi at yuggoth.org
Wed Dec 11 11:13:26 EST 2019

On 2019-12-10 10:57:30 -0800 (-0800), Henry Baker wrote:
> To a first approximation, just consider isolating
> each device in such a way that it can't "see" any
> other device, but it can still talk to the internet.

For wired LANs, the most common solution is referred to as "port
isolation" or "Private VLAN" but Cisco has a patent stranglehold on
the concept laid out in IETF RFC 5517 and has litigated against
perceived infringers who don't bow to their demands for license



For IEEE 802.11 wireless, many WAPs implement something called
"wireless client isolation" or "AP isolation" to prevent client
systems from communicating with anything besides the Internet



So the options are there, but I agree, if I hadn't spent years as a
network engineer I probably wouldn't begin to know what to look for.
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20191211/e295852c/attachment.sig>

More information about the cryptography mailing list