This article is more than 1 year old
Good luck securing 'things' when users assume 'stuff just works'
Making devices secure by design requires more effort than vendors currently allow
At the end of April my home was broken into by a professional who silently and systematically looted my residence of all my portable wealth while I slept.
In the morning, as I looked around for a phone to call the cops (there wasn’t one, so I had to Skype them from a desktop machine), I saw he’d used an entrance that offered just enough space to enable someone bold and flexible to gain entry.
After the police had come, dusted for fingerprints (we found his gloveprints everywhere, but no fingerprints), filled out their reports, and left me to deal with the intricate process of rebooting the credentials of my existence, I had a good think about how I’d overlooked the obvious.
A few months earlier the cops had rung my bell and told me my neighbour had been robbed. If I was wise, they advised, I’d keep my place locked up tight.
I took their advice, when I was away from home. That was my big mistake, because I refused to believe that I could sleep through a robbery. Until it happened.
For the first few nights after the robbery, I slept uneasily. But fairly quickly I fell into a nightly pattern of walking the perimeter of my home, checking and securing each of the windows and doors before I retired to bed. Rob me once, shame on you. Rob me twice...?
Which brings me to last night when friends invited me over for dinner and to revel in their new ultra-high-speed broadband connection. By fits and starts, Australia’s National Broadband Network has finally made it to their residence, and they signed up the day it became available. A hundred megabits of downstream goodness - enough, even, for a few Netflix 4K streams.
When I arrived all was in chaos, as one of my friends - who had been a sysadmin in an earlier career - worked to reconfigure the router installed by the ISP. The router had booted with default username and password settings – the same default username and password settings used for every other connection in their apartment buildings. We could see all their remarkably similar SSIDs beaming through the walls of their flat.
“Wow," my friend said, “I wonder if any of those folks changed their default username and passwords. Or if they even know they need to."
It’s not hard to be a paranoid in a world that seems to be insecure by design. It isn’t terribly difficult to load up factory firmware that generates a random password, assigns it to a device, then prints a label with that information to go into the box with the gadget. It’s more work than just slapping a default username and password into the software - but not much. And the cost, amortised against tens of thousands of units, can’t be more than a penny or two.
Or we can rely on users - who expect, in the era of Apple, that things will ‘just work’ with minimal intervention. Where ‘it just works’ means ‘opens your network to attack’, that’s a sure sign we’ve missed the point, that we’ve grown too lazy, that it’s been too long since the last time we woke up to find ourselves robbed by a thief in the night.
Every device - every desktop and laptop and smartphone and connected widget of any sort - must be secure enough against attack that we never need worry that we’re doing enough if we do nothing at all.
Is that hard? Maybe. Making devices that are secure by design requires more forethought than we currently allow in product development. That’s the first thing we need to change.
Does security make things more complex for the users? Probably. It’s harder to open my doors when the gates are drawn and locked. But that’s the tradeoff for security you don’t need to tinker with or even think about much. Locks just work, and so do devices that are secure by design. Is it necessary? Absolutely. We’ve reached a point on the BYOD adoption curve at which all of our data is everywhere. Even if we completely lock down the enterprise, there’s no guarantee all of its data stays within strictly patrolled bounds, nor any reason to believe that all the devices coming in daily from employee’s homes haven’t been exploited and weaponised.
Paranoia won’t help us much. Thoughtful security by design would go a long way. ®