Is a single point of failure more or less secure than multiple points? That is the question IoT designers should make when considering ARM's new mbed OS, designed to rein in the fiasco which is the current state of security in the IoT market. On the one hand this OS will run on just about any device you could want, even if you prefer your device remain on MIPS, Linux or another OS and regardless of your back end provider. It will allow encrypted updates to be pushed out to devices software or firmware from a single source and the companies which use it will be charge on a pay per use scheme as opposed to a fixed cost.
On the sinister hand, this means that when someone manages to exploit an unforeseen vulnerability in mbed, the communications between ARM and the devices or the factory set private keys, they will be able to own every single mbed device out there. That is unfortunately merely a matter of time and so we wait to hear from ARM as to how they plan to partition the devices which use mbed and other measures they will develop to prevent a worse DDoS than the Dyn DNS attack last week. You can take a deeper look at mbed's structure as well as ARM's new Cortex-M33 and Cortex-M23 microcontrollers over at The Register.
"So ARM has come up with mbed Cloud, a software-as-a-service platform that securely communicates with firmware in devices to install fixes and feature updates. Product makers pay to remotely manage all their sold kit. Crucially, they pay for what they use – whether it's pushing updates, or connecting millions of units, and so on."
Here is some more Tech News from around the web:
- Open Source Operating Systems for IoT @ Linux.com
- Botnet Recall of Things @ Hack a Day
- Asterisk users need to patch DoS bug @ The Register
- Nvidia to sell Titan X via channel partners instead of graphics card players @ DigiTimes
- Redstone 2 to arrive as, ugh, Windows 10 Creator's Update @ The Inquirer
- Ultra-thin, pixel-dense Surface Studio touchscreen PC will cost $2,999 @ Ars Technica
- Want to use 3D XPoint DIMMs with Intel Purley Xeons? Wait a couple of years for second-gen @ The Register
- ARCHEER QC 2.0 Car Charger USB Adapter @ Benchmark Reviews
- The Solar Centre Albany Solar Premium Spotlight Review @ NikKTech
- Netgear launches Nighthawk X10 – claims world speed record @ Kitguru
So, when firmware update is
So, when firmware update is pushed to the engine of my car only my car stops or all the cars?
As funny as that seems, I do
As funny as that seems, I do believe protocols are in place to prevent any car part from upgrading/rebooting until the car is in a safely docked position, such as when you are at home. Unless it is a Samsung car, then… meh, couldn’t help throwing in a samsung joke
With these New security
With these New security processors and protected Firmware address space you can not even single step through the firmware of any device to check for errors using debug mode without the Keys to do so. This is a double edged sword for any open source driver development without the Keys to the firmware kingdom. There goes any alternative OS/Driver development for IOT, as well as other devices! All because of the Crappy IOT hardware makers’ lax securty and coding methods and hardware gimping in the first place. Those IOT things are ruining it for everyone, let’s put the IOT on its own net not directly connected to the WWW except by limited firewall access via only someone’s VPN and only that VPN’s IP adderss, no generalized net access for IOT devices.