< Back to listing

Posted 15 février 2016

With every connected device, security relies on what is setup by its designer or manufacturer. But security, as protection against malware, has never been, up until now, a priority for smart objects’ manufacturers, which explains why flaws are everywhere.

One is then relying on the lack of security of each of the smart objects used. It’s common knowledge that the chain of security, in the industrial world, is as strong as its weakest link. Regarding smart objects, as all links are weak, the result is rather scary. In one of his books, the American sci-fi writer Philip K. Dick* (1928-1982), imagined a scene where the hero of his book put in his house a smart door powered by coins; and of course he found himself locked outside his house when he came back home with no money in his pocket… That’s a premonitory story if transposed a little bit. The first element to consider in terms of security, in a house or a building, is WIFI networks since after all, it’s the connection entry point for smart objects. Basic security rules should then be recalled: proper network configuration, proper protection with WPA2 or EAP, strong lengthy password that is hard to crack. The best option would be to use EAP protocol combined with 802.1X standard, but some smart objects have compatibility issues with 802.1X** authentication standard. Markets are now starting to offer grouped options to bring some security to smart objects inside houses: for instance, grouping home automation features inside a WIFI box, to protect them with a firewall performing filtering routines. But all of this is still at its first steps and not necessarily unbreakable…

https://fr.wikipedia.org/wiki/Philip_K._Dick

** http://www.commentcamarche.net/contents/1276-802-1x-eap