Image Credit: Kate Ter Haar @ Flickr https://flic.kr/p/ipKFcd

The Broadband Internet Technical Advisory Group (BITAG) released a report titled “Internet of Things (IoT) Security and Privacy Recommendationsabout a week ago that outlines their observations about the IoT and their recommended solutions. The IoT press have hailed this as a great event, either referencing the report or “coincidentally” publishing their own thinkpieces parroting its conclusions.

The executive summary of the report is here, along with a link to the full report. The summary is very accessible and clear and I recommend you look at it.

But it’s also a bit naive.

My executive summary of the executive summary…


We don’t have an IoT security problem, we have a threat comprehension problem

Image Credit: Oyvind Solstad @ Flickr

This week, everyone on the internet who styles themselves any kind of expert is talking about the Internet Of Things, and in particular “botnets” formed from thousands of poorly secured IoT devices, as a potential threat to the Internet. Unless you broaden the term “Internet of Things” to mean “all computing devices except desktop PCs” then it’s not really an IoT problem, it’s a more general problem of threat comprehension.

In the 1970s and 1980s it was common for servers to have default passwords for maintenance that were often left unchanged. …


Image Credit: Milena @ Flickr https://flic.kr/p/fUWSwF

In three previous articles I’ve written about the challenges of managing Internet of Things (IoT) rollout while minmising risk.

Now the genie is out of the bottle, the Mirai Botnet today wreaked havoc by attacking a key DNS provider used by many major internet sites.

There are a lot of things we could have done better to ensure that IoT devices are designed to be secure, and deployed in a way that allows them to be managed and tracked. …


Image Credit: Flickr fourthandfifteen https://flic.kr/p/6fUp36

Bruce Schneier writes this article on IoT calling for a regulatory framework to enforce security standards in IoT devices where the market will not. I agree with his main point, the market will not fix the problem, because (cheap) bad security drives out good.

I would add an amplification, however, that home routers, DVRs and many other appliances generally do have a firmware update capability. What we need is a standard framework for making owners aware when there is a vulnerability affecting them, and when there is an update available.

I think we can achieve this with the DNS global…


Quite a few people are worried that Apple’s latest product, the iPhone 7, lacks a 3.5mm headphone jack. I’m here to tell you, “Come on in, Wireless audio is fine!”.

L-R: Bluetooth lapel clip, Bluetooth car/desk puck, Bluetooth earbuds. Photo: author.

As someone who has used Bluetooth wireless headphones for nearly a decade, the death of the analog audio socket on the iPhone doesn’t really bother me. Going wireless a few years back was a massive relief, I’ve probably saved days of my life through not spending 10 minutes each morning untangling headphone cords. Besides, as fast as I can buy new apple headphones, my kids abscond with them. I’m looking…


Three pointers on bringing the Internet of Things into your workplace without inviting chaos too

Image credit: Dustin O’Donnell https://flic.kr/p/joqktu

The “Internet of Things” is about tiny, cheap, ubiquitous devices that inhabit (some would say “infest”) your workplace and/or home, and quietly provide or display information.

To help imagine how IoT will change our lives, I use the “coffee rule”. Think about something that wastes your time in the physical world. Would you spend the cost of a cup of coffee to fix it? Is the meeting room down the hall occupied right now? Did I close the front door when I left home this morning? Has the mail been delivered yet? Is it business hours in the Dubai office…


Image Credit: Jodie Wilson https://flic.kr/p/5HX9zg

If you are contemplating a smartphone app to complement your IoT product, remember, an App is for Life, not just for Christmas. A slapdash, barely usable, or unmaintained mobile application is probably worse than none at all. If you are not prepared to invest ongoing effort into a mobile application, give serious consideration to just not making one.

The first question you should ask, is “does my product really need a dedicated app?”. Are there system-level services that you can support that will make your product integrate into the mobile platform? …


Image credit: John St John https://flic.kr/p/p5rbEm

It puzzles me when businesses decide to change their strategic direction and begin by laying off staff, while promising shareholders and the public that the savings will be “reinvested”.

Most recently, Cisco has announced eliminating over 5000 staff (“positions”), 7% of their workforce, to shift focus toward IoT and Cloud and “reinvest substantially all of the cost savings”.

These are relatively new technologies; there aren’t exactly 5000 cloud experts hanging out at the mall waiting for you to hire them tomorrow. …


Three challenges that we’ll need to tackle unless we want the future of the IoT to to be a dumpster fire.

Image credit: frankieleon https://flic.kr/p/bscqLn

The Internet of things is here. To borrow a phrase from Gibson, it’s just not evenly distributed yet. From the right vantage point, you can observe enough of the future to forsee some looming problems. These are challenges before us that we ought to solve soon, before unfocused enthusiasm carries us into an Internet of Incomptatible, Insecure and Unmaintainable Things.

The core problem is interoperability. Right now if you have smart objects in your home or business, you’re lost in a maze of twisty little walled gardens, all, well, entirely different. Your Philips lightbulbs use one app. Your Nest thermostat…

Christopher Biggs

“Any sufficiently advanced technology is indistinguishable from magic”. I help teams do magic, and write about Insufficiently Advanced Technology.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store