This is the most important problem that the internet of things faces. How can we network everything while maintaining at least some scrap of security, especially in the long term? How can we convince people that their toaster is worth patching, and, more importantly, how to we convince vendors that toasters are worth releasing patches for? What if appliance makers go bankrupt and your dishwasher no longer receives patches? How will devices be updated if another Heartbleed-esque situation occurs? It's easier for a user to protect themselves from a 0-day in an app they use, for example, compared to vital home appliances such as dishwashers, refrigerators or washing machines, which cannot merely be uninstalled.
This is a very real threat, most notably Belkin [0] has suffered critical security breaches, and this issue won't be going away any time soon. How can security researchers get CVE's patched, and how can we prevent them from occuring in the first place? This should be priority #1 for any company trying to bring internet-connected appliances to the mainstream.
> How can we network everything while maintaining at least some scrap of security, especially in the long term?
Another question that we should be asking more is should we network everything that could be?
As for a pacemaker, personally I think the answer is a definite NO. It has only one function, to keep someone alive, and any extra functionality only represents an increased risk of malfunction. If there is any firmware in it then that firmware should be as simple as it can be. Preferably open-source and subject to being reviewed/corrected by many, before it gets permanently embedded in a device.
> how can we prevent them from occuring in the first place?
The obvious way is by doing it right the first time. Sadly, this is something that seems to have fallen out of fashion, as the prevalent mentality is more like "we can always issue an update, so it doesn't matter that much". A dangerous mentality indeed, when it's in truly safety-critical applications. Companies are increasingly pushing for "smartness" in their products, espousing all the ostensible advantages, while not giving much exposure to the possible downsides too.
I imagine there's some value in being able to update the firmware on a pacemaker. Maybe a new pacemaking algorithm can save 1% more lives or something. Or it could automatically call an ambulance when you have a heart attack, etc.
Implanted medical devices do seem like the ideal situation for wireless access, albeit you probably don't want to overburden the thing with features either.
Does this problem (the growing widespread network insecurity of everyday objects) have a specific name, like "security rot"? If it does, I don't know it. I do know that once you give a complex problem a label (like "net neutrality" or "the Internet of Things"), it becomes a catalyst for discussion. People begin to understand and recognize the label, it becomes a brand that journals and conferences and books and blogs can all focus on. This phenomenon needs a label if we're going to make real progress on it.
The networking of "things" is not a problem as long as you can opt out of it. Can you stop the toaster of the future from talking to the vendor, the crock pot, Google, the neighbors, your router?
Policy-wise we need a requirement of opt-in: the manufacturer can try to convince you that connecting the device to internet is beneficial for you, but has to let you say no.
And on the technical side, if it needs to be authorized in your router, you already have an opt-in. If it's going to connect by default somehow, maybe by open mesh wireless or somesuch, that's a problem for privacy and security.
Implantables, and particularly life-essential ones like pacemakers, are different. They need remote access to enable updating without surgery, but it must be secured well enough to prevent the sort of vulnerabilty the article describes.
BTW, if you were intent on killing someone, wouldn't it be just as effective to direct a strong RF signal to burn out the electronics, overwhelming any access controls?
Yeah you can't trust Belkin's WeMo line for light switches, and yet they are coming out with integration with things like crock posts and humidifiers soon. This is very scary.
This is a very real threat, most notably Belkin [0] has suffered critical security breaches, and this issue won't be going away any time soon. How can security researchers get CVE's patched, and how can we prevent them from occuring in the first place? This should be priority #1 for any company trying to bring internet-connected appliances to the mainstream.
[0]: http://arstechnica.com/security/2014/02/password-leak-in-wem...