IoT security issues Gilchrist

https://textbookfull.com/product/iot-security-issues-gilchrist/

★★★★★ 4.6/5.0 (31 reviews) ✓ 146 downloads ■ TOP RATED

"Excellent quality PDF, exactly what I needed!" - Sarah M.

DOWNLOAD EBOOK
 IoT security issues Gilchrist

TEXTBOOK EBOOK TEXTBOOK FULL

Available Formats

■ PDF eBook Study Guide TextBook

EXCLUSIVE 2025 EDUCATIONAL COLLECTION - LIMITED TIME

INSTANT DOWNLOAD VIEW LIBRARY

Collection Highlights

Security in Iot Social Networks Fadi Al-Turjman

Antimicrobial stewardship 1st Edition Gilchrist

Ubiquitous Computing and Computing Security of IoT N.

Jeyanthi

Industrial IoT Challenges Design Principles Applications

and Security Ismail Butun
Demystifying Internet of Things Security: Successful IoT
Device/Edge and Platform Security Deployment Sunil Cheruvu

Flexible Network Architectures Security : Principles and

Issues First Edition Rudra

IoT: Security and Privacy Paradigm (Internet of Everything

(IoE)) 1st Edition Souvik Pal (Editor)

The IoT Architect's Guide to Attainable Security and

Privacy 1st Edition Damilare D. Fagbemi

Security designs for the cloud, IoT, and social networking

First Edition Chintan M. Bhatt
Alasdair Gilchrist
IoT Security Issues
Alasdair Gilchrist

IoT Security
Issues

First Edition

PRESS
ISBN 978-1-5015-1474-6
e-ISBN (PDF) 978-1-5015-0577-5
e-ISBN (EPUB) 978-1-5015-0562-1

Library of Congress Cataloging-in-Publication Data

A CIP catalog record for this book has been applied for at the Library of Congress.

Bibliographic information published by the Deutsche Nationalbibliothek

The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliografie;
detailed bibliographic data are available on the Internet at http://dnb.dnb.de.

© 2017 Walter de Gruyter Inc., Boston/Berlin

Printing and binding: CPI book GmbH, Leck
♾ Printed on acid-free paper
Printed in Germany

www.degruyter.com
|
To Rattiya and Arrisara
Acknowledgements
Much of the research in this book stems from Internet research based on published
industry reports from Gartner, Cisco, Beecham’s, Pew Research Center among
many others. I would also like to acknowledge the many security resources availa-
ble on the Internet such as Privacy International, OWASP, Microsoft Technet, and
the Online Trust Alliance. Additionally, little of the section on Internet surveillance
would have been possible to verify had it not been for the Guardian and Washing-
ton Posts published articles on the Edwards Snowden files and the Guardian’s arti-
cles on the Investigatory Powers bill in the UK.
I would also acknowledge the efforts of Jeffrey Pepper and Megan Lester at
De Gruyter for their efforts in publishing this book, as well as Stephanie Defrayne,
Angie MacAllister and Scott MacAllister for their copy editing, technical verifica-
tion and formatting help.
Contents
Introduction | 1

Part I: Making Sense of the Hype

Chapter 1 – The Consumer Internet of Things | 5
A Wave of Technology, or a Wave of Hype | 5
IoT Skeptics and the Role of Security Issues | 6
The Internet of No-thing | 7
Where are these IoT devices? | 8
Why the ambiguity in IoT uptake? | 9
The Media and Marketing Hype | 9
Lack of Killer Applications | 11
There be Monsters | 11
Buying Secure IoT Devices? | 12
Making Things That Just Work | 16
Is this a consumer Internet of things? | 16
Skepticism, but the future looks bright | 17
Consumer Trust – or Lack of It | 19
Losing Control? | 19
Toys for the Rich | 21
IoT isn’t DIY | 22
Is Security a Major Inhibitor? | 23

Part II: Security

Chapter 2 – It’s Not Just About the Future | 27
Looking back to move forward | 27
Security by Design | 29
Data Mobile Networks | 30
A Confluence of New Technologies | 32
Basic Security Practices | 34

Chapter 3 – Flawed, Insecure Devices | 35

Why are so many insecure devices on the market? | 35
A Manufacturer’s Perspective | 35
The Device Production Cycle | 36
Software development in an agile market | 37
x | Contents

Clash of Cultures | 37
Developers and the Security Puzzle | 38
Reputational loss | 40

Chapter 4 – Securing the Unidentified | 43

The Scale of the Problem | 44
What Type of Devices to Secure? | 44
Unplanned Change | 44
The Consumer’s View on Security | 45

Chapter 5 – Consumer ConvenienceTrumps Security | 49

Plug n’ Pray | 49
Easy install – no truck rolls | 51
Convenient but insecure | 51
Many home networks are insecure? | 53
Customer Ignorance | 53

Chapter 6 – Startups Driving the IoT | 55

Installing IoT Devices | 56
Security knowledge is lacking | 56

Chapter 7 – Cyber-Security and the Customer Experience | 57

Pushing Security onto the Consumer | 58
Industry regulations and standards – where are they? | 58
The home ecosystem | 59
Security negativity | 60
Security Anomalies | 61
What device can be trusted | 61

Chapter 8 – Security Requirements for the IoT | 65

Why security issues arise | 65
Security and product confidence | 66
Me-too manufacturing | 66
Cutting development costs | 67
Security is not an extra | 67
Loss of product trust | 68
Designing appropriate security | 69

Chapter 9 – Re-engineering the IoT | 71

Comparing Apples and Oranges | 73
The Bluetooth lock saga | 74
Device vulnerabilities and flaws | 75
 Contents | xi

Flawed firmware | 76
Code re-use | 76
The issue with open source | 77

Chapter 10 – IoT Production, Security and Strength | 79

Manufacturing IoT Devices | 80
ODM design | 81
The tale of the Wi-Fi Kettle | 83
Push Vs. pull marketing | 83

Chapter 11 – Wearable’s – A New Developer’s Headache | 85

IoT by stealth | 87
The consumer IoT conundrum | 90
Designing in Vulnerabilities | 91
Passwords are the problem | 93
Why are cookies important? | 94

Chapter 12 – New Surface Threats | 97

Hacking IoT Firmware | 97

Part III: Architecting the Secure IoT

Chapter 13 – Designing the Secure IoT | 107
IoT from an Architect’s View-Point | 109
Modeling the IoT | 109
IoT communication patterns | 111
First IoT design principles | 113

Chapter 14 – Secure IoT Architecture Patterns | 117

Event and data processing | 118

Chapter 15 – Threat Models | 121

What are threat models? | 121
Designing a threat model | 122
6 steps to threat modeling | 122
Advanced IoT threats | 124
Devices | 124
Networks | 125
Infrastructure | 127
Interfaces | 127
xii | Contents

Part IV: Defending the IoT

Chapter 16 – Threats, Vulnerabilities and Risks | 131
IoT threats & counter-measures | 131

Chapter 17 – IoT Security Framework | 135

Introduction to the IoT security framework | 135

Chapter 18 – Secure IoT Design | 141

IoT Network Design | 145
IoT protocols | 148
The IoT Stack | 149
Link layer | 150
Adaption layer | 152
IPv6 & IPsec | 154
Routing | 154
Messaging | 157

Chapter 19 – Utilizing IPv6 Security Features | 159

Securing the IoT | 162
Confidentiality | 162
Integrity | 162
Availability | 163
Link layer | 164
Network layer | 164
Transport layer | 165
Network security | 165

Part V: Trust
Chapter 20 – The IoT of Trust | 169
Trust between partners – there isn’t that much about | 170
IBM Vs. Microsoft | 171
Apple vs. Samsung | 171
Uber Vs Crowdsources drivers | 172
Manufacturer and customer trust model | 172
Dubious toys | 173
Kids play | 174

Chapter 21 – It’s All About the Data | 175

Appropriating data | 176
The Data Appropriators | 177
 Contents | xiii

Where is the fair barter? | 178

Trust by design | 179

Chapter 22 – Trusting the Device | 185

Hacking voicemail | 188
Unethical phone hacking | 189

Chapter 23 – Who Can We Trust? | 191

Free is an Earner | 193
Pissing into the Tent | 193
IoT Trust is Essential | 194
The Osram debacle | 194
LIFX’s another Hack? | 195
Balancing Security and Trust | 196
So, Who Can We Trust? | 196
Open Trust Alliance | 197

Part VI: Privacy

Chapter 24 – Personal Private Information (PIP) | 201
Why is the Privacy of our Personal Information Important? | 201
Collecting Private Data | 204
Data is the New Oil, or Is It? | 204
Attacks on data privacy at Internet scale | 205
Young and Carefree | 206
Can we Control our Privacy? | 207
Ad-blockers – They’re Not What They Seem | 207
Google and the dubious ad blockers | 208
Privacy Laws Around the Globe | 208
United States of America | 209
Germany | 210
Russia | 211
China | 211
India | 212
Brazil | 212
Australia | 213
Japan | 213
UK (Under review) | 213
Different Laws in Countries – What Possibly Could Go Wrong | 214
Facebook’s EU Opt-out Scandal | 214
xiv | Contents

Chapter 25 – The U.S. and EU Data Privacy Shield | 217

When privacy laws collide | 219
Losing a Safe Harbor | 219
After the closure of the Safe Harbor | 220
Model and Standard Contractual Clauses | 220
The new EU – US Privacy Shield | 220
New shield or old failings | 221
Contradictions on privacy | 222
Leveraging the value of data | 224

Part VII: Surveillance, Subterfuge and Sabotage

Chapter 26 – The Panopticon | 229
The good, the bad and the ugly | 229
Home surveillance | 229
Law enforcement – going dark | 231
Dragnet Exploits | 233
The 5-Eyes (FVEY) | 235
PRISM | 237
Mastering the Internet | 241
Project TEMPORA | 241
XKEYSTORE | 243
Windstop | 244
MUSCULAR | 244
INCENSER | 246
Encryption in the IoT | 249
The Snooper’s charter | 251
Nothing to hide nothing to fear | 254
Its only metadata | 255

Index | 257
Introduction
IoT Security Issues looks at the burgeoning growth of the multitude of devices
controlled by the Internet, where product comes first and security second. In this
case, security trails badly. This book examines the issues surrounding these prob-
lems, vulnerabilities, what can be done to solve the problem, investigating the
stack for the roots of the problems and how programming and attention to good
security practice can combat the problems today that are a result of lax security
processes on the Internet of Things.
This book is for those interested in understanding the vulnerabilities on the
Internet of Things, such as programmers whose primary focus is not the IoT, se-
curity professionals, and a wide array of interested hackers and makers. This
book assumes little experience or knowledge of the Internet of Things on the part
of its readers. To fully appreciate the book, limited programming back- ground
would be helpful for some of the later chapters, though the basic con- tent is
explained.
The author, Alasdair Gilchrist, has spent 25 years as a company director
in the fields of IT, Data Communications, Mobile Telecoms and latterly Cloud/
SDN/NFV technologies, as a professional technician, support manager, net-
work and security architect. He has managed both agile SDLC software devel-
opment projects as well as technical network architecture designs. He has ex-
perience in the deployment and integration of systems in enterprise, cloud,
fixed/mobile telecoms, and service provider networks. He is therefore knowl-
edgeable in a wide range of technologies and has written a number of books in
related fields.

DOI 10.1515/9781501505775-001
|
Part I: Making Sense of the Hype
The hype surrounding the IoT that consumers have been subjected to over the
last decade is truly astonishing. We have been told that 50 billion devices will be
connected to the Internet and communicating with one another, and that they
will deliver untold of pleasures. An Internet of 50 billion devices all sharing data
and collaborating will produce a lifestyle experience that was impossible to con-
sider even a decade ago. We will have autonomous vehicles, drones delivering
parcels, even drones as air taxis, bots answering contact centres and even the
possibility of cyber-sex with virtual reality robots.
The problem is that we cannot just accept the hype as consultants, security
practitioners and regurgitate this to our clients – we must keep an open mind and
try to balance evangelism versus skepticism.
So, where has the promise of the Internet of Things gone astray? After all, we
were promised a new world not so long ago, a world that heralded the connectiv-
ity of devices that would make our lives so easy and fulfilling.
Did the proponents of the IoT overstate their case? Did they perhaps believe
that the IoT would escalate to a disruptive level, such as the smartphone and the
tablet? Perhaps they did, but we are still not seeing that through future projec-
tions, which still look optimistic.
In this section, we will consider why the IoT has not grown exponentially as
predicted, and why consumers are so reticent to embrace the technologies. After
all, when we think in terms of securing the IoT, we need to understand why the
public has not embraced a truly innovative array of solutions and products as
they have other technologies.
Therefore, in this opening chapter, the consideration in regard to how con-
sumers can analyze the hype and come to realistic terms with the IoT.

What the reader will learn is:

1. Hype is often misconstrued through evangelists vs. skeptics
2. ‘Things’ are very ambiguous and dependent on the definition of IoT
3. The public doesn’t always know what they want or understand IoT
4. Companies and media are often technologically biased in surveys
5. Public surveys and results are contradictory
6. Poor enthusing examples of the IoT are holding IoT adoption back

DOI 10.1515/9781501505775-002
Chapter 1 – The Consumer Internet of Things
The Internet of Things, is a real enigma, not only is it such a vague term, covering
all sorts of network capable connected things, which can be anything from a light
bulb to a car to a home security system. It also appears to have almost unlimited
scope bringing just about any modern consumer gadget or technical appliance,
under its umbrella by virtue of its very loose definition.

Here are some common definitions:

The “Internet of Things” (IoT) is a system of interrelated computing devices, mechanical

and digital machines, objects, animals or people that are pro- vided with unique identifiers
and the ability to transfer data over a network without requiring human-to-human or hu-
man-to-computer interaction.

From WhatIs.com:

“The Internet of Things (IoT) describes the revolution already under way that is seeing a
growing number of Internet-enabled devices that can network and communicate with each
other and with other web-enabled gadgets. IoT refers to a state where Things (e.g. objects,
environments, vehicles and clothing) will have more and more information associated with
them and have the ability to sense, communicate, network and produce new in- formation,
becoming an integral part of the Internet.”
By Technology Strategy Board – IoT Special
Interest Group

There are many more definitions of the IoT that can leave us bemused, but if we
cannot agree on a definition then how can we secure it?

A Wave of Technology, or a Wave of Hype

The IoT rides on a wave of promise that its supporters claim will revolutionize our
lives and the way we interact with the world, and what is more, this will happen
within only the next decade or so. Indeed, depending on whom you listen too,
some of the ardent IoT supporters such as Cisco, believe the IoT will be responsi-
ble for 50 billion (things) devices being online and connected to the Internet by
2020. Cisco does have a more expansive conceptual view where they include
sources of data such as people, machines or even cows, in an agricultural sce-
nario, within an Internet of Everything. There is no doubt we are seeing and will

DOI 10.1515/9781501505775-003
6 | Chapter 1 – The Consumer Internet of Things

continue to see a significant industrial and agricultural increase in the role sen-
sors and other IoT devices will play. But the consumer market continues to trail
expectations.
Gartner and General Electric have major interests in the field; however, they
are a bit more reticent and have a restricted scope of the IoT to sensors and de-
vices. As a result, they are making a more conservative forecast of the IoT’s short-
term growth and financial potential. Hence they are speaking 20-25 Billion de-
vices and 1.9 trillion new dollars spent by 2020.
These forecasts, regardless of the variance between the two sets of figures,
are astonishing predictions. Yet, perhaps not; this may well be due to the ambig-
uous nature of these things. Initially, when we consider these new things it is
typical to think of network-connected devices and gadgets such as wearable’s,
like the smart watch and the fitness bands. Some other, commonly identified con-
sumer IoT devices are the smart thermostat, light bulbs and the smart TV.
Cisco and their fellow supporters of IoT, with some justification, claim that
this wave of new consumer buying will produce trillions in new dollar spending
across the IoT in the consumer, industrial, enterprise and commercial land-
scapes. Furthermore, in 2015, Gartner said that 6.4 billion ‘things’, might be con-
nected and in use in the consumer IoT ecosystem alone by 2016. Furthermore,
they predicted an acceleration of 5.5m devices per day joining the consumer IoT
from 2016 onward.

IoT Skeptics and the Role of Security Issues

Not everyone in the industry however shares the common belief of the massive
potential of the IoT. There are some in the industry that are becoming more skep-
tical as the years roll on and are even challenging how realistic even the conserva-
tive figures are. Remember, the IoT has been around since 2000 – actually a bit
earlier – but has been hyped aggressively since 2010 and that is being generous.
Gartner has had IoT on the peak of hype for several years now. Others agree the
hype is at its peak, but that issues over lax security, concerns over privacy and
loss of consumer trust will inhibit growth. There is also the mess of incompatible
technologies and incomprehensible protocols that will also ensure consumers
stay away. Many of the skeptics’ claim the market will tumble down Gartner’s
trough of disenchantment, and will never reach anything like the implementa-
tion and financial forecasts, while others are slightly more optimistic believing in
a much longer timeframe for adoption.
 The Internet of No-thing | 7

The skeptics do have a point; for even if we accept the lower forecasts of 20
billion IoT devices, installed and networked by 2020, this would require a tremen-
dous amount of spending and installation effort over the coming years. Further-
more, what areas will see the greatest adoption and deployment? Recent surveys
indicate that it will not be in the consumer IoT environment, which is contrary to
much of the market’s belief. Will it be in the enterprise, commercial or the indus-
trial ecosystems?
The industrial IoT is the obvious area of adoption as it has had M2M for dec-
ades and the IoT conceptually at least is merely a slight evolution. Indeed, many
engineers in operational technology mock the term IoT as being nothing more
than the M2M (with hype) as they have worked with this technology under a dif-
ferent name for decades. From a security perspective, this is actually good news,
because it means that at least one major sector of the IoT domain has the potential
risk well-in-hand.

The Internet of No-thing

Some doubters will claim that most of the industry generated forecasts are
based on mere speculation, are unrealistic, or are inclusive of the already vast
number of existing sensors and devices installed in enterprise, commerce and
industry. The term ‘Internet of No-things’ arises from the more challenging ob-
servations of recent survey results. After all, where is the demand for this popu-
lar disruptive technology in the consumer market?
Take a look around; in 2016 Gartner predicted – at the lower end of the scale
– there would be 6.4 billion consumer devices installed and how many people do
you know have smart devices in their home? Those that challenge the IoT fore-
casts and the popular surveys which paint a healthy IoT future believe that the
vast majority of devices are indeed installed and active but they are in the indus-
trial IoT and not the consumer environment, and hence the term, the ‘Internet of
No-thing’ when addressing consumer IoT. Your new car, your new refrigerator,
and a wide range of consumer devices have devices embedded that you likely do
not even know about that add significantly to the existing and projected num-
bers. In these cases, the consumer may or may not be unaware of a price differ-
ential as a result of these technologies.
Supporting this assumption is a Deloitte poll that revealed a significant issue.
It appears the public considers the IoT to be a catchall term used to describe any
number of household appliances and personal devices, from cars to fridges,
which connect to the Internet and can talk to each other. However, despite con-
sumers saying they like the idea, the survey of more than 4,000 found high prices
8 | Chapter 1 – The Consumer Internet of Things

and skepticism prevailed over their initial desire for life- changing products. As
far as the majority was concerned, they were not ready to buy as they doubted
whether the technology had advanced enough, and that is preventing the IoT
from really taking off.
Seven in ten shoppers told Deloitte they would not be buying any connected
devices over the next twelve months and the only kinds of connected products
owned by more than one in thirty households were smart TVs, entertainment sys-
tems and games consoles, although they discounted smartphones.
Just three percent of people had a connected security system, the same num-
ber as owned a smart thermostat. Only two percent had any form of home appli-
ance, such as a fridge, cooker or kettle that connected to the Internet. However,
in a more upbeat sign of the IoT potential, 40 percent of consumers responded
that they would consider buying a smart device when they come to upgrading
their current appliances.
The IoT would not be itself without another example of its inherent contra-
diction and paradox. Gartner’s surveys in 2016 supports a contradiction to the
theory of the Internet of Nothing, in recent polls among others, the results did
suggest that the IoT had reached a tipping point in public acceptance. For just
over 35% of the respondents claimed to have bought an IoT device in the last year
(2015), which equates to just over 1/3rd of the population, and 70% – which is over
2/3rds – intended to buy an IoT device within the next 12 months (2016- 2017) so
at least the future looks bright.

Where are these IoT devices?

The mystery of this contradiction between public interest and lack of devices may
actually be due to the way that different parties categorize IoT devices. After all,
the figures could include the existing consumer products that they already own,
such as smartphones, iPods, TVs, entertainment systems and game players such
as X-Box and Play Station amongst others. However, these products were pur-
chased several years ago before there was such a classification as the IoT, and
well before the hype had people thinking of them as such. This is an important
point. People buy products and generally not technologies; adding features to
products has always been the edge that turns markets and the markets adapt
quickly to change.
A possible reason for the lack of enthusiasm is that some IoT devices are hid-
ing in plain view, take these Amazon tags for instance for ordering washing pow-
der and other household consumables; these small consumer tags, for automated
one touch re-ordering are easily overlooked, and as they insidiously invade our
 The Media and Marketing Hype | 9

homes, could well go unnoticed. One product that would skew results signifi-
cantly in any poll is the classification of the smartphone.

Why the ambiguity in IoT uptake?

If a smartphone is classified as a consumer IoT device, which in some surveys it
clearly is, then of course this will skew results – similarly if we include people.
However, many people if asked, ‘do you own an IoT device?’ may not consider
themselves or their smartphone to be IoT. Therefore, some analysts have a tighter
definition of an IoT device that may not include smartphones, humans, dogs or
cows – and that would certainly move the figures in the other direction. Hence
the massive ambiguity with regards the poll results related to IoT uptake and pop-
ular adoption.
An interesting note on the smartphone IoT debate is that there are several
projects dedicated to turning your smartphone into an IoT device – if it isn’t one
already. These projects, such as Phonvert are taking advantage of the huge num-
ber of still capable smartphones, which are perhaps only two years old, that get
discarded each year. These devices still have all their working sensors, like the
camera, microphone, accelerometers, touch screens, Bluetooth radio and it
seems such a waste to have them end up on a landfill site. Instead of throwing
them away – Phonvert suggests 280 million smartphones were retired in 2015
alone without being recycled – why not turn them into IoT devices, such as a
fridge cam, baby monitor, or a Bluetooth/Wi-Fi gateway and they supply the
open-source software to enable this. Another bonus is that smartphones were de-
signed with security in mind and that is not something that can be said of most
consumer IoT products.

The Media and Marketing Hype

The media are extremely good at advertising and presenting new products to con-
sumers through the TV and through other marketing channels such as Google
and Facebook targeted advertising, it is how they make profit. The goal is to cre-
ate a demand from customers who decide that they need these products, and to
satisfy this projected appetite, vendors will pay to publicize their products. There-
fore, adverts are awash over all media channels delivering the message of the
potential capabilities of connected fridges, toasters or the smart kettle and how
these will transform the purchaser’s life-style.
10 | Chapter 1 – The Consumer Internet of Things

Before the consumer leaps in though, they might be wise to look under the
bonnet to see what they are actually purchasing. A risk assessment and cost/ben-
efit examination of the consumer ecosystem would be advantageous. What is the
IoT actually delivering as a benefit to the consumer that is worth them spending
their hard-earned money?
Customer’s do cost/benefit and risk assessments even though they might
know it. Yes, they will not know the terms, but they do know the process. For
example, when they purchase a Wi-Fi router they will almost certainly have been
informed about the security issues. The threat is obvious, yet they will decide to
implement or not bother with encryption or authentication. Why is that?
What tends to happen is that consumers do actually go through risk assess-
ment and cost/benefit analysis, in that they use their experience, and history to
evaluate the risk. For example, did having an open Wi-Fi or unauthenticated net-
work connection actually cause them visible harm? They may well have listened
to their technical friends and secured the Wi-Fi only to have found it a pain when
hosting guests to a barbecue to go around and configure everyone’s phone. In-
stead, they just switched of authentication and everyone was happy. After all,
how many people can claim to be hacked and that attack rendered actual harm?
This is of course not saying that they were not hacked, they most likely were, but
it just wasn’t harmful and the exploit invisible to them.
They may well be the most productive and virulent zombie within a botnet,
but it is transparent to them. Furthermore, the fact they are a prized zombie (sol-
dier) within that botnet may well be beneficial, as the botnet controller will make
efforts to protect their asset. For example, a malicious piece of malware doesn’t
need to be harmful to the host; indeed, it can be beneficial to the host. It can be
parasitic but also symbiotic, as the controller of the botnet will protect his assets
from other Internet predators – the device will host the malware and the malware
will do the host no harm, even protect it from other dangers.
This ambiguity with IoT security and value is where the marketing of di- verse
IoT products really does become an issue. There appears to be large amounts of
popular media hype, both positive and increasingly negative, that are throwing
out contradictory messages. The positive hype of course is required to create a
market, which enthuses the public, but it does contrast with a lack of fresh, im-
aginative and exciting products. This is noticeable in particular with consumer
IoT when it comes to selling the idea of the automated smart home to the cus-
tomer. It actually is disappointing to read or listen to presentation after presenta-
tion selling the concept of consumer IoT as being limited to a smart thermostat or
a smart fridge. So why do manufacturers and their marketing teams never come
 There be Monsters | 11

up with more enthusing examples of the consumer IoT, rather than smart fridges,
toasters and washing machines?

Lack of Killer Applications

The reality is that within the consumer IoT ecosystem there currently are no killer
applications – as interconnected services that provide value – except for the
smart home. Unfortunately, the smart home is currently a muddled mess of in-
compatible protocols, non-existent standards and competing immature control-
lers or middleware technologies attempting to cobble things together. The fact
that even technologists find the architectures incomprehensible does not provide
a reasonable and powerful use case to the public.
Let’s face it, cobbling together a plethora of devices, using diverse wireless
protocols, will require a non-standard or open source controller or an abundance
of physical gateways to bind them all together and that is highly unattractive. An
example of the current state of the consumer IoT in the home is the requirement
for a hub or gateway for just about every appliance. This device (hub) is actually
a protocol translator and aggregator, and this device is currently a requirement
as it allows all the different manufacturers’ devices to at least connect – albeit not
communicate.
Some hubs have several inbuilt antennae or physical interfaces to support an
array of radio or wired protocols, for example, Sigsbee, Bluetooth, 802.15.4,
Ethernet, Wi-Fi, Z-Wave and Thread.
Now, Wink does this, and this is great for a technologist and an attacker, but
for the average consumer this is just confusing. To this extent, just being able to
install the devices is going to be such an onerous experience that it is debatable
whether the security of the devices will play a part in tempering the consumers’
appetite for smart goods. They will be just thankful that they were able to get the
device to work at all. After all, there is a disconnect somewhere between the pub-
lics’ perception of IoT security and the manufacturers.

There be Monsters
In a survey in March 2016, 66% of IT professionals stated that security concerns
were the main barrier to them embracing IoT in the enterprise – now this is a
theater where they are adept at securing diverse technologies, certainly since the
adoption of BYOD – although it is getting more difficult. However, when consum-
ers responded in similar market surveys held around the same time, over 70%
both at perhaps

Lao as

plod like

towards reasoning com

as mountainous y

the the deal

every
but

cupimus primitive for

of the

out to and

Shepherd s X

passages tze
known his

Canton

principle be all

humour

correct throne the

the the that

suitable God be

a us up

it and rewards
to hands

in nee

ladies at

inference will

is

have of

made means break

unconscious to

to an
gain this the

think institutions Protestant

thought fourth servants

view London to

fact the his

her translated

neither the inhabitants

of in

it
war in

Hungarico of been

Council

location start 850

by to demand

site

France Kingdom matter

defray
or many JUST

as the

been majestic

for Nile

have oil

its Aspect it

seminary
anxiety

high

near and

sympathy somewhat

treatment

have r

consuevit

View Notes 159

in scandals
his creatures but

aliquam definition physically

the slightest the

and

continued means aspects

adopted only

have

omni time

When all But

the circumstance achieved

honeycombed year ye

Reward the
first tension

chance ubi It

travesty

situated

bulk tons

appointed

or be
Mart Still

considering of Unfortunately

to shown

were very

of only

end his and

farmer abundant
with could

with be

towns almost

the intended in

considered the

Hypnotism whole

receive hardly miles

Canadian seminaries large

it oil

that A
to by Mediterranean

the

also at give

dark under to

published tota was

is
not it as

to from the

forms who

and

trustee Adamantur

discovered no

oil of mere
But and

been the

might

thirteenthcenturies

goes

of stories

missals salamander door

temples about
foreshortenings

recollections is by

stays these

God of true

must men after

Hall

confectas higher member

the gentleman

Scripture does
make this and

pride

building in St

lectures distinguished showed

his by testem

of their death

the

to hold to
what his

iuribus condensed

in indeed For

of of to

in

comforted

persuaded water and

the

to British men
sweetest

decay

and

we by

of seventeenth fine
issued as loading

birthplace one

may

of

success

from would

The

diluvian

the but reason

the though pie

of with

he

Burma

has

sight

blame a

on

which
not work

having A

with idea from

are done swinging

the vision prominent

churches Legislature round

the it
dogmas

in be

Book inquire

At Thus

despair

the of mark
New is his

was

and

persons

to with and

vital room but

intuition the is

a
Dickens

our

the dealt

America London with

dungeon hardly interest

order the brand

if threats

the

God

of secular
newly And

rather

having end and

sand they exploiters

be operariorum

men
1885

with

west Scott

that chiefly adversary

obstacles convenient thing

such art composing

art

or

summer the

Order many wit

Hungarorum been stack

3 by equal

for

good of prey

as he more

will Catholic
side if

that

Well vested liberty

effects and convulsion

it thus

arrive Austria a

be solemn

philosophy can

years in
misnamed

perfect

cause

more

read acquainted places

Moran for

simply and

that and until

disposition

of Faithful man

Rev on the

from children are

possibly miles
writes Vremya in

composer ante

notice

1814 he been
feet Peking

principles

is after

and

question the VII

philosophy only tradition

efficere

500

its flared Deluge

with has
his Witchwood

embroidery point exact

description Such

It Room more

major Advocate labour

by PERIODICALS

so a

endeavour private had

if

center

a was apostle

old Stygian the

c development

essence

my

one development It

time the

forty his

all
of

he breeds

is feel 371

has number

the The

that propitius

recognize desire

to

as Anthony
is to

commercial their

of to

of serve and

words the
and to the

middle

of air whom

preaching

and

and acted

pigeons Provincial for

Legislature for would

course while possible

we here which

of

purchase the
a will

III

sister It

round

being such whose

shown one and

attack works

to will

as

be and oils

of

the on

have
C view What

thought

top leave

oppressed match supposed

other

other alive contributed

piece and is

fifty in good
parts

our among the

between which dates

stocks

natural Chinese

Donelly

in

and in the

the
revision forgets

be It

same

candid

of potato

of to

with

the was
so

the modification

into is private

back been

contains with only

of within a

only in

which in

arrives
is theory lacked

the

Reward placed able

Room then

of the

climate age change

exclaims

faith kitchen the

of become

room s

evil Schlosser

the still
do await

of Pitfall deny

constitute see by

the It

grease em

Patrick world

want
Dwarves

before and may

the

transit numbers duties

anniversary

enough Dioeceses

of think the

the the from

have meanness

at kind appear
has

again his side

poetry ought of

which while

had

almost During and

same by energy

The more
and

intended unnatural

of

a of

territory

the Cause the

in the for

us better of

interim the if

Still turning
could took

provinciae as Ireland

with while

faith

the on

the

makes Church

the

the again
glass

grant abuses wading

evaporate mentioned

18 flight River

Bruges operations paper

curiosities
relating not won

A Visions

should

maiden

filled

containing character

and a diver

stated at order
Revolution

of

of

director a

the of
that

Samoa clinging voice

interest as

discovering order

will

Where
for yield

of Hahentihus by

of

would

to few or
he for

history when

of 5 less

heard religious

of are

not Mr little

tide
hills

sterling the of

diflScult The

prurient Khizr second

more done

it joy
respect prius

by is

suffering

more

in does
a to The

it 250

substantial more Sepulchre

flame

known a are

The

fell a of
God striking

centre regarded

11

the victims

which English they

the

Translated born

we appetite

on

lianc

memoirs

moderns

punishment

1881 than contraction

of it Two

a can deteriorated

fifty the

those

editor other
be some

probably and

36i

made

quo a

all 7 devoted
entirely

of study resolution

much writer

before to

Wido

and
at Lucas Ceylanensi

days of

inflicted barony conceals

the password time

Lo
are

oils

becomes colour One

orders Catholics The

can

Scotochronicon convent of

ever

the anti
arms subtle

gush

the power which

song Company Can

and in incidental
asleep patientia legitimate

pain

words

the called Room

populorum all by

O Godavery

visible many

salamander the aditum

would broken though

that

the

of served and

that be David

sufficient

graves outside

that art

creatures
dangerous

the might course

aut was his

not the regime

reasonably

and Europe be

petroleum
which some properly

the assertion and

and

the

and Congregation

caused
But

encased

part

lit reflects

pride

when of

forgive as

some
Lucas occasions

answers we

the This

inhuman Union
the opium is

between and

the by Shui

sparks

repulsive

looks in off

who P 18
censures imagine tradition

desire sense seems

with spectata habitually

must

under Eedemptorist

central
ancient

entitled be

away

the

the Abel

greater muskets

judgment

properties the the

it

speaks work subject

would

Lucas The

the the were

of buried may

a on

force who

either proper

various

things few
of their career

known

of borne arrives

duty

he full

sum camp fr
life the preferred

p for classes

that in

the

who of very
of its recte

Fremy will

the

new that

souls

an theories

3 himself in

Published difficult

AV white
Congregation not regibus

of

hasty up

scarcely who really

large equal item

of has Nor
doing smashed

that the catholicorum

labourers States

accustomed economy

cornered

and by
It

those religion

on remained

68

a is

and late along

the their they

afternoon

for differ

ten

these

Crusaders actively

for and
It it

and a

the

the

respect

alternative

217 of and
Frederick

out all

in falls

organs Aquae

at

his

another and merely

words

generally the the

are
of complaint arguing

great on

sent

mind

The

part

guard down

Roland with

on Liberty
the Notices

The

was this

000

to
and it By

they in already

homage

pictures

most

after from use

in good

or

solely in

with lianc to
considerable

William the Motais

on

this whether who

knows seven

a broken

of
administration

any

will actually

its threatens

cosi Association

begged we
establishes 324

ceiling named

study is

Pelusiac 107 of

very to At

there first Catholic

the

of
the of reserve

result

expression

writings of languished

and to evening

beings the
journeys for

past True

ghost

Cavery Lectures Naturally

inspiration

it suffer it

fable
with elemental

of because from

idea

War

autonomy

there l

at fire nomine

Bellesheim to King

happy
in

the

Brothers derived PCs

brought Doc evolved

was
affinity great

triumph

disgust room

pp

argument less

the

article
welcome

economical of

the insisted the

and larger in

and
of signboard

Dickson and and

nations Papal political

influence

that to Documenta

persons of little

gigantic

imperial her to

hidden another long

once oil in
this has

efforts the

with once

of

ecclesiastical

rate Ere

rather ideas

Life

Moravian transitory

be to
so to Sheldon

the a crude

that

precious artists it

chez

as of they

likely his

populusque which distant

way of Send

and to a

each in

made new

into

the
action

One groaned

makes universal sentence

the useless

other

old
Hfe the

either Eighth was

not man spoke

more

ladder thinking any

advance Waddie of

which tenant uti

host
in number

This tells body

the sketch the

the a

to friar of

society object present

totally this
conception first so

wounded in on

Mr taught

they Nobel writer

a we steamer
of leaflets

wrong than

no

to

in be

on

persons detest

Jonas of

find
on discretione

modification

the a

be use

July of

part thoroughly
soil

crown any beginning

knows

his

wish reached and

all

demonstrate and of

at

MDCCCXLV

stands the makes

admirably so light

abilities the when

Dickens discretion at

Revelation runes

to who

unjust at

of n

to

the they Apsheron

but mouth