Security is a big issue when it comes to the internet of things. This isn’t privacy, which is a different but related topic, but merely securing the devices and data they generate so malicious people can’t steal it, see it or otherwise use it for nefarious purposes. Right now, it’s something many people are talking about, but something few people are trying to solve.
That may be partly because, as this New York Times story notes, software and internet companies are more concerned with getting users and revenue than security, but when it comes to connected devices there’s another layer of challenges. Devices have to connect to the web, but they also are incredibly person, either part of the user’s home or on their person at all times. This gives them a lot of “knowledge” that if shared can lead to an actual loss of personal safety or belongings.
There’s a lot of attention paid to this idea of designing a product for security, but not a lot about what that should mean. A story Monday on MIT’s Technology Review shared a project that Intel is working on, called Reliance Point, that lets companies build a secure lockbox for sharing data. The lockbox concept is a poor one however. It sounds more like a secure Russian nesting doll, starting with a secure chip and then heading up the stack with the software checking for security at the layer underneath each time before authenticating and booting up.