Security in the Internet of Silly Things

Last month, I had a great time chatting with UK-based penetration tester Ken Munro.  We’ve all been hearing about the Internet of Things, but very little about the security aspects. Ken, through his firm Pen Test Partners, specializes in testing consumer gadgets, such as internet connected door bells, coffee pots, and other household appliances.

The IoT has started to enter domestic life, but unfortunately it brings with it all the security problems of the enterprise world. Of course, if you’re willing (and crazy enough) to buy an Internet connected espresso maker, you take on the responsibilities of becoming your own sys admin — changing default passwords, updating patches, etc.

Is it worth it? Even Ken thinks some of these gadgets are a bit too gadgety and not worth the trouble. There are more legitimate and useful devices, such as consumer-grade IP cameras, that can be used by businesses as well, but which have serious security holes.

You can read the transcript of my interview here.

Or listen to the podcasts below.