Can computers be taught common-sense security?

by Andy Oram
August 19, 2015

This article originally appeared on the International Manufacturing Technology Show site.

Why is my Ford accepting a software update from Belarus?

That question represents the kind of security that the smart devices have to learn. It’s the kind of street smarts that causes you to reject a person who drives up in a van and offers you a great deal on stereo equipment. You don’t need to run a big data, Bayesian check on the likelihood that the equipment is stolen or damaged. Your gut tells you to say no.

This kind of common sense is missing from today’s automobiles and other Internet-enhanced devices. The results hit the public mind after a dramatic WIRED story of a hacked automobile network. Even before the story appeared, Senate committees were looking at the problem.

We might not be able to build into smart devices the enormous data analytic capabilities of the credit card companies, who regularly sniff out stolen numbers and halt theft. But we can build in elementary safeguards against an American vehicle accepting instructions from Eastern Europe.

Admittedly, the Internet makes things easy for attackers. For instance, a packet from Belarus could forge the source address to make it look like it’s from a factory in Detroit. (Only the telecom company, by tracing packets, could tell for sure where they come from.) So we need digital certificates and encryption keys, used carefully so that an attacker can’t pluck keys in transit and reuse them.

Many updates should use physical proximity for security. It’s reasonable to ask a driver to come to the dealer for an update, or for a patient to bring a medical device to the doctor’s office. When parts of a machine send commands back and forth over an internal network, it may be best to disconnect it from the Internet, like networks at military sites and other sensitive locations.

Other street smarts that computers can learn are to accept updates only at particular scheduled times, and to check how often requests are coming in. A request to turn on a heating system should not arrive when everybody is out of town, nor should it be arriving one hundred times a second (which attackers might do to try out different passwords).

Clever attackers can bypass these safeguards, of course. They may get insider information as to when the scheduled update should arrive, or figure out how many packets a day is "too many" and send one fewer. But the limits put hurdles in the attackers’ way. Rate limiting (when the device recognizes that too many packets are coming in) may help squelch denial-of-service attacks that aim to drain a device’s battery.

The Internet of Things also needs to learn standard computer security, which is ignored all too often throughout the computer industry. Readers with some technical programming background will enjoy exploring the risks in a new book from O’Reilly Media provocatively titled Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts.

Security is a fundamental aspect of privacy protection in a networked age. The damage that breaches cause to innocent people has been demonstrated by break-ins at organizations as diverse as Anthem, Inc., the second-largest health insurance company in the U.S. (and soon to be the largest), and federal government’s highly sensitive Office of Personnel Management. That’s why privacy is on the schedule of O’Reilly’s upcoming Solid conference in Amsterdam.

It’s tempting to tie everything together (the machines in your home, medical devices in hospitals) but there should be limits. Usually you should keep a human in the loop. The user may be considered legally liable in any case.

Finally, be friendly to researchers! If they hack into your systems and tell you about flaws, they are protecting you.

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Author’s home page
Other articles in chronological order
Index to other articles