Malicious Devices on Hostile Networks at Home

Presented at THOTCON 0xA (2019), May 4, 2019, noon (25 minutes).

5G mobile technology has begun rolling out in the US, and will soon blanket large swaths of the country and world. I anticipate that the coming generations of wireless technology will be built with the expectation of connecting to 5G networks in addition to or instead of home WiFi connections. As IoT needs relatively little data, the cost of the 5G connection can be built in to the initial purchase cost, a method that has already proved with Amazon's e-ink Kindle line. The IoT space as a whole has had a large amount of compromises due to an array of issues including a lack of initial security design, a lack of updates, and usage of default credentials. The most notable of these was the Mirai botnet that comprised approximately 600,000 devices. Adding these devices to our homes with an Internet connection out of control of the owner will be potentially catastrophic, especially with the increase in IoT in physical security such as motion detectors, door locks, and carbon monoxide detectors. In this talk, I will cover how using Zero Trust principles (as exemplified in Google's BeyondCorp) in the architecture of IoT devices will allow both IoT device designers and consumers to realize most, if not all, of the advantages that 5G will bring to IoT, while avoiding the large scale compromises we have seen with the first generations of these devices.


Presenters:

  • Eldridge Alexander
    Eldridge is currently a manager of Duo Labs, and is a security and consumer technology enthusiast, with a focus on IoT and home automation.

Similar Presentations: