From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk0-x22e.google.com (mail-qk0-x22e.google.com [IPv6:2607:f8b0:400d:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id A120D3B29E for ; Thu, 15 Feb 2018 11:03:55 -0500 (EST) Received: by mail-qk0-x22e.google.com with SMTP id f25so156584qkm.0 for ; Thu, 15 Feb 2018 08:03:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=dPn5QgCiuplGF7wa+EyjjE5pTW/p7ddKLIV9mN11CKw=; b=tZgw+AJvdUClCU/+PDdjG7w9g5ztYy3W6SndPdz/yCWXx49S7kU6NuNhgM4XoRYn5I qkq2rksVCM9/V2lcmtRxyP4w0ivG0Jm4AP7hSM1710huGXPUUp3Rrj8xPLVyKIKybR9j U8XZVLtZjkiT3R31MzRh8tCtV0xWrFSZ0TjuchDTQuBCsXstKherupvBsCYDkG8Fi51S AmuUmcon28jKZzrHBaoIQHTcz46ISBqfIDQMKT7FjHz2Tz+vnVwcxzPZ0BuQOZ/NIwYK CjrHRYIaiZI8Cjz6DmeQxmcqF3gznI27CSHrbNT1oz31opmzTH0MceL1IlbwJxvHLzlM hwqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=dPn5QgCiuplGF7wa+EyjjE5pTW/p7ddKLIV9mN11CKw=; b=sY4Fjm5w4CR3xAJdOWmdLga7jYe43ZPQ9gyAIcfy3vbSc1Z32Ahoe6JtO307wjYJA/ OaKja2KkrawK7d8yYOB6KECo+PGm66LZdw5tVW9UuDP2a39fGPQYX8VdlUeWtKOYvGVO VxOABxNVZ/a1MEFwENpNQ11m5c5G8w5eQcAE6VZz1s6CMy369uzeELt6gUgeTH1/XcvJ orUGcbKIkI0r/QlbK/uzvfCfcvhsX/aaOdOTlHb67yG/BqIwOGa1NsNk4mB0nN42bIvx oq31vTflsKbzmqZFaQuVNw/I5sQsQb+gR4e0UnXmoP/NTLvMZeotyPvdAeGr3uL/tzgF fV1w== X-Gm-Message-State: APf1xPA25oUIpsPyl4VA0NcqOxf+y53fF1R0HcmZsVU6xW9WjYf82wSE SO+8a4XyhIBmhvJAk4CcjdhjxzE9/DrpfqaOOgk= X-Google-Smtp-Source: AH8x224u22iphAoe/Yzbz/VW1qjJ3lWvnoPcoQC45Xg2Z6B8HbTLxGAVBu/68GlTIBSv06XAgGB0lXgsXGQ/WKGNads= X-Received: by 10.55.8.145 with SMTP id 139mr4856322qki.83.1518710635030; Thu, 15 Feb 2018 08:03:55 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.147.47 with HTTP; Thu, 15 Feb 2018 08:03:53 -0800 (PST) In-Reply-To: <16135.1518709300@turing-police.cc.vt.edu> References: <1518702402.737522502@mobile.rackspace.com> <87fu628imm.fsf@toke.dk> <16135.1518709300@turing-police.cc.vt.edu> From: Aaron Wood Date: Thu, 15 Feb 2018 08:03:53 -0800 Message-ID: To: Valdis Kletnieks Cc: =?UTF-8?B?VG9rZSBIw7hpbGFuZC1Kw7hyZ2Vuc2Vu?= , Jonathan Morton , cerowrt-devel Content-Type: multipart/alternative; boundary="001a114d7776eaf3430565425f2b" Subject: Re: [Cerowrt-devel] anyone fiddlng with these? X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Feb 2018 16:03:55 -0000 --001a114d7776eaf3430565425f2b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable "securely sending messages to the web" -> "Sending telemetry data to my cloud-based data processing pipeline". Both MQTT (over TLS) and HTTPS are both used heavily for sending data upstream. Some companies in this space are thinking about security, others... less so. In general, the cloud providers for MQTT (Google Cloud IoT Core, AWS Cloud IoT, etc) are taking it very seriously. The device platform suppliers are starting to come around to the notion that having private keys in the hardware is a ReallyGoodThing(tm). Companies like Maxim are making hardware keys for making it easier to build devices that can do stronger authentication to the cloud systems that they talk to: http://www.microchip.com/design-centers/security-ics/cryptoauthentication/c= loud-authentication/google-iot-core-atecc608a My own view, having been around industrial automation, building controls, and interactive home security for >20 years is that the residential market is a small slice of IoT. Industrial and commercial uses are much, much larger (and have a longer history, it just hasn't been called IoT). (off soapbox) On Thu, Feb 15, 2018 at 7:41 AM, wrote: > On Thu, 15 Feb 2018 14:52:49 +0100, Toke H=C3=B8iland-J=C3=B8rgensen said= : > > > How else would you make sure your toothbrush phoned home to the > > mothership? > > > > https://gizmodo.com/the-house-that-spied-on-me-1822429852 > > Unless the mothership is the RPi3 sitting under my TV, I probably don't > *want* it phoning home. > > And yes, I'm willing to pay extra for a toothbrush or light bulb or Roomb= a > that > can't be monetized because it only talks to a mothership that I control. > > > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel > > --001a114d7776eaf3430565425f2b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
"secur= ely sending messages to the web" -> "Sending telemetry data to= my cloud-based data processing pipeline". =C2=A0

Both MQTT (over TLS) and HTTPS are both used heav= ily for sending data upstream. =C2=A0Some companies in this space are thinking about security, o= thers... less so. =C2=A0

In general, the cloud providers for MQTT (Google Cloud IoT Core, AW= S Cloud IoT, etc) are taking it very seriously.=C2=A0 The device platform s= uppliers are starting to come around to the notion that having private keys= in the hardware is a ReallyGoodThing(tm).=C2=A0 Companies like Maxim are m= aking hardware keys for making it easier to build devices that can do stron= ger authentication to the cloud systems that they talk to: =C2=A0http://www.microchip= .com/design-centers/security-ics/cryptoauthentication/cloud-authentication/= google-iot-core-atecc608a

My own view, having = been around industrial automation, building controls, and interactive home = security for >20 years is that the residential market is a small slice o= f IoT.=C2=A0 Industrial and commercial uses are much, much larger (and have= a longer history, it just hasn't been called IoT).

(off soapbox)



On Thu, Feb 15, 2018 at 7= :41 AM, <valdis.kletnieks@vt.edu> wrote:
On Thu, 15 Feb 2018 14:52:49 +0100, = Toke H=C3=B8iland-J=C3=B8rgensen said:

> How else would you make sure your toothbrush phoned home to the
> mothership?
>
> https://gizmodo.com/the-house-tha= t-spied-on-me-1822429852

Unless the mothership is the RPi3 sitting under my TV, I probably do= n't *want* it phoning home.

And yes, I'm willing to pay extra for a toothbrush or light bulb or Roo= mba that
can't be monetized because it only talks to a mothership that I control= .


_______________________________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.= bufferbloat.net
https://lists.bufferbloat.net/listinfo/cero= wrt-devel


--001a114d7776eaf3430565425f2b--