<div dir="ltr">"<span style="font-size:12.800000190734863px">securely sending messages to the web" -> "Sending telemetry data to my cloud-based data processing pipeline". </span><div><span style="font-size:12.800000190734863px"><br></span><div><span style="font-size:12.800000190734863px">Both MQTT (over TLS) and HTTPS are both used heavily for sending data upstream. </span><span style="font-size:12.800000190734863px">Some companies in this space are thinking about security, others... less so. </span></div><div><span style="font-size:12.800000190734863px"><br></span></div><div><span style="font-size:12.800000190734863px">In general, the cloud providers for MQTT (Google Cloud IoT Core, AWS Cloud IoT, etc) are taking it very seriously. The device platform suppliers are starting to come around to the notion that having private keys in the hardware is a ReallyGoodThing(tm). Companies like Maxim are making hardware keys for making it easier to build devices that can do stronger authentication to the cloud systems that they talk to: </span><a href="http://www.microchip.com/design-centers/security-ics/cryptoauthentication/cloud-authentication/google-iot-core-atecc608a">http://www.microchip.com/design-centers/security-ics/cryptoauthentication/cloud-authentication/google-iot-core-atecc608a</a></div><div><br></div><div>My own view, having been around industrial automation, building controls, and interactive home security for >20 years is that the residential market is a small slice of IoT. Industrial and commercial uses are much, much larger (and have a longer history, it just hasn't been called IoT).</div><div><br></div><div>(off soapbox)</div><div><br></div><div><br></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Feb 15, 2018 at 7:41 AM, <span dir="ltr"><<a href="mailto:valdis.kletnieks@vt.edu" target="_blank">valdis.kletnieks@vt.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Thu, 15 Feb 2018 14:52:49 +0100, Toke Høiland-Jørgensen said:<br>
<br>
> How else would you make sure your toothbrush phoned home to the<br>
> mothership?<br>
><br>
> <a href="https://gizmodo.com/the-house-that-spied-on-me-1822429852" rel="noreferrer" target="_blank">https://gizmodo.com/the-house-<wbr>that-spied-on-me-1822429852</a><br>
<br>
</span>Unless the mothership is the RPi3 sitting under my TV, I probably don't *want* it phoning home.<br>
<br>
And yes, I'm willing to pay extra for a toothbrush or light bulb or Roomba that<br>
can't be monetized because it only talks to a mothership that I control.<br>
<br>
<br>______________________________<wbr>_________________<br>
Cerowrt-devel mailing list<br>
<a href="mailto:Cerowrt-devel@lists.bufferbloat.net">Cerowrt-devel@lists.<wbr>bufferbloat.net</a><br>
<a href="https://lists.bufferbloat.net/listinfo/cerowrt-devel" rel="noreferrer" target="_blank">https://lists.bufferbloat.net/<wbr>listinfo/cerowrt-devel</a><br>
<br></blockquote></div><br></div>