https://crazypigeon.net/tags/iot/ Recent content in Iot on Flying Upside Down Hugo en Tue, 19 Sep 2017 04:23:46 +0000 https://crazypigeon.net/2017/09/19/antipatterns-in-iot-security/ Tue, 19 Sep 2017 04:23:46 +0000 https://crazypigeonblog.wordpress.com/?p=24 <p>Lots of interesting talk about the fundamentals of a secure system and it&rsquo;s applications to computers.</p> <p>Quote I liked (empahasis mine):</p> <blockquote> <p>The most basic security antipattern is to &ldquo;do nothing&rdquo;. That means accepting any and all risk, though. Another is to &ldquo;do it yourself&rdquo;; that leads to thinking the system is secure because of custom elements, such as non-peer-reviewed cryptography algorithms or implementations and security through obscurity. &ldquo;Hand-rolled&rdquo; security systems have not fared well over the years—developers have learned that implementing stream ciphers, for example, should not be tackled in-house. But there is still a fair amount of security by obscurity, such as &ldquo;super unguessable URLs&rdquo;. <strong>If a product becomes successful, which is what you want, the unguessable will become all-too-guessable.</strong></p>