| Walt Mankowski via plug on 28 Nov 2020 19:21:50 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] IoT Unravelled: parts 1 to 5 |
On Sat, Nov 28, 2020 at 05:26:13PM -0500, Rich Freeman via plug wrote: > On Sat, Nov 28, 2020 at 3:45 PM Chad Waters via plug > <plug@lists.phillylinux.org> wrote: > > > > Related: This bill recently passed the house and senate and is awaiting a presidential signature. Compells NIST to formulate security standards for IoT devices. > > > > https://www.govtrack.us/congress/bills/116/hr1668 > > > > Didn't read the gory details, but how likely do you think that NIST > comes up with standards like this: > > * Encouraging open-source > * Mandatory security updates for 10 years > * Safeguards to only allow user-authorized firmware changes > > vs: > > * Can only run vendor-signed firmware > * Remote access by NSA in case they need to rapidly deploy a security hotfix > * Blocks access to hacking tools like ssh, linux, etc. > > I'd love to see security for IoT stuff, but it just seems like this is > the sort of thing the government often gets wrong. Who knows in this case, but NIST has a pretty good track record in standards development in general. I just spent a few minutes poking around on their website to see what this was all about. If anyone is interested in the gory details, they've got a video and lots of info on cybersecurity and IoT at https://www.nist.gov/video/what-internet-things-iot-and-how-can-we-secure-it And remember, the great thing about standards is that there are so many of them! Walt
Attachment:
signature.asc
Description: PGP signature
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug