, 11 tweets, 2 min read Read on Twitter
Among the many reasons IoT security isn't important is because your threat model is messed up. You are thinking in terms of Mirai-style worms, but that's because you haven't paid attention to the technical details.
"But Rob, 10 billion new IoT devices will be attached to the Internet in the next couple years, the Mirai-type threat is real!!"

Um, IPv4 has only 4-billion possible addresses.
IoT devices are overwhelmingly being put behind NATs or random IPv6 addresses, which means a Mirai-style worm can't infected them.
Mirai infected Telnet services, exposed port tcp/23. The number of exposed tcp/23 on the Internet is trending downwards, not upwards, as billions of IoT devices are attached to the Internet.
This is generally the case for all ports: those that are trending upward are associated with Internet services, not IoT devices. Billions of IoT devices have been added to the Internet since Mirai AND I CAN'T SEE THEM WITH MASSCAN.
In government policy circles, "DDoS" has been synonymous with "IoT" since Mirai. Fun fact: we've had many worse DDoS attacks since Mirai's, and none of them were based on IoT.
In government policy circles, "Botnet" has been synonymous with "IoT" since Mirai. Fun fact: infected Windows machines comprising botnets are orders of magnitude larger than infected IoT. "Botnets" are still a Windows problem, not IoT.
Yes, it's true that in the IoT product space there's batshit crazy insecurity going on.
Yes, it's true billions of these things are being added to the Internet.
But the conclusion isn't there's some massive looming security problem.
The solution policy makers most want is "auto-update" on IoT devices, so vulns can be patched quickly. This is because policy makers don't pay attention. It means a hacker can compromise a vendor and push out a botnet autoupdate.
The most costly hacker attack ever is the NotPetya worm. It was launched as an autoupdate from a compromised vendor. Mirai was around 200,000 infected machines. Even a small vendor can have millions of customers.
So what you are doing is trying to solve lots of low-grade problems with a smaller number of really huge problems. Low grade Mirai-style infects are much preferable to one big NotPetya infection.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Robᵇᵉᵗᵒ Graham
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!