Iot

Recently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul’s Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul’s show concerning reference code for the popular ESP32 microcontroller. Episode Links Paul Eclypsium Below the surface podcast RVAsec This episode is also available as a podcast, search for “Open Source Security” on your favorite podcast player. ...

Josh and Kurt talk about a Home Depot plan to put DRM on power tools. Anyone can add a computer to anything for a few dollars now. How secure is any of this. What does it mean when the things we buy start to acquire DRM? There are a lot of new questions we don’t have any real answers for. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_284_What_happens_when_we_DRM_power_tools.mp3 Show Notes Home Depot power tools Ray Ozzie’s IoT board First-sale doctrine

Josh and Kurt talk about the safety and liability of new devices. What happens when your doorbell can burn down your house? What if it’s your fault the doorbell burned down your house? There isn’t really any prior art for where our devices are taking us, who knows what the future will look like. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_225_Who_is_responsible_if_IoT_burns_down_your_house.mp3 Show Notes Ring Doorbell recall Ring incorrect screw diagram Punctured battery Episode 145 – What do security and fire have in common? Phillips vs Robertson screws wendy knox everette Wendy’s presentation on legal liability Tim Burners-Lee privacy company

Josh and Kurt talk about Network Time Security (NTS) how it works and what it means for the world (probably not very much). We also talk about Singapore’s Cybersecurity Labelling Scheme (CLS). It probably won’t do a lot in the short term, but we hope it’s a beacon of hope for the future. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_220_Securing_network_time_and_IoT.mp3 Show Notes Network Time Security NTP and the University of Wisconsin Cybersecurity Labelling Scheme (CLS)