Comments
Majority of Consumers Believe IoT Needs Security Built In
Newest First  |  Oldest First  |  Threaded View
rwsmarine
50%
50%
rwsmarine,
User Rank: Apprentice
8/15/2017 | 3:23:54 PM
nomenclature
wht couldn't the nomenclature of the device be its temp password?  As soon as it comes online or booted the first time a mandatory password change is required.  Quick easy not great but at least its something.  Every device has a sn# to it and their all different
mikeroch
50%
50%
mikeroch,
User Rank: Apprentice
7/27/2017 | 11:40:39 AM
Re: Consumer vs manufacturers 192.168.1.1?
Absolutely agree with Dr. T, the responsibility should majorly be upon the manufacturer, it's simple, I buy some product of some brand, I trust them but due to their mistake I suffer the loss. So, even, knowing that it was good company, they failed to stand on it as they did wrong with the product. So, the 56% should be on the manufacturer side. So, IoT should be much cared by the manufacturer.
Nry2137
100%
0%
Nry2137,
User Rank: Apprentice
7/26/2017 | 12:29:05 PM
Re: Consumer vs manufacturer?
I believe the responsibility resides with both parties. However, in order to understand the responsibilities involved with security, I also believe that both parties, users specifically, need to be educated on their expected responsibilities. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
7/26/2017 | 10:40:54 AM
Consumer vs manufacturer?
 

"Overall, however, 56% believe it is the responsibility of both the consumer and manufacturer."

I think it should be manufacturer responsibility to secure the device, most customers would not even know how to use the device forget about the security.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
7/26/2017 | 10:38:42 AM
IoT Security
If the device is doing more than one thing and connected to other devices security should be mandatory. If not and simply ringing the door bell and not connected to other things, why go so much trouble and make it expenses, basic security should be ok.


White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Major International Airport System Access Sold for $10 on Dark Web
Kelly Sheridan, Staff Editor, Dark Reading,  7/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-3090
PUBLISHED: 2018-07-18
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compr...
CVE-2018-3091
PUBLISHED: 2018-07-18
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compr...
CVE-2018-3092
PUBLISHED: 2018-07-18
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In T...
CVE-2018-3093
PUBLISHED: 2018-07-18
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In T...
CVE-2018-3094
PUBLISHED: 2018-07-18
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In T...