Two stories this week illustrate the security risks of having a connected lifestyle. Forbes magazine tells in separate pieces how modern car systems can be overriden and how smarthomes can be hacked.
Smarthome system security is a particular interest of mine, for a while I was involved in a home automation business but I found the industry’s cavalier attitude towards keeping clients’ systems secure was unacceptable.
The real concern with all of these stories is how designers and suppliers aren’t taking security seriously. In trading customer safety for convenience, they create serious safety risks for those using these system. It’s as if nothing has been learned from the Stuxnet worm.
A decade ago, a joke went around about what if General Motors made cars like Microsoft designed Windows. Like all good stories, it had a lot of truth to it. Basically, the software industry doesn’t do security particularly well; there are developers and vendors who treat security as a basic foundation for their work, but they are the exception rather than the rule.
That may well be a generational thing as today’s young developers and future managers are more aware of the risks of substandard security in the age of the internet.
Rather than seeing security as something that is bolted on to a product when problems arise, this generation of coders are having to treat security as one of the fundamental foundations of a new system.
What is clear though is that the builders of critical systems are going to have take security far more seriously as embedded computers connected to the internet of machines become commonplace in our lives.
IT security is the integral part of one’s life. Everything we do or use has a track online and we ourselves save everything online. Our personal ID’s an everything are stored online and we must try keep it safe.