By Alan Grau
The annual Consumer Electronics Show in Las Vegas has just wrapped up. With 160,000 attendees, 3,800 exhibitors and almost 2.5 million square feet of exhibit space, this is the largest electronics show in the world. The array of new products and technologies has been featured on virtually every media outlet from Good Morning America to Conan.
There is something for every interest on display, from self-driving cars and drones, to video games, virtual reality, and smart appliances. I saw products for exercise, infant care, elder care, food preparation and smart trash cans and toilets. It is really exciting to see the extremes of modern day technology.
However, two important themes caught my attention.
First, everything is being connected. And by everything I really mean everything, whether it really needs it or not. Each of the products I mentioned provides connectivity, most of them using some type of wireless interface.
Second, everything is insecure. In this case, when I say everything, I again mean everything. It is a hacker’s delight.
Some companies have started to build security into their products, and in the more security and safety critical areas, progress is being made. Despite this, very few vendors have made security a priority. What I find truly worrisome is that the majority of the new products have not adequately addressed even the most basic security requirements. From drones to vehicles to smart home appliances, very few products have implemented strong security. Many of these developers are in such a rush to get their products to market – and to connect them to the cloud or smartphones – that they simply ignore the need for security.
As a techie I enjoy CES. It’s fun for me to check out all the new gadgets and devices. I get excited about self-driving cars and intelligent baby monitors that can reduce the number of deaths due to Sudden Infant Death Syndrome (SIDS).
But as a security professional, I have very mixed feelings. Many of the silicon vendors have begun to recognize this challenge and are now starting to add hardware security modules to their platforms. These are the security building blocks that can be used to create new devices with much higher layers of security. But the overwhelming number of devices that have not yet adopted these solutions is, well, the reason I consider CES to be the largest collection of insecure devices in the world.
Alan Grau is the President and cofounder of Icon Labs, which provides security software for IoT and embedded devices of security solutions for embedded devices. You can find more blogs at articles at www.iconlabs.com.
For video coverage of CES 2016, go to Design World’s CES videos.
