Episode 271: Surveillance scares and a nutrition label for IoT security

This week’s show kicks off with a discussion of what’s happening in the U.S. with protests, police brutality, and the role connected tech can play in smart cities, including the role image recognition can and does play. We then tackle the IoT news starting with Nest’s addition of Google’s advanced protection program and a GPS tracker that seems like a good buy. Then we discuss funding for a smart oven, a pool sensor, another HomeKit enabled security camera, a subscription service for monitoring the health of your HVAC system, cheap sensors, and a new doorbell from Wyze. We then move onto Amazon killing the Echo Look camera and its new intercom feature before breaking out the deep science for windows that can adjust to different light levels automatically. In our IoT Podcast Hotline segment, we answer a question about using a connected sprinkler to ward off animals.

The nutrition-style label that helps users figure out how secure a connected device is.

This week’s guest is Lorrie Cranor, director of the CyLab Security and Privacy Institute at Carnegie Mellon University, who is on the show discussing the newly created nutrition-style label researchers created for IoT devices. Researchers tried to convey about 47 relevant pieces of information that relate to a device’s security and privacy qualifications and crammed as many as they could onto an easy-to-read-label that’s designed to fit on a product’s packaging. The label doesn’t convey all 47 elements, but it does capture several key pieces of information about how long a device will get security updates, the types of sensors it has, and how the company treats its data. Other elements are relegated to a deeper privacy fact sheet that a consumer can access via a web site or QR code. Cranor explains the label, the methodology, and asks for help turning the research into something useful for the industry at large. Let’s make it happen.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest:  Lorrie Cranor, director of the CyLab Security and Privacy Institute at Carnegie Mellon University
Sponsors: Calix and Edge Impulse

  • We need to talk about how to enforce laws when IoT can see everything
  • This is a really nice GPS tracker for the masses
  • $10 Zigbee sensors? Yes, please!
  • What should a security label measure?
  • How can we get this label on our devices?