The Bluetooth vulnerability was announced with the discovery of BIAS (Bluetooth Impersonation AttackS). The vulnerability allows an attacker to impersonate a previously paired device to authenticate and connect to another device. Users are advised to check for and apply patches.
Microsoft’s annual Build developers’ conference, held virtually this year due to the COVID-19 pandemic, saw a number of announcements, including changes intended to make it easy to connect Azure IoT Edge and Azure Sphere devices to IoT Central.
Dubbed ‘Ripple 20’, the affected code is sold by a company called Treck and was identified in devices from HP and Intel to Rockwell Automation, Caterpillar and Schneider Electric. The bugs will require patching, which can be difficult for end users to do on some IoT devices.
The recently unsealed indictment of coder Kenneth Currin Schuchman, 22, revealed just how easy it is to compromise many IoT devices. The Satori botnet enslaved more than 800,000 devices, including home routers, security cameras and webcams – and affected ISPs, online gaming platforms and web hosting companies.
The recent ‘IoT Commercialization & Business Model Adoption 2020’ report offers insight into what it takes to successfully develop and market smart and IoT devices. Survey respondents said 52 per cent of IoT business models can be classified as “diversifications” – or new products sold to new decision makers – while 11 per cent are “market penetration” products in which an existing product, with modifications, is sold to the same decision makers as before.
Researchers from Stern School of Business found that IoT sensors can help monitor things like the quality of goods and handling and storage conditions, minimising the potential for disputes.
The People’s Republic of China launched the satellites in May, with a plan for up to 80 low-Earth-orbit satellites to provide coverage for IoT services in areas lacking cellular wireless coverage. The China Aerospace Science and Industry Corporation announced the satellites completed phase-one testing in June.
Security researcher Scott Helme warns this could happen in the near future as root certificates begin to expire. “We’re coming to a point in time now where there are lots of CA Root Certificates expiring in the next few years simply because it’s been 20+ years since the encrypted web really started up and that’s the lifetime of a Root CA certificate,” Helme says. “This will catch some organisations off guard in a big way.”
In an article in its IEEE Spectrum magazine, the Institute of Electrical and Electronics Engineers says: “As we add connected devices to homes, offices and public places, technologists need to think about consent.” The article adds that “consent can build trust in a connected product or automated system”.
IoT SiteWise is intended to help users more efficiently gather and use data collected from IoT devices in their facilities. Amazon says SiteWise helps customers collect data from the plant floor, structure and label the data, and generate real-time metrics.
Follow us on Twitter – @ColContent