Last week’s poll: connectivity and security

Do the advantages of connectivity in devices for home and industry outweigh the potential risks of hacking?

Last week we asked Engineer readers if they believe that connected devices – whether they’re “Internet of Things” in the domestic setting, or industry 4.0 in manufacturing – represent an advantage or an unacceptable risk.

Of the 340 responses, 61 per cent took the view that connected devices are unsafe, and 14 per cent thought otherwise, believing connected devices to be safe.

A further eight per cent of respondents were split equally between the options of connected devices being safe in the home but not in industry, and connected devices being safe in industry but not the home. The remaining 17 per cent couldn’t find a fit and chose the ‘none of the above option’.

In the debate that followed, Sandy said that each domestic application should be considered with regard for the need, adding: “No-one ‘needs’ a connected fridge or even central heating controlled from a phone. Just set the timers or switch it on when you get in…Also no-one ‘needs’ a SMART meter, particularly when it’s tied to a supplier.”

Moving into the industrial sphere, Andy Duffell wrote in to say: “There’s no technical reason devices can’t be made safely, but attitudes and practices in the industry mean that safety is generally poor. For example, one of the reasons Stuxnet was able to infect the target system was because Siemens advised their customers to not change the default password, which was hard-coded and documented. What is the point of even having a password in that case? It’s security theater. Attitudes need to improve.”

Andy’s view was endorsed by Another Steve, who said: “‘Most’ security hacks are down to users sloppy practices, unfortunately I don’t see that changing unless there is some sort of financial penalties applied.”

Nick Cole opined that any connection is inherently unsafe and that all software has flaws.

“The cost of trying to stay ahead of the game can be immense,” said Nick. “The risk needs to be evaluated in comparison with the benefits and potential costs. As with any software driven system one major risk is the likelihood of having that system out of commission and the potential mitigation measures in such a scenario.”

Discussion is still welcome on this matter, but draw commenters’ attention to our guidelines and remind readers that all comments will be moderated and may be edited if necessary.

More on these important security issues can be found in The Engineer’s May 2018 cover feature:

Safer connections: reducing the security risks of the internet of things