Friday, August 10, 2018

IoT and traffic analysis

People always seem to forget about traffic analysis, and yet traffic analysis was a big deal in monitoring encrypted traffic even back during WWII.

https://www.theregister.co.uk/2018/08/10/internet_of_things_encryption_snooping/

Some countermeasures are very easy. For example, a device could be programmed to exchange a fixed amount of data on a predefined schedule. It can the batch whatever it cares about into those communications, and use random filler for the leftover space. Easy, yet seldom done...

No comments:

Post a Comment

Automating the detection and patching of vulnerabilities

Nice. https://spectrum.ieee.org/computing/software/mayhem-the-machine-that-finds-software-vulnerabilities-then-patches-them