Posts
You know, IoT devices used to be something of a curiosity. Like, do you have a kettle wit…
June 14, 2025 at 7:34 PM•Max Knyazev is typing…Telegram mirror
You know, IoT devices used to be something of a curiosity. Like, do you have a kettle with Wi-Fi? What the hell, are you a spy? And now it's the other way around. If you don't have a single smart device, they look at you like a hermit. Cameras, light bulbs, thermostats, sockets - all of this has long been connected to the Internet and regularly sends data somewhere
😳
But the more such devices appear, the more vulnerabilities we actually get ( and the number of jokes about the “S” in IoT, which stands for security, is increasing exponentially ). And this is where the concept I want to talk about today comes into play - Security by Design
😎
This is not a bunch of fancy words, but an approach in which security is built into the device at the design stage, and not molded in later, when everything is already working ( and dumps half of the data ). Developers who follow this principle immediately think about security: how authentication will work, what data is needed, where to apply encryption, how to limit access based on the principle of least privilege. And all this is not after the release, but BEFORE it
😏
Why is this important? Because in the IoT world the philosophy “if only it works” still reigns. Hence the default logins like admin/admin, and devices that have not been updated since 2018, and “smart” kettles from which you can intercept the BLE command and start brewing tea from your neighbor through the wall
🧠
The good news is that there are manufacturers emerging that make security the default. They have encryption, secure APIs, and somehow everything is more competent and of better quality. Some even undergo voluntary certifications like Mozilla's Trustable Technology Mark or AT&T and Ericsson's program, which evaluates everything from transparency and stability to actual data protection measures
😅
What should the user do? First of all, don’t chase the cheapest “smart” light bulb, set complex passwords, turn off unnecessary Internet access and follow updates. Yes, it sounds corny. But believe me, the user has the opportunity to make life difficult for the attacker. Or at least not make it easier for him to do something that the manufacturer did not take care of properly
😉
IoT is cool. It's convenient. It's even beautiful sometimes. But if we don’t want our smart home to turn into something alien, we should think about security a little in advance. And not when someone suddenly starts waving their hand at you into the camera in the kitchen
💀
#internet_things
#information_security
Open original post on TelegramBut the more such devices appear, the more vulnerabilities we actually get ( and the number of jokes about the “S” in IoT, which stands for security, is increasing exponentially ). And this is where the concept I want to talk about today comes into play - Security by Design
This is not a bunch of fancy words, but an approach in which security is built into the device at the design stage, and not molded in later, when everything is already working ( and dumps half of the data ). Developers who follow this principle immediately think about security: how authentication will work, what data is needed, where to apply encryption, how to limit access based on the principle of least privilege. And all this is not after the release, but BEFORE it
Why is this important? Because in the IoT world the philosophy “if only it works” still reigns. Hence the default logins like admin/admin, and devices that have not been updated since 2018, and “smart” kettles from which you can intercept the BLE command and start brewing tea from your neighbor through the wall
The good news is that there are manufacturers emerging that make security the default. They have encryption, secure APIs, and somehow everything is more competent and of better quality. Some even undergo voluntary certifications like Mozilla's Trustable Technology Mark or AT&T and Ericsson's program, which evaluates everything from transparency and stability to actual data protection measures
What should the user do? First of all, don’t chase the cheapest “smart” light bulb, set complex passwords, turn off unnecessary Internet access and follow updates. Yes, it sounds corny. But believe me, the user has the opportunity to make life difficult for the attacker. Or at least not make it easier for him to do something that the manufacturer did not take care of properly
IoT is cool. It's convenient. It's even beautiful sometimes. But if we don’t want our smart home to turn into something alien, we should think about security a little in advance. And not when someone suddenly starts waving their hand at you into the camera in the kitchen
#internet_things
#information_security
Discussion
Comments
Comments are available only to confirmed email subscribers. No separate registration or password is required: a magic link opens a comment session.
Join the discussion
Enter the same email that you already used for your site subscription. We will send you a magic link to open comments on this device.
There are no approved comments here yet.