some thoughts on iot - hknog · 2017-07-03 · ipv4 and iot • the “conservative” option for...

SomethoughtsonIoT

Geoff Huston

Chief Scientist, APNIC

TechnologyDoestechnologychangesociety,ordowedevelopandadopttechnologytoaddresssociety’schanges?

WhenMeng Tianinventedthecamelhairpaintbrushin250BCEhedidnotinventcalligraphy.HerespondedtoaneedinancientChinesesocietyformoreandhigherqualitywrittendocumentsthatcouldbeproducedfaster

TechnologyDoestechnologychangesociety,ordowedevelopandadopttechnologytoaddresssociety’schanges?

WhenMeng Tianinventedthecamelhairpaintbrushin250BCEhedidnotinventcalligraphy.HerespondedtoaneedinancientChinesesocietyformoreandhigherqualitywrittendocumentsthatcouldbeproducedfaster

Themostprofoundtechnologiesarethosethatdisappear.Theyweavethemselvesintothefabricofeverydaylifeuntiltheyareindistinguishablefromit...

- MarkWeiser1991

Technology

SohowshouldwelookattheInternetofThings?

Isthismerelyatemporaryconsumerfad,destinedtobereplacedbythenextcooltechnologyitem?

Oristhisaninstanceofaprofoundtechnologychangethatanswersabasicneedinoursocietythatwillbeddowntobeapartofoureverydaylifeformanyyearstocome?

Totryandanswerthis,letstryandputthisquestionintosomebroadercontextoftheevolutionthecomputerandcommunicationsenterprise

Computerswereesoterichighfrontierresearchprojects

1946 – Eniac – anumericcalculator

1964:IBM360

Thentheybecamea“musthave”businesstool

1964 IBM360– commercialcomputing

The Computing Evolutionary PathExtravagantstatementsoftechnopower

1976 CRAY-1– “super”computing

The Computing Evolutionary Path

1976:AppleI

Buttherewasalsothehobbyistmarket

1976– Apple-1“personal”computing

Consumercomputersasastatementofdesignstyle

1984– Mac

FromStyletoMassMarketedLuxuryItem

2007– Apple’siPhone

WithdesktopdevicestheInternetofcomputerswasadedicatedactivity

dedicated chair

lighting

wired bandwidth

large view screens

privacy

dedicated worktop

reliable power

TheInternetisnowanywhereandeverywhere

Itstrivial,commonplaceandblendsintoallouractivities

radio connectivity

battery power

hand sized

Thumboperated

Asdedicated“things”arereplacingit

Maybeitsaboutthedemiseofthe“traditional”computer

Connecting“things”totheInternetisnothingnew

SimonHackett’sInternetRemoteRadioof1990

JohnRomkey’s InternetToaster– LetthemeatToast!

Connecting“things”totheInternetisnothingnew

ThisnewIoT isjusttheoldIoT

TheuseofmicroprocessorstoundertakesimpletasksisaboutasoldastheIntel4004andtheZylogics Z80processorchips

ThisnewIoTisjusttheoldIoT(withnewlipstick!)

Andwearealreadylivinginaprocessing-denseworld

Amoderncarhasaround150– 200microprocessor-controlledsystems,fromthewindscreenwipers,totheentrysystem,toenginecontrolandallthingsinbetweenMany/mostconsumerapplianceshaveallturnedtomicroprocessorcontrolIndustrialprocesses,logisticsandinventorycontrol,environmentalmonitoringallusevariousformsofembeddedprocessing

SowhyisIoTahottopictoday?

ThisnewIoT isjusttheoldIoT(withnewlipstick!)

Andwearealreadylivinginaprocessing-denseworld

A moderncarhasaround150– 200microprocessor-controlledsystems,fromthewindscreenwipers,totheentrysystem,toenginecontrolandallthingsinbetweenMany/mostconsumerapplianceshaveallturnedtomicroprocessorcontrolIndustrialprocesses,logisticsandinventorycontrol,environmentalmonitoringallusevariousformsofembeddedprocessing

SowhyisIoT ahottopictoday?

TheHype

• GartnerPredictions• CESshows• HomeApps• CarApps

IoT is…?

• Itisagenerictermthatencompassesahugevarietyofapplicationthathavelittleincommonotherthanapropensitytooperateinanunmanagedenvironment• ItshardtotalkabouttheIoT inanythingotherthanhighlygenericterms

Whynow?• Lowpower,highcapabilitysiliconnowdominateschip

fabricationplantsSaturationofthesmartdevicemarketFullstreamsiliconproductionvolumesrequiressomeformofconsumptionmodel

• RadioTechnology:RFID,Bluetooth,WiFi,LTE• ImprovementsinADconvertorsisprovidingrangeand

bandwidthtoradiosystems• Protocoldevelopmentprovides”seamless”connectivity• i.e.PassportsandClothingTags,Appleearbuds,Home

controllersandsimilar

• Actorsseekingnewmarkets• 5GforSIMsandwideareamobility• Smartphoneplatformprovidersseekingtoenterthe

car,homeandworkenvironments• Industrialandprocessautomationseekingtoexpand

marketreach

Whynow?

• Becausewehavesaturatedourtraditionalmarketsfortechnologyandtheproductioncapacityisbeingredirectedtonewopportunities• PCsalesvolumesplummeting• Smartphonesalesarenowpeaking• Thecomputertechnologyindustryisseekingtouseitsexistingcapabilitytoprovidenewproducttohighvolumemarkets• Whichmeanslookingatlowunitmarginveryhighvolumeopportunitiesbyadding”smart”networkcentricinterfacesandcontrollerstoexistingdevicesandfunctions

Theopportunities

• “smart”lighting- e.g.Philips• “smart”homeappliancesandnetworks- e.g.Miele• “smart”powermanagement• ”smart”labelsforretail• “smart”trafficcontrol• “smart”imageanalysis• “smart”videosurveillence• Almostanythingelsethatusestheword“smart”

TheVarietyofLife

It’sasetofdiscreteapplicationsthathavehighlydivergentrequirements:

• Radiusofconnectivityvariesfrommmtokilometers• Bandwidthvariesfrombitstogigabitspersecond• Datavolumesvaryfrombytestopetabytes• Connectivitymodelsmaybepushorpull• Connectivitymaybead-hocrelaystodedicatedwired• Transactionsmaybeunicast,multicastoranycast innature• Applicationsincludesensingandreporting,commandandcontrol,adaptationandinterfacing

Thereislittlethattheseenvironmentshaveincommon,exceptmaybea commonunderlyinggenepool!

TheIoT GenePool

Unix• Itssmall,itsubiquitous,itswellunderstood,itscheap,itsopensourcewithoutonerousIPRconstraints,ithasamassivesetofapplicationlibraries• Customised microkernelsarerisky,expensiveandrarelynecessary

IP• Itssmall,itsubiquitous,itscales,itswellunderstood,itscheap,itsopensourcewithoutonerousIPRconstraints,andeveryonespeaksit!

• ButwhichIP?

IPv4andIoT

• The“conservative”optionforIPinthisenvironment• UbiquitoussupportacrosstheentiredeployedInternet• Wellunderstoodprotocolbehaviour• WidelyavailableAPIs

OfcourseitshouldalsobeusefultofactorinNATsinIPv4:• Pushmodelwherethe“thing”pushesdatatoarendezvouspointratherthanaconstantpollable modelof“pull”access

• “pull”and“feeder”modelsworkbehindNATsusingrelaysand/orALGssplittheprimaryfeedfromthepropagationofthedata

IPv6andIoT• It’sthe“killerapp”forIPv6

• Butthenumberssuggestotherwise:• 7Bconnected“devices”ontoday’sIPv4Internet,plusafurther7BconventionalPCandsmartdevices

• 2.8BannouncedIPv4addresses• 1.3B“used”IPv4addresses• Wecanprobablypushthismodelharder!

“Thing”Behaviour

Pull:• Deviceisalwaysconnectedandinterrogatedbyexternalagents• A modelofpollingorfeedsubscriptionwherethedevicemaintainsinformationthatcanbepolledbyanexternalagent

• ThisrequiresanpublicIPaddress+Port• Italsorequiresahighlyrobustcoreimplementationthatisresistanttoattack

• Italsorequiressomeconsiderablethoughtontheauthorizationmodel• Deviceisconfiguredtoauthorizeusersand/or• Deviceusesathirdpartyauth server

• Commonlyseeninwebcamsandothercontinuousmonitoringapplications(thoughit’snotnecessarilyrequired)

PullvsPush

Push:• Intermittedly connectedandinterrogatedviaexternalagents• Devicepushesdatatosomedatacollectionagent• Limitedconnectionrequirement• Thisbehaviour NAT”friendly”asthedeviceistheclientandthecollectionpointistheserver

• Externalaccessviathedatacollectionagent,notthedevice• Doesnotrequirededicatedaddressingoutsideofthelocalcontext• Thislimitedaccessmodelfacilitatesdefensivemeasures,includingencryptedcommunicationstothedevice’sagentsandpreventingallthirdpartyconnections

• AndsuchdevicesprobablyshouldbebehindaNATinanycase!(e.g.cameras)

Security

SeenatNANOG69…

SecurityInteresting ...

“At last count I have about 43 devices on my LAN, with less than a third running an OS that I can actually interact with. The rest are embedded systems that get updated (hah!) by the vendors at their whim. Easily two-thirds would 'phone home' to somewhere at various times. About 7 have external access without explicitly setting port-forwarding.

Of course, my router monitors and reports on all outbound traffic - but do I actively look at it? I should. But I don’t. And of course everything we value on our LAN we protect and encrypt end-to-end and at-rest as the LAN is actually occupied by foreign devices with unknown network capability... sure we encrypt absolutely everything...”

AnInternetofStupidThings

Wekeeponseeingthesamestupidityagainandagain:• Deviceswiththetelnetportopen• DeviceswithopenDNSresolversontheWANside• DeviceswithopenNTP/SNMP/chargen etc• Deviceswiththesamepresetrootpassword• Devicesusingvulnerablelibrariesthataresusceptibletorootkitexploitation

Insanely

TheInternetofStupidThings

• Howdoyouperformfieldupgradesofotherwiseneglectedandunmanageddevices• What’stheeconomicsofincentingfieldupgradesfromthemanufacturer?• Whoisresponsibleforbroken“things”?

TheInternetofStupidThings

Isthisstupidityevenavoidable?• Thebleakpictureismaybenot!• Inapricesensitivemarketwheresystemrobustnessandqualityislargelyintangiblewhereisthemotivetomaintainhighqualitycode?• Howcanaconsumertellthedifferenceinthequalityofthesoftware,intermofitsrobustnessandsecurityofoperation?

highclockspeed industry+commoditycomponents+lowmargin=marketfailureforIoT Security

Privacy

Privacy

Somethingsyoucancounton…

• Thevolumesarealreadyhuge,andthey’regrowing• “Things”alreadyoutnumbereverythingelseontheInternet

• Securityisanunachievableword!• Privacyisnowanhistoricalconcept• Digitalpollutionispervasiveandwenowhaveaninternetthatisalargelychaoticandhostileenvironment

Andsomethingswecan’ttell• Willwestandardizethisareaorwillitbeadiversesetofmutuallyincompatibledevices?• Willthemarketconsolidatetobedominatedbyasmallnumberofproviders andtheirpseudo-openproprietaryarchitectures?• WhenwilltheIoT embraceIPv6?• WilltheIoT marketeverdiscriminateonqualityandrebustness?• Howdowemanagetheriskofcoercionofthesedevices?

Andsomethingswecan’ttell• Howbadcanitget?

It’satoughproblem…

"The market can't fix this because neither the buyer nor the seller cares.

The owners of the webcams and DVRs used in the denial-of-service attacks don't care. Their devices were cheap to buy, they still work, and they don't know any of the victims of the attacks.

The sellers of those devices don't care: They're now selling newer and better models, and the original buyers only cared about price and features.

There is no market solution, because the insecurity is what economists call an externality: It's an effect of the purchasing decision that affects other people. Think of it kind of like invisible pollution."

https://www.schneier.com/blog/archives/2017/02/security_and_th.html

Thanks!