Did you know the #FDA placed stringent #cybersecurity requirements for medical devices in their new HR.2617 legislation? Bishop Fox’s Matt Twells, Senior Solutions Architect, has you covered.
Join our webcast and learn what you need to stay compliant!
A disjointed rambling of thoughts about iOT stuff.
Shopping for a keypad door lock the other day and they all require an app to program it. Lots of “cool" features but they don’t work without a specific app to set things up or change in the future. Dozens of brand names, all with their own app.
Couldn't we legislate some minimal UI/API for all iOT devices? This is glossing over a lot of specifics: but any device that requires configuration would support a local html interface mode (i.e. your phone would connect to its network/mini server). If the company goes out of business, their app disappears, you aren’t stuck with a brainless device. A general purpose API could be a part of that spec, which systems like #HomeAssistant could integrate with.
You could still use the company's app, probably most people would, but you could also decide to NOT put the device on the network or create account with an unknown company just to have a smart door lock or web cam.
But what if you need some minimalist Linux on said machine?
Even if it's just to dd a new OS on to update those?
Because I do know at least one logistics firm that does that to their systems, and since their #IoT stuff is within #SOLAS-regulated areas, it's a pain in the rear to get onsite for quite good reasons.
However, one requirement for this states that “any product which contains a microprocessor” has to undergo a “conformity assessment” by a third-party before becoming available. #cybersecurity#infosec
Who has a #Nest#Doorbell battery version? How the hell do you re-engage the magnet that holds it in place? I know I've done it before but nothing works
#EU#CyberSecurity#CRA#CyberResillience#IoT: "The EU co-legislators are set to reach a political agreement on the Cyber Resilience Act, with the main major hurdle left to solve around the power of national authorities to restrict access to reported vulnerabilities.
The Cyber Resilience Act is a legislative proposal to introduce security requirements for the manufacturers of connected devices. The file is at the final stage of the legislative process with the EU Commission, Parliament and Council hashing out the final dispositions in so-called trilogues.
The main EU institutions are set to formalise an agreement at a political trilogue on Thursday (30 November), but most aspects of the file have already been settled at the technical level, according to an internal document dated 24 November and seen by Euractiv.
At the same time, the thorny aspect of vulnerability and incident reporting remains the main open political question."
Reminder - I created https://github.com/unixorn/internet-of-trash as a list of things that don't work well, have had the vendor try to force you to use the cloud for something that was locally controlled, or are otherwise a pain to use with home automation.
If something is supposedly for #SmartHome but is a pain to use with home automation, please add it to the list.
The goal is to have a warning list of products to avoid, especially for people new to #HomeAutomation or #HomeAssistant .
Is there any advantage at using AMQP for new projects ?
We are investigating for MQTT also, looks lighter and there are much more implementations available (especially for managed services), but not sure what limitations we may face.
Not in an IOT context but purely message exchange for asynchronous processing between various internal components. #dotnet#amqp#mqtt#iot#development#python#ruby#golang
i feel like “let us send everything you type to the cloud so we can do spellcheck for you!” is just a clear sign that society has gone wrong. we’ve been doing spellcheck fine without it for like. three decades
I agree about the lack of imagination. But IMO that also extends to the entire #IoT category itself... every light bulb or switch is a little computer connected to the global network (cloud control or not).
Built a water level sensor for my irrigation systems water container. Shows current level in mm via the OLED and via WiFi for low level and leakage alerts.
Uses a pressure based industrial liquid level sensor which is really accurate and stable, fantastic sensor!
#ZephyrRTOS based firmware on a #ESP32 dev board. #LVGL for UI.
MCP3421 for sensor readout/4-20mA conversion.
A #gadgeteer is also the naive or careless person who wears these #gadgets and is either oblivious of the detrimental externalities of the tech to society, or criminally negligent of those (usually #trend-following hipsters).
I recently spent some time exploring the potential capabilities that an evil IoT device might have within an AWS IoT Core environment. This culminated in the thoughts I've transcribed in this blog post, as well as a command-line tool to help with enumeration and data harvesting during security assessments of products that...
OC AWS IoT Core: A Compromised Device Perspective (seanpesce.blogspot.com)
I recently spent some time exploring the potential capabilities that an evil IoT device might have within an AWS IoT Core environment. This culminated in the thoughts I've transcribed in this blog post, as well as a command-line tool to help with enumeration and data harvesting during security assessments of products that...