re: Where is HTTPS for IoT? (Update) VIEW POST

FULL DISCUSSION
 

What I learned by watching security videos and going to meetups:

  • do not open any port on your IoT devices, not even a web server, is an invitation "hack me", I've seen how they hack real cars by using the wifi, bluetooth or worse had them run a .sh from the USB stick
  • do not allow users to upload anything on your devices, especially firmware, you will lose the control over them

As for the HTTPS overhead maybe the QUIC protocol will improve things.

code of conduct - report abuse