I’ve got a new blog post up today at EE Times, discussing how to secure devices on the Internet of Things:
It used to be academically interesting, perhaps, that an attacker could compromise an unconnected home thermostat. Today, it’s another thing entirely that an attacker can potentially target thousands of home thermostats from afar, determine which ones have been set in vacation mode for the next week, and remotely open the corresponding garage doors for his local accomplice to pull right in.
An archived version of the post is here.