Over the last two dozen years I have specialised in advising companies of all sizes on their security implementations. Dating back to long prior to the dawn of what we now know as security professionals when security was physical and not ephemeral or virtual. Where the security of a network or security of a physical instance was the core discipline.
Since then my career has evolved beyond all imagination, co-inventing SmoothWall with Lawrence in our back bedrooms, never imagining it would turn into a multi hundred million dollar business almost nineteen years later. Even though neither of us are involved as co-founders any more we both (and I can only speak for him vicariously as since 2003 we’ve met once and talked twice) are hugely proud of our baby and what it has become.
Since the summer of 1998 I have worked hard to understand the philosophy behind the security of devices, which makes me a very old man in the world of what we know now as the Internet of Things. From the earliest Soekris boxes that long pre dated Arduino or Raspberry Pi single board computing. Working with developers using NetBSD and also stripping and rebuilding Qube webservers and RaQ devices, the evolution of SBC computing, empowered by Open Source has taken the world by storm and changed both how we deploy and provision devices, but also the commoditisation of hardware has allowed us to do things at a price break never imagined.
I just finished a study working with a Lithuanian security team looking at some devices that concerned me. I’ve also been working with the National Cyber Security Centre over a major unpublished security flaw I discovered last December in SBC based Android platforms in communication platforms. It strikes me that there is still a clear and very dangerous line between the developers and device manufacturers whose firmware specification and lack of understanding of chipset use is taking us into a false dawn of courage.
Over the next four weeks I will be writing up some of my findings and publishing some of them here.
Keep coming back. I may open your eyes a bit.