The annual Consumer Electronics Show in Las Vegas has just wrapped up. With 160,000 attendees, 3,800 exhibitors and almost 2.5m square feet of exhibit space, this is the largest electronics show in the world. The array of new products and technologies has been featured on virtually every media outlet from Good Morning America to the BBC. By Alan Grau, President and Cofounder, Icon Labs.
There is something for every interest on display, from self-driving cars and drones, to video games, virtual reality and smart appliances. I saw products for exercise, infant care, elder care, food preparation and smart trash cans and toilets. It is really exciting to see the extremes of modern day technology.
However, two important themes caught my attention:
Some companies have started to build security into their products and, in the more security and safety critical areas, progress is being made. Despite this, very few vendors have made security a priority. What I find truly worrisome is that the majority of the new products have not adequately addressed even the most basic security requirements. From drones to vehicles to smart home appliances, very few products have implemented strong security. Many of these developers are in such a rush to get their products to market - and to connect them to the cloud or smartphones - that they simply ignore the need for security.
As a techie I enjoy CES. It’s fun for me to check out all the new gadgets and devices. I get excited about self-driving cars and intelligent baby monitors that can reduce the number of deaths due to Sudden Infant Death Syndrome (SIDS).
But as a security professional, I have very mixed feelings. Many of the silicon vendors have begun to recognise this challenge and are now starting to add hardware security modules to their platforms. These are the security building blocks that can be used to create new devices with much higher layers of security. But the overwhelming number of devices that have not yet adopted these solutions is, well, the reason I consider CES to be the largest collection of insecure devices in the world.