W3C home > Mailing lists > Public > public-webrtc@w3.org > June 2018

Re: WebRTC NV Use Cases

From: Göran Eriksson AP <goran.ap.eriksson@ericsson.com>
Date: Thu, 21 Jun 2018 15:37:33 +0000
To: Iñaki Baz Castillo <ibc@aliax.net>, "jianjun.zhu@intel.com" <jianjun.zhu@intel.com>
CC: Peter Thatcher <pthatcher@google.com>, "misi@niif.hu" <misi@niif.hu>, WebRTC WG <public-webrtc@w3.org>
Message-ID: <0FD7F00A-E678-4F27-B6CC-1833B424E700@ericsson.com>


    It also reduces the privacy of the communication. No. Encryption is

    required, even more in IoT devices.



I agree!



Given that in many cases the information acquired in IoT devices will be used as data sets in machine learning, "security considerations" must take new matters into account, i.e. new attack vectors, such as malicious injection of  bias in data set. 



Encryption is part of toolbox addressing these kind of attacks.



The desire for small footprint and (ultra low) latency is understandable, but history and current situation out there, has shown that 'defence in depth' is necessary; assuming for instance that no one will get into the 'wire' between the IoT device and servers is risky in my mind, and definitely not advisable when stuff are connected to the Internet.



Also, making security optional for special use cases may increase the risk of said 'flexibility' to also be used by mistake, or intent, in other situations increasing the attack vector.



5 cents!

Göran


Received on Thursday, 21 June 2018 15:38:01 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:42 UTC