This summer we released our findings on a vulnerability we called Devil’s Ivy: a flaw in the gSOAP library that was found while researching a surveillance camera, but whose impact extended far beyond any one device, or any one platform.
This week IoT security company Armis revealed BlueBorne: a set of eight vulnerabilities found in the bluetooth stacks used by a variety of OS vendors. The vulnerabilities impact several billion devices across the Windows, Linux, iOS and Android platforms. Along with a variety of commodity IT devices, any IoT or “smart” devices running any of these OSes are vulnerable.
In both cases the flaws impact, both IoT as well as commodity or ‘ordinary’ computer technology. This doesn’t apply in all cases, but as more research is done, it is highly likely that we’re going to hear more about how the line between problems in IoT and just plain IT is a lot fainter than previously thought