Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] seminar Thursday June 26: Jim Gettys on "(In)Security in Home Embedded Devices"

Jim Gettys has given talks locally for BBLISA (on bufferbloat) and IoT
Fest (same topic as below), and usually has good content.


-------- Original Message --------
Subject: [GBC-ACM] upcoming seminar Thursday June 26: Jim Gettys on
"(In)Security in Home Embedded Devices"
Date: Mon, 23 Jun 2014 20:52:32 -0400
From: Peter Mager


IEEE Computer Society and GBC/ACM

7:00 PM, Thursday, 26 June 2014

MIT Room E51-325

(In)Security in Home Embedded Devices

Jim Gettys

We now wander in Best Buy, Lowes and on Amazon and buy all sorts of
devices from thermostats, hi-fi gear, tablets, phones, and laptops or
desktops as well as home routers to build our home networks. Most of
these we plug in and forget about. But should we?

"Familiarity Breeds Contempt: The Honeymoon Effect and the Role of
Legacy Code in Zero-Day Vulnerabilities", by Clark, Fry, Blaze and Smith
makes clear that ignoring these devices is foolhardy; unmaintained
systems become more vulnerable, with time.

Structural issues in the market make the situation yet worse, as pointed
out in Bruce Schneier's Wired editorial in January: "The Internet of
Things Is Wildly Insecure And Often Unpatchable", which I instigated and
fed Bruce the ammunition. "Binary blobs" used in these systems have the
net effect of "freezing" software versions, often on many year old
versions of system software. Even if update streams are available (which
they seldom are), blobs may make it impossible to update to versions
free of a vulnerability.

There are immediate actions you can personally take, e.g. by running
open source router firmware in your network, but fixing this problem
generically will take many years, as it involves fundamental changes and
an attitude change in how we develop and maintain embedded systems, and
hardest, changes in business models to enable long term support of
popular hardware.

About Jim

Jim Gettys is an American computer programmer. He coined the term
"bufferbloat" and has organized efforts to combat it in the Internet
(see, and has been working on home routers. He was
the Vice President of Software at the One Laptop per Child project,
working on the software for the OLPC XO-1. He is one of the original
developers of the X Window System at MIT and worked on it again with
X.Org, where he served on the board of directors. He previously served
on the GNOME foundation board of directors. He worked at the World Wide
Web Consortium (W3C) and was the editor of the HTTP/1.1 specification in
the Internet Engineering Task Force through draft standard. Gettys
helped establish the community, from which the development
of Linux on handheld devices can be traced.

This joint meeting of the Boston Chapter of the IEEE Computer Society
and GBC/ACM will be held in MIT Room E51-325.  E51 is the Tang Center on
the corner of Wadsworth and Amherst Sts and Memorial Dr.; it's mostly
used by the Sloan School. You can see it on this map of the MIT campus.
Room 325 is on the 3rd floor.

Up-to-date information about this and other talks is available online at You can sign up to receive
updated status information about this talk and informational emails
about future talks at,
our self-administered mailing list.

We  will be taking Jim out  for a light dinner at Westbridge after the
meeting at around 9 pm.  Please rsvp to p.mager at if you
want to join us so we can make the appropriate reservation.
There are still places available at the gbc/acm R seminar
<> on Saturday.  Use the
discount code BIGDATA for $100 off the registration fee if you decide to go.
To subscribe or unsubscribe to this list via the web, go to
or see the List headers at the top of this message to do so by E-Mail.

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /