Was reading this article from the latest SANS newsletter and it got me thinking. Is it possible to encapsulate (or hide) from the end user what you are doing within an application like Chrome, similar to what you can do with an AaaS/SaaS/Cloud/Whatever?

The concern is of course that people are slowly coming to understand and accept a lot of the principles around applications served up by the web such as Gmail, and slowly it appears as if people and corporations are starting to grow more at ease with Google and their techniques of encapsulation or “clouding”. I don’t think this principle applies to thick-client apps like Chrome. If Google are going to patch a number of undisclosed vulnerabilities in an open source app then I have concerns. (Is chrome open source? someone correct me if I’m wrong).

In fact, I think companies like Google would benefit from disclosing the inner workings of the cloud. Sure, a number of people don’t want or need to know what goes on, but I know that there are probably enough people out there that would want to know. I think as long as people don’t have to “worry” about what goes on in the cloud is more important than trying their hardest to leave everyone in the dark. I mean, sure, when I open up the bonnet of my car I have no idea what I’m looking at, but I would be much more concerned if there was no way for me to open the bonnet. Just imagine having no clue what was under the hood, is it full of elastic bands and plastic, or bees, or is it an empty cavity?

Technology is great. I mean look at the Internet and Space Stations and the LHC… and then we have electronic door locks. Don’t get me wrong, I think that electronic door locks are great, I mean inserting a key and turning it is for chumps and why would you do that when you can swipe your RFID card on a reader and *click* get into your house.

In a previous role I spent the majority of my time configuring and working on electronic access control systems, so I’m aware of how much physical and logical security have meshed together. Our security posture was fairly straight, we followed a number of principles such as defense in depth, secure defaults etc. One of the overriding principles we had was that of the air gap. That is, the system that controls those doors, does not come in contact with the Internet or any other networks that pose significant risk. So it doesn’t fill me with comfort when I read about new products like this.

Schlage LiNK deadbolts operate using keyless entry with four-digital access codes on an 11-digit keypad. The LiNK deadbolts can also be operated using Schlage’s LiNK Web portal, which employs Secure Sockets Layer (SSL) protection.

Schlage LiNK deadbolts leverage Z-Wave, a wireless home automation technology that helps to unify home electronics into a single integrated wireless network using Z-Wave accessory modules — everything from lighting to temperature control, pool systems and more.

Personally I would have some concerns about linking my front door to the Internet or a wireless network, but that’s probably just me and the security/risk hat I wear. What concerns me is the people doing the sales pitch for these sorts of devices would not be ensuring that the consumer is doing a risk assessment against their use, the only assessment the consumer has to do is “can I afford it?” or “how cool will I look when I can unlock my door from work for the plumber”.

Would the consumer be enquiring into the level of diligence that the producer had applied to ensuring the security of their locks and their web portal? Probably not. The sales pitch would probably go something like “Yes of course we are protected over the Internet, we utilise Secure Sockets. Yes their secure, those same sockets are the same that get used by your bank”.

For all the bleeding-edge customers of these locks their fortunate because the probability that someone wanting to get in their house without authorisation knows about the technology is low, so contact with an external threat source is also low. On the other hand, the probability that people with malicious intent will want to break into the web portal is probably quite high, not strictly because they want to break into the house, just because the portal is a juicy target. The impact of this event is potentially much larger though, because if the vulnerability of the portal is such that you can enumerate doors, it means you may be able to unlock a large number of doors. This isn’t taking into account how easy it is to phish users of their passwords and simply log into the portal as them, maybe it utilises some form of two-factor? In which case you may as well just give them a key.