Jim Reid <jim@rfc1035.com> wrote: >> MUD files can help to identify what’s a devices purpose and monitoring >> if >> the device is doing what it’s supposed to do. I agree that we should not >> have much hope that the device makers will do their job. > Indeed. However at least MUD files should (in principle anyway) give > people an idea of what their latest IoT toy will do once it’s plugged > in. Though just saying it phones home to google/Amazon/Facebook every > so often isn’t much help if you don’t know what it's sending and > receiving. Or why it’s doing that. I disagree.... please don't over-extend what this is designed to do! MUD files will not, even in principal, tell people what the device will do! It simply say, "will phone home to XYZ on port Q" (for various ways of expressing XYZ). {If IoT devices start doing DNS-over-HTTPS (to an HTTPS server other than the local one), then MUD files won't be able to express XYZ in terms of names, and will have to use fragile IP addresses, or in the case of big providers like Google, the list will either be very long or be useless. If the manufacturer is writing the MUD files (best case!), then the people writing the MUD file will poke the people deploying DNS-over-HTTPS, and there will be a conversation. Worst case, it's not the manufacturer writing the MUD file, and the end user will have decide to either carte-blance the device (very low bandwith caps become very useful here, I think), throw the device out, or perhaps someone will discover some intermediate state. (Like if you block DNS-over-HTTPS, it fails back to DNS, and you can observe it properly.)} The most useful thing about the MUD file, assuming it's not carte-blanche, is that it won't say: "let 100,000 pps to *.root-servers.net, port 53" > BTW, Jelte spoke about the SPIN project at the WG meeting in > Marseille. It was a revelation to see how much data was being sent > outside his home network from its IoT devices. [And on a related note, > why does my DVD player call the mothership and what data are being > exchanged?] It's not a DVD player. It's a Transformer Robot hiding in your house. > Michael’s idea of an IoT firewall would mean we can see > what’s going on. This sort of thing will be essential if the concept of > informed consent means anything. One of things we are dealing with at the technical level is getting the right counters into the forwarding plane so that we can count the right things. We think we have to switch from {ip,ip6,eb}tables to nftables, and we think that once we do, that we can get all the counters we want in the places we want, and we can avoid yanking the numbers out with awk. ps: I think that any IoT manufacturer who is smart enough to adopt DNS-over-HTTPS is probably going to be smart enough to give us a reasonable MUD file. It's the ones that slapped some arduino code on an ES8266 and shipped it that we should be worried about. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [