We Need to Save the Internet From the Internet of Things
What was new about the Krebs attack was both the massive scale and the particular devices the attackers recruited. Instead of using traditional computers for their botnet, they used CCTV cameras, digital video recorders, home routers, and other embedded computers attached to the internet as part of the Internet of Things.
Much has been written about how the IoT is wildly insecure. In fact, the software used to attack Krebs was simple and amateurish. What this attack demonstrates is that the economics of the IoT mean that it will remain insecure unless government steps in to fix the problem. This is a market failure that can’t get fixed on its own.
Update (2016-11-07): Jean-Louis Gassée:
A side effect of the smartphone revolution is the emergence of a rich — but cheap — ecosystem of building block modules. Unfortunately, these modules are very insecure and, when assembled into a quick and inexpensive device, they can cause serious trouble. They already have.