Richard Marshall, on behalf of the IoT Security Foundation, was asked to take a look at the investigations into Nomx’s claims of ‘Absolute Security’ for it’s email and messaging product product. You can find here what he had to say from a IoT perspective on how the public information relates to the work of the IoT Security Foundation:
One of his observations includes a reference for the need for a secure software update mechanism:
“Without a secure method to update software, it is not only possible to execute an unauthorised or potentially malicious software update, but it may also make it difficult to subsequently upgrade the software to close identified security vulnerabilities once compromised.”
You can find below links to the BBC Click video and Scott Helme’s findings.