[191926] in North American Network Operators' Group
Re: Legislative proposal sent to my Congressman
daemon@ATHENA.MIT.EDU (John R. Levine)
Mon Oct 3 21:35:39 2016
X-Original-To: nanog@nanog.org
Date: 3 Oct 2016 17:14:07 -0400
From: "John R. Levine" <johnl@iecc.com>
To: "Lyndon Nerenberg" <lyndon@orthanc.ca>
In-Reply-To: <alpine.BSF.2.20.1610031406090.94184@orthanc.ca>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
>> This is where device profiles could help. If enough devices register
>> profiles with the local router, at some point the router's default
>> could be closed, so devices with no profile can't talk to the outside.
>
> That would be nice, but a manufacturer who can't be bothered to take even the
> most basic security precautions certainly isn't going to implement this,
> either.
They will if the routers start rejecting their traffic.
> The only cure to this will be changing the law so that the directors of the
> companies that ship massively insecure devices like these are personally
> liable for all the financial loss attributed to their products. Bankrupt a
> few companies' board of directors and you'll start seeing things change in a
> hurry.
Good luck with that.
R's,
John
