[192356] in North American Network Operators' Group
Re: Spitballing IoT Security
daemon@ATHENA.MIT.EDU (Jean-Francois Mezei)
Wed Oct 26 17:10:48 2016
X-Original-To: nanog@nanog.org
To: nanog@nanog.org
From: Jean-Francois Mezei <jfmezei_nanog@vaxination.ca>
Date: Wed, 26 Oct 2016 17:10:44 -0400
In-Reply-To: <20161026205800.7188D57B29B8@rock.dv.isc.org>
Errors-To: nanog-bounces@nanog.org
On 2016-10-26 16:58, Mark Andrews wrote:
>
> Actually things have changed a lot in a positive direction.
>
> * Router manufactures are using device specific passwords.
> * Microsoft, Apple, Linux and *BSD issue regular fixes for their
> products and users do intall them.
> * My smart TV has automatic updates available and turned on.
> * Other products do the same.
My smart TV not only hasn't gotten updates in years, but Sharp has
stopped selling TVs in Canada. (not sure if they still sell TVs elsewhere).
When manufacturers provide a 2 year support on a device that will last
10 years, it is a problem which is why they really need to get it right
when product is released and not rely on patches.
With regards to liability. Good luck suing a chinese outfit that no
longer exists.
And pray tell, who gets to pay the millions of dollars of lawyer fees it
will cost to sue that bankrupt company with no money ?
