nanog mailing list archives
Re: IoT security
From: Damian Menscher <menscher () gmail com>
Date: Wed, 8 Feb 2017 08:30:15 -0800
On Wed, Feb 8, 2017 at 7:22 AM, William Herrin <bill () herrin us> wrote:
On Wed, Feb 8, 2017 at 10:12 AM, Rich Kulawiec <rsk () gsp org> wrote:In a better world, vendors would be far more responsible, professional, and ethical. But we don't live in that world. We live in one where they will happily dump toxic waste on the Internet as fast as they can shovel it -- as long as it's not their problem. We need to make it their problem.How?
The devices are trivially compromised (just log in with the default root password). So here's a modest proposal: log in as root and brick the device. This will encourage the consumer to seek a solution. When 100k consumers all discover their devices broke at the same time, they'll file a class-action lawsuit against the manufacturer, or at least never buy from them again. Market forces then solve the problem naturally, both for that manufacturer and for others who don't want the same fate. I realize there are drawbacks (including legal implications) to this method (which is why I'm posting from a personal, not work, account). But I challenge anyone to propose another solution that will work as well. Most other proposals I've heard depend on individual ISPs to take action, or governments to regulate devices and hope that foreign manufacturers care, or .... Damian
Current thread:
- Re: IoT security, (continued)
- Re: IoT security Rich Kulawiec (Feb 07)
- Re: IoT security William Herrin (Feb 07)
- Re: IoT security Tom Beecher (Feb 07)
- Re: IoT security William Herrin (Feb 07)
- Re: IoT security Rich Kulawiec (Feb 07)
- Re: IoT security Randy Bush (Feb 07)
- Re: IoT security Richard (Feb 07)
- Re: IoT security Ed Lopez (Feb 08)
- Re: IoT security Rich Kulawiec (Feb 08)
- Re: IoT security William Herrin (Feb 08)
- Re: IoT security Damian Menscher (Feb 08)
- Re: IoT security William Herrin (Feb 08)
- Re: IoT security Carl Byington (Feb 08)
- Re: IoT security clinton mielke (Feb 08)
- Re: IoT security valdis . kletnieks (Feb 08)
- Re: IoT security clinton mielke (Feb 08)
- Re: IoT security valdis . kletnieks (Feb 09)
- Re: IoT security clinton mielke (Feb 09)
- Re: IoT security William Herrin (Feb 07)
- Re: IoT security Rich Kulawiec (Feb 07)
- Re: IoT security Marco Slater (Feb 10)
- Re: IoT security clinton mielke (Feb 10)
- Re: IoT security clinton mielke (Feb 10)