HI version is available. Content is displayed in original English for accuracy.
Advertisement
Advertisement
⚡ Community Insights
Discussion Sentiment
50% Positive
Analyzed from 132 words in the discussion.
Trending Topics
#security#consumers#firmware#words#training#product#few#devices#permission#aware

Discussion (2 Comments)Read Original on HackerNews
'Guinea pigs' in this case were company employees, who at least gave permission to be recorded. And aware of that.
Consumers often don't give such permission (or are tricked into that), may not be aware of a device's capabilities, and post-sale firmware security is often weak to non-existent. That is the bigger risk.
I don't understand why so many devices 'need' 24/7 internet connectivity. In this example: do the training. Product works? Ship to consumers with connectivity disabled. Updated firmware available? Plug in USB stick a few times a year. Or have consumer push a "connect" service button, device downloads new firmware & disconnects. Why provide a 24/7 playground for hackers/bots etc?
Yeah I know companies selling these things have many reasons. But security-wise it makes no sense.
I can only imagine what it’s like now.