Reply to post: Re: Make secure the default state

No wonder we're being hit by Internet of Things botnets. Ever tried patching a Thing?

fidodogbreath Silver badge

Re: Make secure the default state

Installation processes should establish a non-default password unique to the owner.

So, your grandma is supposed to create unique, complex passwords for her fridge, washer, dryer, toaster, and each individual light bulb? Good luck with those tech support calls. "(sigh) No, grandma, we've been over this. The password for your night light is qZm~7*#dHwU_a. Don't use 0%3Y7_bX-lJr5^, that's for the meat thermometer."

Features that impact privacy should be clearly presented so the owner can make an informed decision whether to use the feature. [...] Features that involve significant safety or privacy risk should be properly isolated from Internet access.

Those features do not exist to benefit the device owner. They exist to collect data which will be monetized by the manufacturer. As long as that's the IOT business model, the only time "informed consent" will occur is the purchase decision.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021