Someone asked last weekend what things we can do to effectively secure IoT/Cloud: 1.) auto update 2.) sandbox runtime But mostly #1
-
-
@slightlylate and when people squawk that it would cost more, you answer "compared to what?" -
@scottjenson: i literally got the "but you don't understand, some of these things only have kilobytes of ram, they cant do crypto!" argument - 3 more replies
New conversation -
-
-
@slightlylate Speaking from the other side though there'd have to be limits. People keep using medical devices decades after release… -
@Feneric : that's fine! Those devices should never connect to public networks, though. - 10 more replies
New conversation -
-
-
@slightlylate still need layers of defenses. Companies go out of business but devices continue. Going to be complicated -
@patmeenan:@lcamtuf made the modest proposal of auto-disconnection from networks of unpatched devices. Seems reasonable to me. - 3 more replies
New conversation -
-
-
@slightlylate better way is to just make vendors liable for security breaches due to outdated software. Let em figure out how -
@aboodman: true; "regulate the outcome not the mechanism" is good policy advice
End of conversation
New conversation -
-
-
@slightlylate in space for updates you'd also factor in the growth in size of firmware itself, based on average device lifetime -
@slightlylate I guess that would force vendors to calculate (and disclose) the lifetime - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.