The Security On Most Devices Is S**t

-
This isn’t just IoT, it is pretty much any device in my house, and quite probably most in the office too. Think of it this way
  1. 1. The default software they are shipped with will have some security holes in it.
  2. 2. Even when they patch (“some of”? “most of”? definitely not “all of”!) these devices, there will still be unpatched devices in the Amazon warehouse. Which one did you get? How would you even know?
  3. 3. Assuming you do know that you got an unpatched device, did you actually get the correct patch/revision to update it? And what about future patches?
  4. 4. Auto-update? WTF even is that? And even if you do know what it is, do you trust it to work?
  5. 5. So you do trust it — are they updating on a regular schedule? Seriously, most phone manufacturers can’t even be bothered to update any phone more than a year old, and let’s not even get started on your cable modem/router…
And all this is assuming that you have good security practices. Which you probably do, unlike all the ∞ other people (not you!) whose password is “password123😆
Me, I just assume that pretty much any “tech appliance” is unto swiss-cheese, and filled with holes. Frankly, it’s probably just easier to make a list of the devices that actually might be secure.
Here you go — []

Comments

Post a Comment

Popular posts from this blog

Cannonball Tree!

-
Image
Spotted this one just outside the Ravindra Kalakshetra in Bangalore .  Its called the Cannonball Tree , but is - technically (i.e., in Latin, if thats your metier) - Couroupita Guianensis , or ನಾಗಲಿಂಗ ಪುಷ್ಪಾ  in Kannada. The fruits look like Cannonballs (well, d-uh), and the flowers are really quite amazing, and pretty ludicrously distinctive...
Read more

Erlang, Binaries, and Garbage Collection (Sigh)

-
Image
The nice thing about garbage-collection is that it is makes memory management absolutely transparent to you Of course, the above is true right up to the point when it stops being transparent, at which point it does a phase change from nice to clusterf**k of biblical proportions .  There are entire posts, books, and suicide notes that have been written about this, and I have no great desire to add to them, save with the minor comment that paranoia about garbage-collection is still justified , albeit only in the edge-cases for most people. That said, I'll give you that Erlang GC is in many ways much, much better positioned in this regard than, oh, Java, but it still rears up and bites you in the butt when you least expect it. ( More information about Erlang's GC vis-a-vis Java here , and Jesper's truly excellent description of Erlang's GC here ).  A story from the past should serve to illustrate this. Once upon a time, in a magical land far far away - well, Her
Read more

Visualizing Prime Numbers

-
Image
From Jason Davies , we have El Patron de Los Primos , probably one of the coolest prime number visualizer that I've seen.  For every Natural number, he draws a periodic curve that intersects at that number and each of its multiples.  Needless to say, prime numbers are touched by only two curves (itself and 1 ). You can scroll to the right, and move up the prime food change. (The image above is a screen grab.  Go here to see the actual thing)
Read more