Uh, no one has a billion IoT devices. Most IoT "clouds" are a couple of servers in China. The point is there is no difference between "IoT" and your Linux computer. Most "IoT" things are just Linux computers.
So Dell is liable because your Dell computer got infected and is part of a botnet? It only makes sense to you because you are an idiot. There is no difference between an "IOT device" and a Linux or Windows computer you install software on.
"They simply have no way to enforce this even if they wanted to."
Um, sure they can. Corporate networks already do this.
"All we are saying is that those organizations should also do security testing as well"
So some national testing organization is going to test every device that connect to the Internet? And then the device cannot run new software (after all, new software may make it insecure). Really I have a hard time believing people are so stupid here.
There is no "IoT cloud backends". They are just server computers like any other cloud. There is no difference between an "IoT" device and your computer.
Exactly. Unfortunately people here are too shortsighted to recognize this. There is no difference between "IoT" devices and their laptop from a network perspective.
You can "legislate it" if Verizon/Comcast/ATT all required that only "approved" devices are allowed on their network. Most corporations do that already for their internal networks (if they are concerned about security). You don't think that can happen? It will eventually. It sounds like most people here are OK with it too.
Requirements aren't only the domain of governments. So the next step is that every device that connects to Comcasts network must be approved by this "organization similar to the UL", or they won't allow it on. And you can't make any unapproved changes to that device, because any change might make it insecure. It is only logical after all. Are you guys really that dense? What do you think is happening here? At some point you will be only allowed to use a locked down computer running pre-approved software running in the cloud. Don't think it will happen? That is the logical conclusion to this madness.
I guess you don't get it. The idea is to increase the security of "IoT" devices by requiring approval from some agency before the device could be sol and connected to the Internet.. How would you do that? You would need to certify the hardware and the software of the device and make sure it is locked down so no modifications could be made to the device to make it insecure. What is an "IoT" device? It is a computer. You figure out the rest.
"The problem isn't the software so much"
Wrong. The problem IS THE SOFTWARE. That is what is insecure. Think about it. If you needed to prove that a system is secure you would need to certify the SOFTWARE AND HARDWARE. And you wouldn't allow new software would be installed, unless THAT was approved as well. Otherwise the system wouldn't be secure. It is really sad people are ready to trade "safety" for a walled garden. But I guess that why Apple is the richest corporation in history.
So ever computer/device for sale in the United States that is to be connected to the Internet MUST run only pre-approved software? Think about it guys: this would be the end of personal computing. I guess people don't care at this point though.
"as in requiring a nontrivial admin password be set, that they not be susceptible to 'trivial' attacks, and that they be manageable by owners to reestablish control"
So everyone who creates software would now need to be able to prove that to a governmental agency? Or you wouldn't allow software to be installed on Internet-connected devices unless it was pre-approved? So you couldn't attach your Linux computer (or Windows or Mac) or phone or whatever to the Internet unless it was running this pre-approved software? Think about it. An "IoT" device is just a computer running software.
So you are ready to make sure that EVERY software package you put on YOUR COMPUTER OR DEVICE is pre-approved by some agency? Because that is what would be required. I'm just making sure you guys are OK with that. It sounds like you are. So it is the end of personal computing as we know it.
It is the first step. Every computer/device would now need to be pre-approved by some agency/consortium before being allowed to be put on the Internet. You would need to approve the software too of course, all of it. Because software is what is the issue, not the hardware. Are you guys not thinking clearly here? This is the intent, and this is the future. So long to the personal computer!
And THAT is the engame here: only locked down, pre-approved devices will be allowed to be connected to the Internet. I said that was going to happen 10 years ago, but it sounds like people are OK with it now.
So every device that connects to the Internet would need to pre-approved by a group founded by Google, Amazon and Comcast? And you think this is a good idea?
So basically every device you connect to the Internet would need to be pre-approved by this new non-governmental agency. Even things you built yourself. So where this is headed?
I warned everyone years ago that we were coming to a time when only GOVERNMENT APPROVED devices would be allowed to connect to the Internet. Everyone scoffed, but this is the first step. Truly the end of personal computing is coming, fast.
"Civic" doesn't mean "civil". A "civic society" is one that represents local values and culture.
When is the last time the British Navy fired an anti-ship missile from a ship? Almost 40 years? Seriously.
Uh, no one has a billion IoT devices. Most IoT "clouds" are a couple of servers in China. The point is there is no difference between "IoT" and your Linux computer. Most "IoT" things are just Linux computers.
So Dell is liable because your Dell computer got infected and is part of a botnet? It only makes sense to you because you are an idiot. There is no difference between an "IOT device" and a Linux or Windows computer you install software on.
"They simply have no way to enforce this even if they wanted to." Um, sure they can. Corporate networks already do this.
"All we are saying is that those organizations should also do security testing as well"
So some national testing organization is going to test every device that connect to the Internet? And then the device cannot run new software (after all, new software may make it insecure). Really I have a hard time believing people are so stupid here.
There is no "IoT cloud backends". They are just server computers like any other cloud. There is no difference between an "IoT" device and your computer.
Exactly. Unfortunately people here are too shortsighted to recognize this. There is no difference between "IoT" devices and their laptop from a network perspective.
Famous last words. Oh by the way, 3 strikes is already in place (6 strikes in the US) and being enforced. What an idiot.
You can "legislate it" if Verizon/Comcast/ATT all required that only "approved" devices are allowed on their network. Most corporations do that already for their internal networks (if they are concerned about security). You don't think that can happen? It will eventually. It sounds like most people here are OK with it too.
Requirements aren't only the domain of governments. So the next step is that every device that connects to Comcasts network must be approved by this "organization similar to the UL", or they won't allow it on. And you can't make any unapproved changes to that device, because any change might make it insecure. It is only logical after all. Are you guys really that dense? What do you think is happening here? At some point you will be only allowed to use a locked down computer running pre-approved software running in the cloud. Don't think it will happen? That is the logical conclusion to this madness.
I guess you don't get it. The idea is to increase the security of "IoT" devices by requiring approval from some agency before the device could be sol and connected to the Internet.. How would you do that? You would need to certify the hardware and the software of the device and make sure it is locked down so no modifications could be made to the device to make it insecure. What is an "IoT" device? It is a computer. You figure out the rest.
100% correct! Someone gets it...
"The problem isn't the software so much"
Wrong. The problem IS THE SOFTWARE. That is what is insecure. Think about it. If you needed to prove that a system is secure you would need to certify the SOFTWARE AND HARDWARE. And you wouldn't allow new software would be installed, unless THAT was approved as well. Otherwise the system wouldn't be secure. It is really sad people are ready to trade "safety" for a walled garden. But I guess that why Apple is the richest corporation in history.
So ever computer/device for sale in the United States that is to be connected to the Internet MUST run only pre-approved software? Think about it guys: this would be the end of personal computing. I guess people don't care at this point though.
"as in requiring a nontrivial admin password be set, that they not be susceptible to 'trivial' attacks, and that they be manageable by owners to reestablish control"
So everyone who creates software would now need to be able to prove that to a governmental agency? Or you wouldn't allow software to be installed on Internet-connected devices unless it was pre-approved? So you couldn't attach your Linux computer (or Windows or Mac) or phone or whatever to the Internet unless it was running this pre-approved software? Think about it. An "IoT" device is just a computer running software.
What is the difference between an IoT device and a Linux computer connected to the Internet? Nothing. You guys aren't thinking clearly.
So you are ready to make sure that EVERY software package you put on YOUR COMPUTER OR DEVICE is pre-approved by some agency? Because that is what would be required. I'm just making sure you guys are OK with that. It sounds like you are. So it is the end of personal computing as we know it.
It is the first step. Every computer/device would now need to be pre-approved by some agency/consortium before being allowed to be put on the Internet. You would need to approve the software too of course, all of it. Because software is what is the issue, not the hardware. Are you guys not thinking clearly here? This is the intent, and this is the future. So long to the personal computer!
100% correct. But that is where we are headed. Enjoy your locked down Internet, people! You deserve it.
And THAT is the engame here: only locked down, pre-approved devices will be allowed to be connected to the Internet. I said that was going to happen 10 years ago, but it sounds like people are OK with it now.
So every device that connects to the Internet would need to pre-approved by a group founded by Google, Amazon and Comcast? And you think this is a good idea?
So basically every device you connect to the Internet would need to be pre-approved by this new non-governmental agency. Even things you built yourself. So where this is headed?
That is why I combine "Deep Learning" with it. Deep learning makes everything possible.
I warned everyone years ago that we were coming to a time when only GOVERNMENT APPROVED devices would be allowed to connect to the Internet. Everyone scoffed, but this is the first step. Truly the end of personal computing is coming, fast.
This can be used for bitcoin mining and "deep learning" or possibly "deep learning about bitcoin mining". All I need is some VC backing.