Krebs <3's The IoT
-
-
And what the manufacturers will all miss is that their shitting device security or crappy code was the cause of it all.
Because all the headlines just talk about Akami dropping a blogger it it is mentioned at all.
-
He wasnt paying, so they dropped him since it affected the performance of their network.
-
@Texkonc said in Krebs <3's The IoT:
He wasnt paying, so they dropped him since it affected the performance of their network.
Yeah read that last night as well. Pretty awesome that they did host him for free tbh.
-
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
-
@Dashrender said in Krebs <3's The IoT:
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
Unfortunately, you are right.
-
@Dashrender said in Krebs <3's The IoT:
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
It's sad how the IoT never thought of true security and many companies still probably aren't...
-
@zuphzuph said in Krebs <3's The IoT:
@Dashrender said in Krebs <3's The IoT:
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
It's sad how the IoT never thought of true security and many companies still probably aren't...
The fact that a FitBit can be hacked and then used in this way floors me. Doesn't surprise me, but just.... damn..
-
@zuphzuph said in Krebs <3's The IoT:
@Dashrender said in Krebs <3's The IoT:
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
It's sad how the IoT never thought of true security and many companies still probably aren't...
It's not that IoT makers don't think of it, it's that their customers won't pay for it. Customers drive demand.
-
@scottalanmiller said in Krebs <3's The IoT:
@zuphzuph said in Krebs <3's The IoT:
@Dashrender said in Krebs <3's The IoT:
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
It's sad how the IoT never thought of true security and many companies still probably aren't...
It's not that IoT makers don't think of it, it's that their customers won't pay for it. Customers drive demand.
Bullshit. Customer consume. Consumers are not supposed to have technical knowledge to even be able to make this kind of informed decision, let alone the technical knowledge to test it.
-
@JaredBusch said in Krebs <3's The IoT:
@scottalanmiller said in Krebs <3's The IoT:
@zuphzuph said in Krebs <3's The IoT:
@Dashrender said in Krebs <3's The IoT:
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
It's sad how the IoT never thought of true security and many companies still probably aren't...
It's not that IoT makers don't think of it, it's that their customers won't pay for it. Customers drive demand.
Bullshit. Customer consume. Consumers are not supposed to have technical knowledge to even be able to make this kind of informed decision, let alone the technical knowledge to test it.
That's not how it works. That's why car makers advertise safety features - because consumers make decisions on how much safety matters to them. It's why people install their own door locks. It's why you select and buy a security system. It's why you install your own security cameras.
Consumers just consuming are still accountable for the ramifications of their decisions. Are there secure IoT products on the market? Yes. Are people buying cheaper stuff because they don't care? Yes.
It is never the manufacturer's fault for making what customers demand, unless what they make is illegal. If security was a value-add, manufacturers would be all over it to make more money. But security cost money to include and customers aren't willing to pay more. The result is a forced situation where makers cutting corners win the market.
Unless you change consumers, manufacturers really have no choice. The cheaper to make product will command the market.
-
@scottalanmiller said in Krebs <3's The IoT:
@JaredBusch said in Krebs <3's The IoT:
@scottalanmiller said in Krebs <3's The IoT:
@zuphzuph said in Krebs <3's The IoT:
@Dashrender said in Krebs <3's The IoT:
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
It's sad how the IoT never thought of true security and many companies still probably aren't...
It's not that IoT makers don't think of it, it's that their customers won't pay for it. Customers drive demand.
Bullshit. Customer consume. Consumers are not supposed to have technical knowledge to even be able to make this kind of informed decision, let alone the technical knowledge to test it.
That's not how it works. That's why car makers advertise safety features - because consumers make decisions on how much safety matters to them. It's why people install their own door locks. It's why you select and buy a security system. It's why you install your own security cameras.
This reinforces my point. Consumers cannot make this decision. This is not comparable to a simply to understand thing like a security system. Consumers have to be able to understand to make the decision. At this point in the knowledge level of consumers regarding IoT, there is no ability to know anything. This means it was all simply the manufacturers choice to create a shit product because it was cheaper. Not because it is what the consumers demanded.
Your examples of auto safety features is a good reinforcement also. People did not buy for safety features until the government started mandating safety safety features and causing the consumers to get educated on the subject.
-
-
@JaredBusch said in Krebs <3's The IoT:
@scottalanmiller said in Krebs <3's The IoT:
@JaredBusch said in Krebs <3's The IoT:
@scottalanmiller said in Krebs <3's The IoT:
@zuphzuph said in Krebs <3's The IoT:
@Dashrender said in Krebs <3's The IoT:
wow, how much of the internet as a whole is affected by these attacks? The potential to bring it all down seems pretty high.
It's sad how the IoT never thought of true security and many companies still probably aren't...
It's not that IoT makers don't think of it, it's that their customers won't pay for it. Customers drive demand.
Bullshit. Customer consume. Consumers are not supposed to have technical knowledge to even be able to make this kind of informed decision, let alone the technical knowledge to test it.
That's not how it works. That's why car makers advertise safety features - because consumers make decisions on how much safety matters to them. It's why people install their own door locks. It's why you select and buy a security system. It's why you install your own security cameras.
This reinforces my point. Consumers cannot make this decision. This is not comparable to a simply to understand thing like a security system. Consumers have to be able to understand to make the decision. At this point in the knowledge level of consumers regarding IoT, there is no ability to know anything. This means it was all simply the manufacturers choice to create a shit product because it was cheaper. Not because it is what the consumers demanded.
Your examples of auto safety features is a good reinforcement also. People did not buy for safety features until the government started mandating safety safety features and causing the consumers to get educated on the subject.
But they do, car makers advertised that stuff and high end ones like Volvo made their market based on that.
If consumers won't do what is necessary, the government has to step in and mandate it because the manufactures can't do it because all it takes is one cutting corners to kill the market for those that do not. It's fine to say that consumers are too negligent or ignorant or uncaring to do what is right here.... but that doesn't shit blame to the makers, it shifts it to the government.
-
@scottalanmiller said in Krebs <3's The IoT:
. but that doesn't shit blame to the makers, it shifts it to the government.
Whoops
-
Interesting - The challenge is making people care.
Frankly I don't understand why the government got involved in forcing auto makers to make safer cars? Was it advocacy groups putting pressure on the government to make laws because the people clearly didn't care enough to demand it themselves?
With regards to IOT things now, we're definitely in a 'for the betterment of man' situation. I guess it's time for Uncle SAM to step up and mandate better security. Of course, that just brings it's own issues.
-
@Dashrender said in Krebs <3's The IoT:
Interesting - The challenge is making people care.
Frankly I don't understand why the government got involved in forcing auto makers to make safer cars? Was it advocacy groups putting pressure on the government to make laws because the people clearly didn't care enough to demand it themselves?
It was probably health insurers.
-
@scottalanmiller said in Krebs <3's The IoT:
@Dashrender said in Krebs <3's The IoT:
Interesting - The challenge is making people care.
Frankly I don't understand why the government got involved in forcing auto makers to make safer cars? Was it advocacy groups putting pressure on the government to make laws because the people clearly didn't care enough to demand it themselves?
It was probably health insurers.
Exactly my point @scottalanmiller. It was never the consumers until something else forced it.
Volvo super markets safety now. They did not always.
-
@Dashrender said in Krebs <3's The IoT:
With regards to IOT things now, we're definitely in a 'for the betterment of man' situation. I guess it's time for Uncle SAM to step up and mandate better security. Of course, that just brings it's own issues.
Yes, LOTS of issues. Like determining what is IoT and what is not. Determining when a device should be regulated. Determining what security regulation looks like. How do you make a regulation that actually makes things secure without accidentally making them insecure, etc.
Realistically, the best option might just be holding people accountable for breaches caused by lax security.
-
@JaredBusch said in Krebs <3's The IoT:
@scottalanmiller said in Krebs <3's The IoT:
@Dashrender said in Krebs <3's The IoT:
Interesting - The challenge is making people care.
Frankly I don't understand why the government got involved in forcing auto makers to make safer cars? Was it advocacy groups putting pressure on the government to make laws because the people clearly didn't care enough to demand it themselves?
It was probably health insurers.
Exactly my point @scottalanmiller. It was never the consumers until something else forced it.
Volvo super markets safety now. They did not always.
THere is some from the consumer side. We look at safety differences when buying cars. Mostly because we have kids, I didnt care much when it was just me. But safer cars get more attention from some part of the market.
