|
|
|
|
|
|
by aeronautic
3316 days ago
|
|
|
Very good point. Even requiring the user to specify a maintenance window can ruin the experience. Some patches should be able to be made "hot", but that takes extra ram which is often squeezed to a premium in a device. I would recommend: - We not put devices on the internet that do not have a core, hard requirement to be on the internet. This rules out toothbrushes, toilets, pillows etc. - Devices do not open listening ports and only connect out. This eliminates a whole class of shodan visible attacks. - Devices give users some option of when an update is required and when the user can apply it. If the device can be managed via a HomeKit or Phone UI - these options can be made pretty usable. Alternatively a yellow light on the front of the device if suitable to indicate an update is available. Regardless, the current path of listening devices on the internet and not being patched is untenable. |
|
|