Hacker News new | ask | show | jobs
by deepsun 183 days ago
Well, how the vendor was going to apply other security updates if they cannot update their basic security trust store?

If the vendor is really unable to update, then it's at best negligence when designing the product, and at worst -- planned obsolescence.
2 comments
michaelt 182 days ago
1. Ship the product with automatic updates delivered over https

2. Product is a smart fridge or whatever, reasonable users might keep it offline for 5+ years.

3. New homeowner connects it to the internet.

4. Security update fails because the security update server's SSL cert isn't signed by a trusted root.

link
array_key_first 182 days ago
The real solution is making your shit modifiable by the client.

We do car recalls all the time. Just send out an email or something with instructions of what to put on a USB, it's basically the same thing.

Yes it's inconvenient for consumers and annoying but the alternative is worse. Essentially hard coding certificates was always a bad idea.

link
lokar 183 days ago
Yeah, participation in web tls requires the ability to regularly update your server and client code.

Nothing stays the same forever, software is never done. It’s absurd pretend otherwise.

link