|
|
|
|
|
|
by michaelt
194 days ago
|
|
|
1. Ship the product with automatic updates delivered over https 2. Product is a smart fridge or whatever, reasonable users might keep it offline for 5+ years. 3. New homeowner connects it to the internet. 4. Security update fails because the security update server's SSL cert isn't signed by a trusted root. |
|
|
We do car recalls all the time. Just send out an email or something with instructions of what to put on a USB, it's basically the same thing.
Yes it's inconvenient for consumers and annoying but the alternative is worse. Essentially hard coding certificates was always a bad idea.