[jasonjei]

> I'm afraid I don't see the connection between the decision not to implement encryption and the presence of death causing defects.

That's fine. Everyone is entitled to his/her opinion. I view the failure to implement encryption as a fatal error and an indication the code audit hasn't been thorough. Given that this is a telesurgery product, I'm quite confident encryption, trust, and authenticity are central to safe medical procedures carried over network. Otherwise, why would we bother with TLS when we access our online banking?

I'm just not confident I would want to undergo a surgery with a telesurgery robot with the "decision not to implement encryption."

[jauer]

We bother with TLS for accessing online banking because we don't manually build site-to-site VPNs between our house and our bank, unlike hospitals which have dedicated IT staff, a ton of security appliances of all types and, if they are in the same metro, often have dedicated waves or dark fiber between them.

[jasonjei]

The very problems that plague the unprotected networks to the site-to-site VPNs are the same: all it takes is one piece of malware. In fact, the complacency is the alarm. Just because you are in a "protected" network doesn't mean there aren't bad actors. The bad actors can get in, all they need is to find where your walls have a crack. There's a reason we call it Computer Insecurity.